Twitter
Facebook
Reddit
Digg
Tell us what you think!Send a letter to the editor about this or any other article in The Maine Campus.
As many as 1,000 University of Maine FirstClass accounts were hacked into with a Trojan horse virus, resulting in the arrest of former UMaine student James Wieland on Wednesday, Nov. 12.
Police arrested Wieland for Aggravated Criminal Invasion of Computer Privacy – a Class C felony. Wieland attended UMaine from the fall of 2000 until the spring of 2008 as a business student.
The hacked e-mail accounts belonged almost entirely to students. UMaine sent a message late Wednesday night informing the people whose accounts may have been jeopardized.
“This is an unusual crime for university police to investigate and to arrive at this conclusion with, primarily because it’s such a new area of criminal justice and police investigation,” Director of Public Safety Noel March said.
The FBI, Maine State Police’s Computer Crime Task Force and UMaine’s IT Department have been helping Public Safety conduct the investigation.
“We have been able to document that this activity has gone back as far as August of 2007 – 14 or 15 months ago. We are continuing our investigation because we have reason to believe that this activity preceded August of 2007, maybe by a number of years, undetected,” March said.
Investigators tracked IP addresses to determine Wieland was the perpetrator. Police said there are no other suspects at this time.
There have not been any reports of identity theft.
IT will not install any new protection systems to prevent this in the future. According to Executive Director of IT John Gregory, this was not a security failure.
“It wasn’t a vulnerability in the mail system that we support centrally. It was penetration of this one-on-one trust,” Gregory said. The “one-on-one trust” refers to e-mail users.
The Trojan virus is sent as an e-mail attachment. The e-mail can be from an e-mail address of a friend. March said hackers who are good at this can fly under the radar for years before being discovered. The virus allowed Wieland to record keystrokes, which could potentially have given him access to users’ passwords and other personal information.
“This issue came to our attention because of an unusual circumstance, in that two people found themselves receiving e-mails when they were both together on a plane and could not have possibly been sending e-mails to one another. This initial clue led us to open up an investigation,” March said.
He said the No. 1 cases in Bangor’s FBI office are cybercrimes.
“It used to be that someone would stick you up with a gun or mug you on the street at night. There are so many more sophisticated ways today to take advantage of an unsuspecting person,” March said.
Wieland is free on bond and has a Jan. 30 arraignment date at the superior court in Bangor. “It is entirely possible that additional charges will be forthcoming as determined by the Penobscot County District Attorney,” March said.
Bangor Daily News