Security Guard Admits to Hacking into Hospital’s Systems

A former security guard, Jesse William McGraw, has pleaded guilty to the allegations of hacking into "North Central Medical Plaza's" (on North Central Expressway in Dallas, US) PCs while he was on duty. He is known as 'GhostExodus' in the world of online hacking.

Details show that McGraw got physical access to the hospital's systems. He downloaded, or sent out, a program to the systems that he used, which enabled him, or anyone else with his password and account name, to access the hospital's computers remotely.

He also damaged the reliability of some of the machines by taking out the security features, like uninstalling antivirus solutions, which made the systems more susceptible to attack. Moreover, on some of the systems, he implanted some harmful code (sometimes called a "bot).

Bots are often related to stealing data from the hacked system, using the hacked system in denial of service attacks, and using the system to circulate spam. In this case, McGraw accepted that he planned to employ the bot to initiate a denial of service (DoS) attack on the site of a competitor "hacker" group.

Fortunately, it was not that difficult to trace the attacker as he had posted some videos of his hacking endeavour to YouTube. In one of the videos, he acts as if he has broken into the hospital, stating that he has broken into a huge corporate office. "Mission: Impossible" movie's theme music plays in background as he informs the viewers that they are on an "infiltration" mission with him.

Further information indicates that hacker was caught just few days prior to the distributed denial-of-service attack, which he had planned for July 4, 2009. The day had been named "Devil's Day" by him.

Prosecutors informed that he hacked into almost 14 machines which includes a HVAC (heating, ventilation and air conditioning) system at the hospital, where he worked in the night shift (11 p.m. to 7 a.m.), as per the news published by computerworld.com on May 14, 2010.

Lastly, the hacker, who has been in police custody since June 2009, now faces a jail term of 10 years on each of the two counts charged against him. He is going to be sentenced on September 16, 2010.

Related article: Securities Push Up A Must For Web Companies

» SPAMfighter News - 5/27/2010