The Marion Correctional Institution (MCI) in Ohio houses approximately 2,500 medium security inmates – and at least one medium-level cyber criminal – thanks for the very institution in which he’s incarcerated.
This unique case came to light in in July 2015, when the facility’s IT staff received an email about a contractor’s personal computer exceeding its daily internet access quota. The problem is that the spikes were occurring when the contractor wasn’t even in the building, like the weekend.
A mere three weeks later, the staff finally realized that one of the inmates had stolen the contractor’s network password and was using two hidden computers to access everything from movie downloads and porn to articles on building explosives and financial fraud scams.
The computers were in place for at least two months before MCI was able to follow a suspicious network cable in locating them above ceiling tiles.
Perhaps most disheartening is that access to the computer parts and an understanding of how to put them to use came from programs offered by the correctional institution.
One such program is the MCI Green Initiative, which was created to foster environmentally friendly practices throughout the prison. Part of this program was a connection with Cleveland-based RET3, which employed prisoners to disassemble out-of-date computer hard drives and other obsolete electronics like VCRs so the materials and components could be recycled or re-sold.
Combining this access with another educational program called Roots or Success, which teaches life skills like computer programming, seemed to be the perfect recipe for inmate Adam Johnston.
Johnston used the refurbished computers and stolen password to find another inmate, Kyle Patrick, and steal his information from within the Departmental Offender Tracking System. With the help of his mom, Johnston was able to apply for credit cards in Patrick’s name.
Johnston said he chose Patrick because he was young and was serving a lengthy sentence.
Not only did authorities become aware of this scheme, but they also found information on the contraband computers that included a Bloomberg article on tax refund scams and what has been described as a hacker’s toolkit, including software for cracking passwords and accessing private networks.
Let’s maybe take this approach off the list when looking to close that skills gap in U.S. manufacturing.