Newswise — Mississippi State computer science student Wesley McGrew's cooperation with the FBI led to the recent arrest of a Texas man accused of planning a major attack on a Dallas medical facility on Saturday.
McGrew, a doctoral student in computer science at MSU, turned over his research related to a computer hacker to a FBI agent in Jackson about two weeks ago, who then passed on info to the Dallas bureau to investigate possible federal crimes.
McGrew, also a research assistant at MSU's Critical Infrastructure Protection Center, often communicates with hackers but researches only a small percentage of those he interacts with online. However, one element proved different this time—a hacker showed evidence of threatening public health and safety. The hacker used multiple aliases, including "GhostExodus" and "PhantomExodizzmo" when posting threats on online forums about breaking into the Carrel Clinic in Dallas.
Online bragging by the hacker mentioned control and escape computer systems responsible for critical infrastructure that could jeopardize lives, if compromised. The hacker bragged about breaking into the facility's heating ventilation and air condition computer system with plans for a serious attack that could harm patients at the clinic, along with affecting medications kept at specific temperatures.
The hacker's arrogance, including a public MySpace profile and YouTube videos, among other online public information, coupled with McGrew's digital detective work, assisted the FBI in preventing a major crime.
FBI special agents identified the computer hacker as Jesse William McGraw of Arlington, Texas, who posted detailed information about plans for a "Devil's Day" attack, referring to an organized "distributed denial of service," a type of computer attack in which an unauthorized person takes control of secured computers and uses them for malicious attacks. McGraw remains in federal custody waiting for a grand jury to determine whether to issue an indictment.
While only one letter separates the spelling of MSU student McGrew and former security guard McGraw, worlds separate actions and intent of the two men.
Having earned bachelor and master's degrees in computer science, McGrew focuses on computer security in his doctoral studies with particular interests in vulnerability analysis and penetration testing in computer systems.
By contrast, McGraw is accused of leading a double life while he worked as a guard in Dallas for a security company providing security services for the Carrell Clinic, which specializes in orthopedic surgeries and other medical services. A member of a computer hacking group called Electonik Tribulation Army, McGraw posted videos and online comments boasting of breaking into classified computers where he worked and his plans for a larger attack, an FBI affidavit reports.
Further, McGraw informed his supervisor at the security company that his last day of work at medical clinic would be Friday, a day before the scheduled attack. Thanks to McGrew's sleuthing abilities and assistance to the FBI, McGraw's employment ended even sooner.
While an MSU student, McGrew has gained notoriety in the department of computer science and engineering for some of his work in computer vulnerability. He discovered a major software flaw in 2008 found in many major critical infrastructure computer programs. In fact, the flaw he discovered then is similar to the flaw found in the computer security system of the Dallas clinic. The National Security Agency was notified immediately of McGrew's discovery. Shortly thereafter, the Department of Homeland Security broadcast an alert that included information on how to correct the issue related to the software flaw.
Ray Vaughn, head of MSU's department of computer science and engineering and director of the Critical Infrastructure Protection Center, said McGrew is one of the most capable students he has mentored. He said young researchers like McGrew ensure the university's reputation in the field remains strong.
"Wesley has a strong sense of ethics and a bright future ahead of him," said Vaughn, a retired Army colonel who coordinated McGrew's reporting information about the planned attack to the FBI. "Students like him are a rare find."
McGraw's future appears uncertain, with a possible federal indictment. News accounts in Dallas report his wife blaming McGraw's behavior on mental instability. After earning his doctorate, computer security researcher McGrew plans a future in the private sector working to protect computer systems.
When discussing the FBI's investigation into McGraw's suspected hacking into the medical clinic, McGrew said he agreed with one thing the former security guard said in one of YouTube recordings. While discussing the arrest of one of his hacking buddies, the person identified as "ghostexodus," the same person the FBI suspect as the computer hacker, wanted the behavior to have harsh consequences.
"Basically, if you play with fire, you're going to get burned," said the person in the video wearing sunglasses and identified as McGraw in the FBI affidavit.
Sitting in a computer lab of MSU's Critical Infrastructure Protection Center, McGrew shook his head while watching the video.
"You can't make this stuff up," he said.