Former UMaine student hacker sentenced to jail

Twitter
Facebook

 Email This Post
Reddit
Digg

Tell us what you think!
Send a letter to the editor about this or any other article in The Maine Campus.

A former University of Maine student was sentenced on Sept. 24 to 18 months with all but 30 days suspended in Penobscot County Superior Court. The court sentenced him for aggravated invasion of computer privacy from when he was enrolled, according to Penobscot County District Attorney R. Christopher Almy.

Police arrested James Wieland, 27, of Lewiston, Nov. 12, 2008, after he stole private information from as many as 1,000 UMaine FirstClass accounts using a keystroke program attached to e-mails. Wieland began serving his sentence Sept. 24.

“Basically, what he did was that he had used a commercially sold program and used it to intercept and record keystroke data from other people’s computers, and he did so by accessing the internet mail system you have at the university,” Almy said. “It basically enabled him to track and see what other people were doing with their computers – who they were communicating with and it enabled him to see photographs that they may have sent over the internet or anything like that.”

The affected e-mail accounts belonged mostly to students. John Gregory, Information Technologies director at UMaine, said the university has implemented precautions that will help prevent against similar attacks.

“We blocked users’ ability to send an executable file, and the way he had distributed keystroke software with an executable file as an attachment. We had not blocked it [before] because we felt it was an academic courtesy to the community to allow them to do that,” Gregory said. “I can’t guarantee it’ll happen again.”

Gregory said the university requires FirstClass users to change their password every six months, a change that had already been planned prior to Wieland’s crime. The university has implemented an awareness program to teach people about the dangers of   e-mail attachments and malicious behavior.

“When they opened that file, it installed a keystroke capture software, which he could use to see anything they typed on their computers,” Gregory said.

The maximum sentence for Wieland’s crime — a class C felony — is five years.

“Very few people get the maximum sentence,” Almy said.

The court considered the seriousness of Wieland’s offense, his history and the impact of the crime on the university before reaching its decision, according to Almy. Wieland’s probation doesn’t prohibit access to computers.

“[He] told officer Mitchell that he had interfered and intercepted data from other computers, and then he came into court and pled guilty, and we had a recommended sentence,” Almy said.

“Since that happened … the FirstClass managers have installed precautions to make sure this doesn’t happen again,” Carr said.

The university has no further precautions it plans to take against such attacks, according to University Relations Director Joe Carr.

Wieland was initially arraigned on Jan. 30.

This entry was posted on Monday, September 28th, 2009, 3:03 am. You can follow any responses to this article through the RSS feed.