former student pleads guilty to computer hacking
at university of central missouri
KANSAS CITY, Mo. – Beth Phillips, United States Attorney for the Western District of Missouri, announced that a former student of the University of Central Missouri pleaded guilty today to his role in a computer hacking conspiracy.
Daniel J. Fowler, 21, of Kansas City, Mo., pleaded guilty before U.S. Magistrate Judge John T. Maughmer to the charges contained in a Nov. 18, 2010, federal indictment. In addition to the computer hacking conspiracy, Fowler also pleaded guilty to one count of computer intrusion causing damage (computer hacking).
By pleading guilty today, Fowler admitted that he participated in an unlawful computer hacking scheme while he was a student and community advisor at UCM from March 2009 to March 2010. Conspirators gained unlawful and unauthorized access to the UCM computer network, which allowed them to view and download large databases of faculty, staff, alumni and student information, to transfer money to their student accounts, and to attempt to change grades. They sought to profit by attempting to sell lists of the personal information of faculty, staff, alumni and students to others.
Conspirators developed a computer virus, which they used to infect UCM computers – including an attempt to infect the computer used by the university’s president. They used several strategies to infect computers, such as offering to show vacation photographs on a thumb drive that contained the virus. Fowler admitted that they manually installed the virus on several UCM computers in public areas, such as computer labs and the library. Once the virus was successfully installed on a computer, conspirators could obtain remote access to the computer, capture a user’s keystrokes, download any of the user’s files and remotely turn on the user’s webcam to watch and photograph the user of the infected computer.
Fowler admitted that they used a thumb drive to download and install the virus on at least one university administrator’s computer. They monitored the administrator’s computer activity and captured his username and password. They used their remote access of this administrator’s computer to remotely turn on the webcam to watch and photograph the administrator sitting at his desk in his office and to download his e-mails. They also obtained the username and password of a residence hall director, Fowler admitted, and used that information to exploit the university’s computer system to conduct financial transactions, in an attempt to unlawfully credit their student accounts with UCM funds.
Conspirators successfully used the identities of fellow students, along with their university computer network permissions, to gain access to various portions of the computer network they would otherwise not have access to. This also enabled them to mask their activities and mislead university authorities as to the identities of those conducting the attacks on the computer network.
After learning that a co-conspirator had been arrested, Fowler admitted, he encrypted and destroyed computer evidence that he thought could be used against him.
Under federal statutes, Fowler is subject to a sentence of up to 15 years in federal prison without parole, plus a fine up to $500,000 and an order of restitution. A sentencing hearing will be scheduled after the completion of a presentence investigation by the United States Probation Office.
This case is being prosecuted by Assistant U.S. Attorney Matthew P. Wolesky. It was investigated by the University of Central Missouri Police Department and the FBI.