I came upon this story today, which should remind every hospital guard administrator of Pogo’s wry observation, “We have met the enemy and he is US.”
On Friday the federal authorities arrested Jesse William McGraw on a charge of felony computer intrusion, saying he intended to use the botnet to launch a massive distributed denial of service (DDOS) attack on July 4, the day after he was set to stop working there. He’d nicknamed the day “Devil’s Day.”
He worked for a Dallas security company called United Protection Services, on the 11 p.m. to 7 a.m. shift at the clinic.
McGraw, who went by the hacker name GhostExodus, allegedly installed malicious software all over the Carrell Clinic, including systems that contained confidential information, and others that managed the building’s climate-control systems, authorities said Tuesday.
The hacker could have harmed patients or damaged drugs if he had turned off air conditioning during Texas’s hot summer months, authorities said.
It would seem he was itching to prove his mad hacking skilz by donning a hoodie while riding an elevator, looking into the camera and while the theme from “Mission: Impossible” played, said, “You’re on a mission with me: Infiltration.” As brilliant as he thought he was, he earned a major FAIL by typing on a keyboard and then putting gloves on to mask his fingerprints. Also he posted the ubiquitous YouTube videos to explain said brilliance. (And yet he can play the violin pretty well.)
All the more reason to pay attention to who’s wandering down your hallways. Not only would this guy have attacked the hospital’s network system, but they could easily have been sued for negligence when Uncle Bob suddenly keeled over because his room became an oven.