Jesse William McGraw was arrested Friday on charges of felony computer intrusion. McGraw, also known as GhostExodus, among other online aliases, worked as a night guard at the Carrell Clinic in Dallas, Texas. YouTube videos allegedly show McGraw wearing a hoodie over his security guard uniform and slinking around the hospital to the tune of the Mission Impossible theme song while installing malicious botnet software on various servers around the clinic, including its HVAC server.
Federal authorities say he planned to use the botnet to launch a massive distributed denial of service (DDOS) attack on Independence Day. His last day of work at the clinic was scheduled to be July 3rd. McGraw had been an employee of Dallas security company United Protection Services.
The attack, particularly on the HVAC server, could have caused the air conditioning to stop working for the entire hospital, possibly harming inpatients sensitive to the intense Texas summer heat, and also potentially compromising the integrity of temperature-sensitive medications stored at the onsite pharmacy.
A member of McGraw’s hacker group, called the Electronik Tribulation Army, boasted to security researcher Wesley McGrew of their hacking abilities, showing McGrew screen shots of some of the clinic’s hacked machines. McGrew showed his findings to the authorities, leading to McGraw’s arrest. McGrew, a graduate student at Mississippi State University, says:
“He's a security guard at the hospital, but he's pretending to infiltrate a corporate office and he's running around with a hoodie on over his security guard uniform and installing botnet software on a hospital computer all to the Mission Impossible music. [You] can't make this stuff up."
Comments