Arlington Security Guard Arrested on Federal Charges for Hacking into Hospital’s Computer System
Defendant Allegedly Posted Video of Himself Compromising a Hospital’s Computer System on YouTube

DALLAS—A man from Arlington, Texas, who worked as a contract security guard at the Carrell Clinic on North Central Expressway in Dallas, has been arrested on felony charges outlined in a criminal complaint, announced Acting U.S. Attorney James T. Jacks of the Northern District of Texas.

Late Friday evening, agents with the FBI arrested Jesse William McGraw, a/k/a “GhostExodus,” “PhantomExodizzmo,” “Howard Daniel Bertin,” “Howard William McGraw,” and “Howard Rogers,” age 25. McGraw appeared yesterday afternoon before U.S. Magistrate Judge Wm. F. Sanderson, Jr., for his initial appearance. He was detained until his probable cause and detention hearing set for Wednesday, July 1, 2009, at 2:30 p.m., before Judge Sanderson.

According to the affidavit filed in support of the criminal complaint, McGraw is the leader of the hacker group, “Electronik Tribulation Army.” He was employed as a security guard for United Protection Services, in Dallas, and worked the night shift, from 11:00 p.m. to 7:00 a.m. at the Carrell Clinic hospital.

The affidavit alleges that between April and June 2009, McGraw committed computer intrusions of several computers in the Carrell Clinic hospital building, including computers controlling the Heating, Ventilation and Air Conditioning (HVAC) system and computers containing confidential patient information. The HVAC system intrusion presented a health and safety risk to patients who could be adversely affected by the cooling if it were turned off during Texas summer weather conditions. In addition, the hospital maintained drugs which could be adversely affected by the lack of proper cooling. McGraw, who used the online nickname “GhostExodus,” posted pictures on the Internet of the compromised HVAC system and videos of himself compromising a computer system in a hospital.

Further investigation revealed that McGraw was planning to use his compromised systems to commit additional crimes on or before July 4, 2009, a date that McGraw, according to the affidavit, called “Devil’s Day.” He posted videos on the Internet which included admonition to other hackers to assist him in conducting unauthorized computer intrusions in support of a “massive DDOS” on July 4, 2009. DDOS is an acronym for Distributed Denial of Service and is a type of computer attack in which an unauthorized individual assumes control of other computers and uses the massed ability of those computers, over which they have unauthorized access and control, to attack targeted computers. The investigation also revealed that McGraw recently provided United Protection Services his one week notice and his last day of work was to be July 3, 2009, the day before the scheduled DDOS attack.

Upon McGraw’s arrest on Friday evening, the Carrell Clinic IT staff identified and remediated the numerous compromised computers in the building.

A federal complaint is a written statement of the essential facts of the offenses charged, and must be made under oath before a magistrate judge. A defendant is entitled to the presumption of innocence until proven guilty.

In stating that the investigation is ongoing, Acting U.S. Attorney Jacks praised the investigative efforts of the FBI and Texas Attorney General Criminal Investigation Division. Assistant U.S. Attorney C. S. Heath is prosecuting.