Privacy and Security

Tech Support by Day, Ransomware Warrior by Night

By Mary Butler

 

When ProPublica teamed up with the Chicago Sun-Times to profile Michael Gillespie, whom they dubbed “The Ransomware Superhero of Normal, Illinois,” many on social media were quick to point out: not all superheroes wear capes.

But Gillespie himself, in an interview with the Journal of AHIMA, was quick to point out that he does, however, wear a lot of hooded sweatshirts—a sartorial trope frequently associated with individuals in Gillespie’s line of work. By day, Gillespie works in retail IT support for a company called Nerds on Call. In nearly all his spare time Gillespie is a self-declared “ransomware hunter” who fields dozens of urgent requests from individuals and companies around the world crippled by ransomware attacks.

Unlike the security consultants, government cybersecurity experts, or federal investigators who are well compensated for similar work, Gillespie, 27, a high school graduate, does the vast majority of his crime-fighting work for free, despite the fact that as a bladder cancer survivor Gillespie has struggled with medical debt. Although the antivirus software provider Emsisoft pays him to write decryptors, programs that unlock files infected by ransomware, Gillespie feels conflicted about charging a fee to help people or organizations that contact him directly. He operates a website called ID Ransomware where users can identify their strain of ransomware free of charge.

In recent years, ransomware has brought numerous companies nearly to their knees—from huge corporations like FedEx and Maersk to healthcare providers like Sutter Health and healthcare vendors like software firm Nuance, as detailed in the new book Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers.

Because many of the ransomware victims Gillespie helps come to him anonymously—people often contact him when they’ve opened an infected file at work and are worried they’ll lose their jobs if they tell their own IT department—Gillespie doesn’t have a clear picture of who he’s helped. He has, however, received plaudits from the FBI and admiration from illustrious ransomware warriors such as Fabian Wosar, the chief technology officer of Emsisoft.

Gillespie doesn’t envision taking a corporate paycheck for cybersecurity or fighting ransomware anytime soon.

“I’ve had this inner monologue with myself. What I want to do is not exactly marketable—the fact that I want to continue breaking ransomware and helping people for free … Based on my experience in IT I’m a little afraid of taking a jump into corporate IT.”

Tags: cybersecurity , ransomware