"Fourth of July" hacker jailed after hospital hack

Share this article:

A Dallas hospital guard was ordered to jail following his arrest on charges of breaking into computers, planting malicious software and planning a massive distributed-denial-of-service (DDoS) attack on the Fourth of July.

Jesse William McGraw, who calls himself "GhostExodus," 25, was leader of the hacker group "Electronik Tribulation Army," and worked the night shift at the Carrell Clinic hospital in Dallas. He had bragged online that he “infiltrated” the facility, according to an FBI complaint.

He appeared on Wednesday in U.S. District Court in Dallas and now is being held without bail.

“McGraw appeared in court and probable cause was found,” Kathy Colvin, spokeswoman for the Dallas U.S. Attorney's office, told USMagazineUS.com Thursday. “The judge ordered that he be detained."

 

McGraw broke into several computers, according to the complaint, including computers controlling the hospital's heating, ventilation and air conditioning (HVAC) system, as well as PCs containing confidential patient information. He posted pictures on the internet of the compromised HVAC system, along with videos of him compromising the computer systems. He also posted videos that asked other hackers to assist him in mounting computer intrusions in support of a "massive DDoS" on July 4.

The arrest was prompted by an incident observed by Mississippi State University computer science student Wesley McGrew.

In a blog post, McGrew said that he was contacted by someone bragging about hacking a control system. He checked it out and found that the hack was actually performed by an attacker who went by the name of “GhostExodus,” later identified as McGraw.

“Screenshots taken by the attacker showed an HMI [human-machine interface, used to interact with mechanical devices] that gave the user control over many elements of the hospital, including pumps and chillers in the operating room,” McGrew wrote. “Messing around with a system like this can seriously impact the health and safety of the patients.”

McGrew said he contacted authorities and cooperated with the FBI. His information led to McGraw's arrest on Friday.

McGraw will remain in jail until a grand jury decides within 30 days whether to indict him.

 

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in News

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.