Today, the US Attorney’s Office announced that Jesse “GhostExodus” McGraw, has entered a guilty plea on two charges of transmitting a malicious code.  Jesse had compromised more than 14 computers at the Carrell Clinic in Dallas, Texas, where he worked as a night-shift security guard.  This included the system running the HMI (Human Machine Interface) for the hospital’s HVAC system.  To the best of my knowledge this is the only arrest and conviction of a hacker involved in a control systems/SCADA incident in the United States.

This story began last year, when I became aware of the HVAC compromise, and gathered information about it to turn over to FBI.  Throughout the process, I have been very impressed with the technical skill and responsiveness of the FBI agents.  I am also very happy with this outcome.  This may serve to educate organizations with control systems about the threats and vulnerabilities that are possible, and put other “script-kiddie” type hackers on notice that they can be tracked down and prosecuted for their actions.

The press release for the guilty plea is not yet available on the DOJ website, but the following articles are available:

I have a large collection of PDFs of court filings for this case, which I may post with commentary at some point soon, now that he has entered a guilty plea.  The PDFs make for interesting reading and a wild ride, and I don’t know of any other resources that have good documentation of a hacker case.  I’m looking forward to going through them again.

  6 Responses to “GhostExodus Pleads Guilty”

  1. I was going to ask when he was going to be sentenced, but in an article you linked to it says his sentencing date isn’t until September 16th.

    “This may serve to educate organizations with control systems about the threats and vulnerabilities that are possible, and put other “script-kiddie” type hackers on notice that they can be tracked down and prosecuted for their actions.”

    Well said. These punks need to be made an example of. I hope they give McGraw a harsh sentence and send the message that this is real equipment these wannabe hackers are messing with and that no one appreciates stupid, little stunts like this.

  2. In response to Exsavior, if the Carrel Clinic had taken proper security measures, none of this would have even been possible. Dont forget, they have as mcgrew has pointed out, a responsibility and obligation to their clients to hire the professionals required and take neccesary actions based on real world threats to secure their networks, as well as any other organization, ESPECIALLY medical facilities.

    BTW, hackers wont stop hacking, and crackers wont stop cracking, period. Isnt ever going to stop, do wake up from your delusional dream of flowers and mockingburds in a candy ass gum drop world.

  3. This was not the first SCADA conviction in the US. Hopefully people will see that this is not the type of system you want to attack.

    http://news.softpedia.com/news/Man-Pleads-Guilty-to-Damaging-Oil-Leak-Detection-System-122640.shtml

    http://losangeles.fbi.gov/dojpressrel/pressrel09/la031709.htm

  4. “Hopefully people will see that this is not the type of system you want to attack.”

    Agreed

  5. Well it appears the not so mighty have finally fallen

 Leave a Reply

(required)

(required)

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

   
© 2012 McGrew Security Suffusion theme by Sayontan Sinha