Inmates at a medium-security prison in Ohio managed to do illegal acts including performing online fraud while inside the facility undetected for months. It was the dangerous combination of some of them being very smart with computers and some serious lapses in security.
The inmates were able to secretly assemble two working computers, hid them in the ceiling, and connect them to the Marion Correctional Institution's network.
The hard drives when discovered contained pornography, a Windows proxy server, VPN, VOIP and anti-virus software. Also found were Tor browser, password hacking and e-mail spamming tools, and the open source packet analyzer Wireshark.
The Ohio Office of the Inspector General said in a new report that some smart inmates used what they have learned from an onsite computer skill and electronics recycling program to pull off that stunt.
After a forensic analysis of the hard drives, authorities discovered that the hard drives were loaded with "malicious" software and that the inmates illegally used the computers to apply for credit cards, research tax-refund fraud, search inmate records, and get prison access passes for restricted areas. Articles about making home-made drugs, plastics, explosives, and credit cards were discovered.One inmate even called and texted his mother saying he could have texted her on a certain day but he was not able to get online.
The inmates' secret and illegal computer activities were found out when the agency's IT department was initially alerted to a connected device, using a contractor's stolen credentials that already went beyond the daily internet usage threshold.
The secret computers went undetected for four months. After a three-week search by the authorities, the computers were found above a training room closet in an area off limits to unsupervised inmates.
Ultimately, the authorities traced cable from a networking switch to find the devices that were assembled with discarded computers from an Ohio aircraft parts company and an Ohio school district.
Inmates accessed the secret devices illegally via the prison's inmate-authorized computers. They took two computers that should have been disassembled, placed hard drives into the computers, installed a network card, moved the computers across the institution for approximately 1,100 feet, through the security checkpoint without being searched or questioned by security staff, used the elevator to the third floor and placed the two computers in the ceiling of the P3 training room. The inmates also cleverly used wire, cable and power cords to connect the devices undetected into the Ohio Department of Rehabilitation and Correction (ODRC)network.
Five inmates were discovered to be involved in the anomaly and were transferred to other institutions. ODRC said it will review the reports and promised to take additional steps necessary to prevent similar violations from happening again.