Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacker Posts His Crime On YouTube, Lands In Jail

Posted by samzenpus on from the bad-ideas dept.

wiredmikey writes "A former contract security guard who admitted hacking into a hospital's computer systems (where he worked), was sentenced to 110 months in Federal prison. Why did he do it? He admits that he intended to use the bots and the compromised computers to launch DDoS attacks on the websites of rival hacker groups. The FBI says he posted video of himself hacking into the hospital computers on YouTube — While the theme of 'Mission Impossible' played, he described his hack, step by step, including the insertion of a CD containing the OphCrack program, which allowed him to bypass all security. The FBI found the CD containing the OphCrack program in McGraw's house and found the source code for the bot on his laptop."

4 of 176 comments (clear)

  1. I think he knows the underwear gnomes. by gurps_npc · · Score: 4, Informative
    Step 1) Post a video of yourself committing a crime

    Step 2) ????

    Step 3) Jail!

    --
    excitingthingstodo.blogspot.com
  2. Re:Seems a bit excessive by Nikker · · Score: 3, Informative

    The network he had access to was a hospital's LAN. He wanted to use it to DDOS which would result in saturating much of the hospital's LAN to begin with and possibly screwing with equipment in the mean time. If he hacked into a Starbucks or a McDonalds to do the same I wouldn't care as much but his stupidity overreached on this one.

    --
    A loop, by its nature, continues. If that didn't make sense, start reading this sentence again.
  3. Re:Security researchers or confidential informants by iamhassi · · Score: 5, Informative

    "The stigma of being a "confidential informant" is quite hazardous. Why do you think there's a Witness Protection Program?"

    But... he is a security researcher, here's his security websites and his LinkedIn says he has a PhD in Computer Science and works at the Mississippi State University Center for Computer Security Research (CCSR).

    I'd say he's qualified. I don't understand why parent automatically assumed he was just an informant. If you're a private detective and with PhD in Criminal Forensics and you see a felony take place wouldn't you call the police? Would /. then assume you're simply an informant instead of being the private detective that the article correctly identified you as being?

    --
    my karma will be here long after I'm gone
  4. Re:110 Months by fredclown · · Score: 3, Informative

    Being in the medical IT field I can tell you that almost all medical software is written for Windows. And last I checked I don't think you can arrest anyone for developing for the windows platform. Just because the system is on Windows doesn't automatically make it insecure. There are a number of things that could have been done to mitigate this such as ... super-gluing the USB ports, securing door access, group policy to lock down what can be run. If best practice security was followed this guy would have hard a hard time doing it. If you leave a system wide open for attack it will be ... whether it be Unix, Mac, or Windows.