Feeds

Inmate hacker locks down jail computers

Chaos reigns after cybercrook given programming project

Internet Security Threat Report 2014

A UK prison computer system was left in lockdown after jail bosses gave a convicted cybercriminal the task of reprogramming it, the Sunday Mirror reports.

Douglas Havard, 27, an inmate at Ranby Prison, Nottinghamshire, was asked to take over a project to create an internal TV station using the jail's computer network. Havard is half-way through a six year term over his involvement in a £6.5m hacking and phishing scam (more details here), something the prison governors must have reckoned gave him the requisite computer programming skills.

Havard, originally from the US, was jailed in 2005 after he was convicted for running the UK end of an international phishing scam estimated to have netted up to £6.5m. The American and partner in crime Lee Elwood, 25, were jailed after pleading guilty to conspiracy to defraud and conspiracy to launder money.

Data dumps of compromised credit card and bank account details were sent over from Russia to Havard, who used this information to fraudulently purchase goods online. These goods were then sold in online auctions by UK-based affiliates with the proceeds, less Havard's cut, sent back to Russia. The duo were involved in credit card counterfeiting and active on underground websites such as carderplanet and shadowcrew, according to investigators.

Havard and Elwood were arrested following a National Hi-Tech Crime Unit (NHTCU) investigation into eastern European phishing fraudsters.

After he was reportedly left unsupervised during the prison programming project, Havard spent his time altering system passwords so that everyone else was locked out. Prison bosses had to hire external consultants to sort out the resulting mess. Meanwhile Havard was put into segregation as punishment.

Another inmate at Ranby Prison recently managed to get a key cut that was capable of opening every door at the jail.

A Prison Service spokesman told the Sunday Mirror that the computer breach at Ranby was under investigation. He denied that lags were given unsupervised access and added: "The prisoner was not able to access records of any other prisoners." ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.