Wednesday April 12, 2017

Inmates Hid Self-Built PCs in Ceiling and Connected to Prison Network

Back in 2015, two prisoners at the Marion Correctional Institution in Ohio were apparently able to not only get the parts to build their own PC's, but then hide them in the ceiling of a training room, and use them to gain access to the institutions network. The two were discovered after security software started notifying IT staff that a contractors laptop kept exceeding its Internet access quota, which was particularly odd, as the contractor was off at the time the alert came through.

Looks to me like Marion Correctional Institution may need better supervision of its inmates. That and this should serve as a lesson to IT departments everywhere of how easy it is for someone to just walk in, and plug in a computer that doesn't belong.

News Image

I had been told there was a PC on our network that was being used to try and hack through the proxy servers. They narrowed the search area down to the switch in P3 and the PC was connected to port 16. I was able to follow the cable from the switch to a closet in the small training room. When I removed the ceiling tiles I found two PCs hidden in the ceiling on 2 pieces of plywood.

Discussion