Inmates build two computers while in prison, use them to commit more crimes

midian182

Posts: 7,765   +78
Staff member

A prison work program that involves inmates recycling old computer parts might sound like a good idea, but a couple of incarcerated criminals used it to build two working PCs and hide them in the ceiling of a training room.

The Marion Correctional Institute in Ohio recycles the computers as part of the non-profit RET3 program. But for Adam Johnston and Scott Spriggs, it was an opportunity to commit more crimes while in the prison. The unsupervised pair were able to sneak away some of the computer parts, using them to build two working machines that were “hidden on a plywood board in the ceiling above a closet.” Once constructed, they “connected to [Ohio Department of Rehabilitation and Correction’s] computer network.”

The convicts even managed to run an ethernet cable from the ceiling to the network switch, where it was connected to port 16. By using credentials belonging to a retired prison employee who'd become an ODRC contractor, they obtained internet access.

When examining the PCs, investigators found “password-cracking tools, virtual private network (VPN) tools, network enumeration tools, hand-crafted software, numerous proxy tools, and other software used for various types of malicious activity." There was also “self-signed certificates, Pidgin chat accounts, Tor sites, Tor geo exit nodes, ether soft, virtual phone, pornography, videos, VideoLan, and other various software." As well as articles on bomb-making, cooking up drugs, and credit card fraud.

"Findings of bitcoin wallets, stripe accounts, bank accounts, and credit card accounts point toward possible identity fraud, along with other possible cybercrimes," wrote the forensics team.

The prisoners even accessed the internal records of other inmates to issue them passes for gaining access to various areas of the prison. Fellow cons were also given thumb drives packed with porn.

The PCs were only discovered after a staff member was informed of excessive daily internet usage by the contractor whose credentials had been stolen. The automated message itself wasn't totally unusual, but it arrived on a day when the contractor wasn’t working. Whoever was using the account had tried to access certain file-sharing sites but had been blocked by the prison network's proxy server, which denies access to certain online content, according to the BBC.

The user "then spent the next three hours straight trying to find sites that would circumvent the proxy and our policies," an email to IT employees noted.

All prisoners involved in the scheme have now been moved to other facilities. You can read the full 50-page report on the incident here.

Permalink to story.

 

Tibeardius

Posts: 64   +42
They downloaded porn and VideoLan? Woah, calm down guys. For real though, seems like the only real illegal stuff they did was sign in with the retired guys credentials. Sounds like there was potential for more but nothing verified so they may not have actually committed any cyber crimes.
 

Skidmarksdeluxe

Posts: 8,645   +3,289
I would've thought that they would've done something more constructive with their time and planned a breakout instead...
 

stewi0001

Posts: 2,734   +2,464
They downloaded porn and VideoLan? Woah, calm down guys. For real though, seems like the only real illegal stuff they did was sign in with the retired guys credentials. Sounds like there was potential for more but nothing verified so they may not have actually committed any cyber crimes.

"...other software used for various types of malicious activity...articles on bomb-making, cooking up drugs, and credit card fraud...Findings of bitcoin wallets, stripe accounts, bank accounts, and credit card accounts point toward possible identity fraud, along with other possible cybercrimes...accessed the internal records of other inmates to issue them passes for gaining access to various areas of the prison..."

Sounds like they had shop pretty much set up to me. Also, they're already in prison to begin with so I highly doubt they are planning on stopping ISIS or promote protecting the environment.
 

cliffordcooley

Posts: 13,141   +6,439
Sounds like there was potential for more but nothing verified so they may not have actually committed any cyber crimes.
The laws are different in prison than they are outside. For one you can get charged with sex crimes for masturbating. A crime that will stick with you even after you get out. A crime that most would certainly misunderstand and consider to be the worst.
 

Tibeardius

Posts: 64   +42
"...other software used for various types of malicious activity...articles on bomb-making, cooking up drugs, and credit card fraud...Findings of bitcoin wallets, stripe accounts, bank accounts, and credit card accounts point toward possible identity fraud, along with other possible cybercrimes...accessed the internal records of other inmates to issue them passes for gaining access to various areas of the prison..."

Sounds like they had shop pretty much set up to me. Also, they're already in prison to begin with so I highly doubt they are planning on stopping ISIS or promote protecting the environment.


Looking at how to make bombs and drugs is legal. Bitcoin is legal. There may have been some things that point to illegal activity, but they never said they actually committed any crimes. A bit nuanced but so is the whole legal system. The title is just a bit clickbaity.
 

Panda218

Posts: 676   +392
The laws are different in prison than they are outside. For one you can get charged with sex crimes for masturbating. A crime that will stick with you even after you get out. A crime that most would certainly misunderstand and consider to be the worst.
We really need a judicial and prison overhaul.

Too bad we'll likely see an increase in private prisons and more shitty laws for drug offenders...
 

petert

Posts: 368   +166
They downloaded porn and VideoLan? Woah, calm down guys. For real though, seems like the only real illegal stuff they did was sign in with the retired guys credentials. Sounds like there was potential for more but nothing verified so they may not have actually committed any cyber crimes.
read it on arstechnica for a real professional written article (was published yesterday btw) - you should see these fellows were up to no good with those computers ...
 

psycros

Posts: 4,072   +5,591
Marion Correctional has been a joke for years but this is like some kind of Mexican BS. Hopefully the state will finally be forced to clean house.
 

Tibeardius

Posts: 64   +42
read it on arstechnica for a real professional written article (was published yesterday btw) - you should see these fellows were up to no good with those computers ...
They don't go into much more detail than this article. I get that they're criminals so it's easy to jump to conclusions but by civilian standards it just seems like they were fooling around. As cliffordcooley said, prison rules are different and maybe they just haven't released all the details yet but there are no actual illegal things mentioned in either article. They very well may have broken some laws, but you can't tell that from the info we've been given.
 

stewi0001

Posts: 2,734   +2,464
Looking at how to make bombs and drugs is legal. Bitcoin is legal. There may have been some things that point to illegal activity, but they never said they actually committed any crimes. A bit nuanced but so is the whole legal system. The title is just a bit clickbaity.
That's the whole point of article titles, get your attention to read it ;)