DOJ Indicts Hacker for Hospital Botnet Attack

A 20-year-old California man is indicted for using zombie computers to knock a Seattle hospital offline-for adware money.

A 20-year-old California man was indicted in Seattle Feb. 10 on charges that he used a computer "bot" network to cause computer malfunctions at Seattles Northwest Hospital in January of 2005.

Christopher Maxwell, of Vacaville, Calif., was indicted by a federal grand jury on two counts of conspiracy to cause damage to a protected computer and commit computer fraud.

He is alleged to have compromised computers at a number of U.S. universities for a large botnet that generated $100,000 in payments from advertising software companies, according to a statement released by the U.S. Attorneys Office for the Western District of Washington.

/zimages/4/28571.gifClick here to read about a botnet that strikes through BitTorrent.

The case closely resembles that of Jenson James Ancheta, also of California, who amassed a 400,000-strong computer botnet network and pleaded guilty in January to violations of the Computer Fraud and Abuse Act and the CAN-SPAM Act.

Maxwell is alleged to have hacked computer networks at California State University, Northridge; the University of Michigan; and University of California, Los Angeles, using high-powered computers on those networks as part of an adware distribution operation.

Maxwells botnet eventually expanded to computers at Seattles Northwest Hospital, where network scanning from infected machines interrupted the hospitals computer network, according to the statement.

/zimages/4/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

"During the disruption, doors to the operating rooms did not open, pagers did not work and computers in the intensive care unit shut down," the Attorney General said.

/zimages/4/84833.gifZiff Davis Media eSeminars invite: Learn how to proactively shield your organizations against threats at all tiers of the network, Symantec will show you how, live on March 21 at 4 p.m. ET. Sponsored by Symantec.

The case is being investigated by the FBI and the Northwest Cyber-crime Task Force.

/zimages/4/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.