Hacker Gang Leader Sentenced to 9 Years for Hospital Computer Attacks


« Microsoft Working to Take Down Win32/Rustock Botnet | Main | Mozilla Firefox Takes Steps to Block Fraudulent SSL Security Certificates »

03/22/2011



Hacker Gang Leader Sentenced to 9 Years for Hospital Computer Attacks

Darren Lanz
Co-Editor


Thanks to a piece by Kevin Poulsen at Wired Magazine, we learned about a successful prosecution of a hacker gang leader, who was convicted of installing malware on PCs in a Texas hospital.

Self video of hacker McGraw carrying out hospital computer attack.
(Video: YouTube)

The ringleader of a former online anarchist group called the Electronik Tribulation Army was sentenced on Thursday to over nine years in prison for installation of malware at a Texas hospital.

Hacker Jesse William McGraw, 26, also known as "GhostExodus", was fined $31,881 and ordered to serve three years of supervised release after serving time in prison.

He came to the attention of the FBI in 2009 after shooting and posting a YouTube video of himself "infiltrating" computers by installing RxBot at a medical office building.

According to the government, the Electronik Tribulation Army was creating a botnet to attack rival hacker gangs, which included Anonymous--known more at the time for hardcore pranks than the 'hacktivism' they've been known for since.

Security Researcher McGrew
Computer security researcher Wesley McGrew.
(Photo: Kristen Hines Baker, courtesy Mississippi State University)

In another video, McGraw showed off his personal infiltration gear, which included items such as lock picks, a cellphone jammer device, and falsified credentials portraying the FBI. The videos were shot at the Norther Central Medical Plaza in Dallas, TX.

McGraw was able to do so easily since he was a night security watchman and had unresricted access to the hospital.

He plead guilty last May to computer-tampering charges for installation of malware on a dozen machines which included a nurse's station with medical records. McGraw also installed a remote-access program called LogMeIn on the hospital's MS Window's-controlled HVAC system.

R. Wesley McGrew of McGrew Security in Mississippi, initially contacted the FBI after seeing screenshots of the HVAC access online. McGrew says,

I think the sentence is appropriate. He jeopardized public health and safety with his actions and I think its important to take a really strong stance against that,"

In the wake of McGraw’s arrest, other members of ETA have campaigned to harrass McGrew, which led to FBI raids of three suspected members, but there were no reported charges.

Although the YouTube videos suggest McGraw wasn't necessarily a critical threat to cyberspace, the FBI took note when it was discovered he'd installed a backdoor in the HVAC unit.

They noted that any failure of the unit--which controlled the first and second floors of the North Central Surgery Center--could have adversely affected patients in the hot summer time or caused refrigerated drugs or medical supplies to go bad.

There are a couple of important lessons here:

  1. Never, ever leave a workstation unlocked when you step away from it. Ever. If you give someone physical access to your computer, all bets are off.
  2. Audit your PCs regularly. The most dangerous phrase in security is, "It's not like...."

    Rather than thinking to yourself, "It's not like someone could ever put a virus on my computer without me knowing!" Assume there are people smarter than you, and they will if they can.
  3. Keep your antivirus software updated, set it up to run automatic scans, and run a manual scan, too, every now-and-again just to be on the safe side.

 

Comments

You can follow this conversation by subscribing to the comment feed for this post.

This is a just penal sentence. The cyber attacks in the hospital should also net a fine.

The comments to this entry are closed.