How A 22-Year-Old English Surfer Stopped The World’s Biggest Cyber Attack

Picture this: You get out from a long session, flip open your laptop and breeze through any news you might have missed. Immediately, you see that almost all the hospitals in your home country are down as a result of a malicious cyber attack. While doctors are scrambling to keep patients alive and national security services are looking for answers, you shrug, take a sip of your coffee, tap the right keys, fix the problem and resume your personal interests 

Sounds like a movie tailored towards millennials, right? Weirdly, it’s not. Last week, a global cyber attack affected computer equipment in 100 countries across the world. And while many systems were scourged, the most concerning was the National Health Services’ (NHS) systems in England and Scotland.

In between stopping massive, worldwide cyber attacks, this is what Malware Tech thinks about… the surf at home. Relatable? Somewhat.

Operations were cancelled, ambulances were diverted and documents such as patient records were made unavailable. Doctors couldn’t get ahold of blood results or radiology images and were forced to turn away major trauma and stroke patients. Everything went dark. 

Had it not been for the efforts of a 22-year-old Newquay surfer, it would have remained that way. While the National Cyber Security Centre was looking for a solution to fix the tens of thousands of computers with blue error screens, the surfer, who wishes to remain anonymous, took just a few hours to find a critical weakness in the ransomware to stop it from spreading any further. 

Funny how worldwide operating system outages and frustrating surf conditions can cause equal amounts of anxiety for some people.

“I was out having lunch with a friend and got back about 3pm and saw an influx of news articles about the NHS and various UK organisations being hit,” he told The Guardian. “I had a bit of a look into it and then I found a sample of the malware behind it, and saw that it was connecting out to a specific domain, which was not registered. So I picked it up not knowing what it did at the time.”

Now, ransomware is a type of malware (software which is specifically designed to disrupt, damage or gain authorised access to a computer system) that encrypts user data. Then demands payment in exchange for unlocking said data. 

What does our protagonist think about between codes and stopping malware from spreading? Surfing Nazaré, apparently.

In this particular attack, users were demanded to pay $300 worth of the cryptocurrency, Bitcoin, to retrieve their files, per system. An amount equivalent to around AUD$727,705. On top of those demands, warnings that the payment would be raised after a certain amount of time flashed as well. It specifically targeted computers running Windows XP operating systems, which many NHS entities use. 

“I will confess that I was unaware registering the domain would stop the malware until after I registered it, so initially it was accidental,” he continued. “So now I can add ‘accidentally stopped an international cyber attack’ to my resume.”

He just stopped a global tech crises, can someone buy this man a wetsuit?

Just a happy little accident (that makes two Bob Ross references in a week now). A positive brush with chance that potentially saved lives.

Now, when he’s not stopping global cyber assaults, Malware Tech (his Twitter name, and what he’s been referred to since making headlines), is usually tweeting various pictures of the surf along the Devon coast (as can be seen above). And judging off his Twitter, it looks like he kinda charges. As he normally shares photos himself running out to well-overhead, stormy UK surf.

He even put up a Francisco Porcella Nazaré video with the caption: “This place is definitely high up on my visit list.” Casually halting worldwide tech crises while thinking about paddling out to massive Nazaré? Talk about having a cool head.

Determination both away and at the laptop.

While Malware Tech is self-taught, he’s been working for a private intel threat firm for the past year, specifically investigating malicious software commonly used by shadowy criminals and hackers. And while the firm wanted him to move out to Los Angeles, he reportedly chose to stay at his home in southwest England so he could remain close to the surf. He’s been quiet on his personal info, and wishes to avoid publicity.

He recently posted an in-depth explanation with plenty of technical jargon on his personal blog detailing how he stopped the attack. Certainly worth a read if you’d like to know more about what it takes to stop globe-crippling cyber attacks. Even if it’s by accident. The more you know.