Jesse William McGraw was indicted by a Dallas federal grand jury yesterday on 2 counts of transmitting malicious code. These felony charges were pressed back in June, when McGraw allegedly transferred malicious code into the hospital’s computer network, including an HVAC server that controlled heating and cooling for the entire hospital. McGraw, also known by his hacker alias “GhostExodus”, has been held in custody since his arrest late last month on related charges.
McGraw’s actions compromised the hospital’s system in such a way as patient records, diagnoses, medical treatment, and care could have been compromised for any individuals being treated by the Carrell Clinic. His actions on the clinic’s HVAC server could have compromised the integrity of temperature-sensitive medicines in the onsite pharmacy as well.
Plans had been made by McGraw to quit his job as the night security guard at the clinic the day before an intended Distributed Denial of Service, or DDoS, attack caused by the malicious code he uploaded onto the network. He planned to call the day of the attack, July 4th, “Devil’s Day”. McGraw had been an employee of Dallas security company United Protections Services, and worked the 11:00 p.m. to 7:00 a.m. shift at the clinic.
Should McGraw be found guilty, for each count of transmitting malicious code he faces a maximum penalty of 10 years in prison, a $250,000 fine and restitution.
Comments