Misdirected spyware infects Ohio hospital
- 18 September, 2009 06:29
- Comments 3
It was a bad idea from the start, but even as bad ideas go, this one went horribly wrong.
A 38-year-old Avon Lake, Ohio, man is set to plead guilty to federal charges after spyware he allegedly meant to install on the computer of a woman he'd had a relationship with ended up infecting computers at Akron Children's Hospital.
In late February 2008, Scott Graham shelled out US$115 for a spyware program called SpyAgent and sent it to the woman, according to a plea agreement filed in the U.S. District Court for the Northeastern District of Ohio.
He allegedly sent the spyware to the woman's Yahoo e-mail address, hoping that it would give him a way to monitor what she was doing on her PC. But instead, she opened the spyware on a computer in the hospital's pediatric cardiac surgery department, creating a regulatory nightmare for the hospital.
The complaint does not explain how Graham managed to convince the woman to install the program, but clever attackers often trick their victims into clicking on files by saying that they are interesting videos or some kind of useful software.
Between March 19 and March 28 the spyware sent more than 1,000 screen captures to Graham via e-mail.
They included details of medical procedures, diagnostic notes and other confidential information relating to 62 hospital patients.
He was also able to obtain e-mail and financial records of four other hospital employees as well, the plea agreement states.
Graham, who is set to formally enter a guilty plea on Sept. 30 to one count of illegally intercepting electronic communications, will pay $33,000 to the hospital for damages caused by the incident. He faces a maximum sentence of five years in prison.
"While Scott Graham does take responsibility for his conduct, it was never his intention to harm any organization or entity," said his attorney, Ian Friedman, in a telephone interview.
"He had to learn the hard way that what may be advertised on the Internet doesn't necessary produce what's promised."
Products such as SpyAgent are marketed as legitimate tools to help employers or worried parents keep track of what's going on with their computers, but they can easily be misused to spy on innocent victims, said Eric Howes, director of research services with antivirus company Sunbelt Software.
His company flags SpyAgent as a "commercial keylogger."
"Our enterprise customers are concerned about these kinds of tools being used in an unauthorized fashion on their networks," Howes said.
"They have completely legitimate uses, but if I went home and found a copy of [this type of software] on my computer, I would be concerned. "
Still Howes faulted the hospital's IT staff for allowing someone to download spyware from Yahoo mail and install it on their systems.
"That points to a security failing at that hospital, but then they aren't that different from 99 percent of companies out there," he said.
Many companies block workers from accessing personal Web sites such as Yahoo or Facebook.
The U.S. attorney prosecuting this case, Robert Kern, did not return messages seeking comment. A spokeswoman with the Akron Children's Hospital was unaware of the case and unable to comment.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Bookmark this page
- Share this article
- Got more on this story? Email CIO
- Follow CIO on twitter
-
All Systems Down
-
Married to your desk? 5 tips for a better relationship
-
Married to your desk? 5 tips for a better relationship
-
NBN to deliver disability support services to regional Australia
-
Beware of malicious QR codes: Report
-
Oracle SOA Suite – Oracle BPEL Process Manager
Changing markets, increasing competitive pressures and evolving customer needs are placing greater pressure on IT to deliver greater flexibility and speed. In response to these challenges, leading companies are adopting Service-Oriented Architecture (SOA) as a means of delivering on these requirements by overcoming the complexity of their application and IT environments. Read on. -
Best practices for a Data Warehouse on Oracle Database 11g
Increasingly companies are recognizing the value of an enterprise data warehouse (EDW). A true EDW provides a single 360-degree view of the business and a powerful platform for a wide spectrum of business intelligence tasks ranging from predictive analysis to near real-time strategic and tactical decision support throughout the organization. Read on. -
Distributing Power to Blade Servers - Ten steps to selecting the optimal power distribution design
Which blade server ePDU is right for your application? What deployment considerations apply? With the right ePDU model and implementation strategy, you can satisfy present and future needs, optimally balance loads and enhance data center efficiency and uptime. Read more.
-
Learning AutoCAD Civil 3D 2010
-
Learning Autodesk Maya 2009 Foundation
-
Discovering Microsoft Office Xp
-
C++ and the Object-oriented Paradigm
-
Microsoft Powershell, Vbscript, and Jscript Bible
-
Teach Yourself Visually PowerPoint 2010
-
Microsoft Office Project 2003 Bible
-
Wiley Plus/Blackboard Stand-alone to Accompany Java Concepts 5/E for Java 5 and 6
-
Windows XP All-In-One Desk Reference for Dummies, 2nd Edition









Comments
Satelite Internet
Which one is best ?
Everyone's mind is thinking to choose a best malware, and anti virus protector. Not on hospital but a lot of college, school, offices and even personal computer is infected.
It's not easy to select one because if for eg; My computer is infected with virus (a.lhj) it can be removed with particular anti virus only, and same for all other. What i mean is there is no complete solution for all antivirus and Malware. As far I know. But I am satisfied with AVIRA antivirus, After i installed it Any virus or malware is bothering me.
thank you
<a href="http://www.protectyourhome.com">ADT Security</a>
Martha
I was really interested to learn exactly how he got caught, but the story never mentions it. Maybe that is the comment they were looking for. Still, this makes you wonder if there are any anti-<a href="http://www.sophos.com/products/malware-protection/">malware</a> measures in place, because a commercial keylogger running in the background should have sent off numerous warning..unless someone set an exception just so the messages would go away...Ah, you just can't plan for human error..
ADT
RE: Spyware
I would be interested to know how he got caught as well. Maybe the traced back the IP? Maybe he turned himself in? I understand the severity of this but up to 5 years....
I actually used to have some problems with spyware as well, but I changed my connection to a <a href="http://www.satelliteinternet.com">satellite internet</a> connection
Post new comment