Federal charges have been filed against an Arlington man working as a contract security guard at a Dallas hospital after officials said he hacked into the hospital's computer network while planning a Fourth of July Internet-based attack.
Jesse William McGraw, 25, of Arlington, also hacked into computers belonging to the Dallas Police Department and NASA, and threatened to damage other computer networks on July 4, a day he called "Devil’s Day," the FBI said.
McGraw, who according to authorities is also known as "GhostExodus," "PhantomExodizzmo," "Howard Daniel Bertin," "Howard William McGraw" and "Howard Rogers," was arrested by the FBI on Friday.
The latest news from around North Texas.
He was employed by United Protection Services and worked from 11 p.m. to 7 a.m. at the Carrell Clinic Hospital, a medical facility located at 9301 North Central Expressway, according to court documents. Investigators said McGraw compromised the hospital's computer network in preparation for a DDOS (distributed denial of service) attack.
According to an arrest affidavit, McGraw is the leader of the hacker group "Electronik Tribulation Army." The FBI said its investigation into other members of the group continues.
The affidavit also alleges that McGraw committed computer intrusion on several machines at the hospital, including computers controlling the heating, ventilation and air-conditioning (HVAC) system and computers containing confidential patient information.
The HVAC system intrusion presented a health and safety risk to patients who could be adversely affected by the cooling if it were turned off during Texas summer weather conditions -- which last week topped 102 in North Texas. In addition, the hospital maintained drugs which could be adversely affected by the lack of proper cooling.
It’s unclear how many times McGraw allegedly manipulated the building’s air conditioning, but he shut all five units for an hour at least once, court documents said.
McGraw posted numerous videos of himself online, including one in which he showed a counterfeit FBI credential with his picture, court documents said. On the video, he stated it was “good for getting into places,” the FBI said.
Ultimately, the videos led to his arrest.
The FBI's investigation started after a computer security consultant tracked McGraw by tracing electronic fingerprints he had left in a video he posted online, according to court documents.
After McGraw’s arrest Friday evening, the Carrell Clinic IT staff identified and fixed the numerous compromised computers in the building.
The FBI said McGraw had access to patient records at the Carrell Clinic, but a hospital executive said no private information was exposed.
"We’re very confident no patient records were compromised," said Carrell administrator Tom Blair. "We’re glad this guy’s in jail."
The investigation also revealed that McGraw recently provided United Protection Services with his one-week notice. His last day of work was to be July 3, the day before the scheduled DDOS attack.
McGraw is scheduled to appear in federal court for a probable cause and detention hearing on Wednesday afternoon. If convicted, he faces up to 10 years in prison.