Man Gets Jail for Spying Unknown Woman’s Online Activities

Scott Graham from northeast Ohio is sentenced to prison following his admission that he employed legitimate spyware to monitor the computer activities of an unknown lady.

Actually in early 2008, Graham sent an e-mail carrying a file attachment (spyware) to the lady, who viewed it, while on duty at Akron Children's Hospital (Ohio, USA). Upon opening the attachment, the spyware installed on her computer and started picking up secret information.

Graham began getting the desired data, but he also got specific patients' diagnostic notes and hospital files.

The spyware conversely affected the computer network of the hospital. Hospital IT officials, who were performing a network update, discovered the spyware. They called in the FBI, and using the spyware vendor's services, Graham was eventually located.

However, Graham's indictment can be questioned considering that most people purchasing spyware programs utilize it lawfully. For example, organizations load it on their PCs so that employees' actions can be monitored, or parents use it to follow their kids' online activities. This is how the security of a hospital can be breached using legitimate software. Similarly, other individuals can do the same what Graham did.

Remarking about Graham's indictment, Shawn Lyden, Executive at Akron Children's Hospital, stated that Graham did not use the hospital data for exploiting the privacy of patients. It suggested that he didn't have any intention to access hospital details, said Lyden, as reported by Daytondailynews on December 20, 2009.

Ian Friedman, Attorney for Graham, said that the latter e-mailed to the lady to probe complaints she had alleged against specific hospital professionals and doctors, as reported by Daytondailynews..

Moreover, Friedman thinks that many people may wrongly assume that utilizing legitimately bought spyware for operating their computers just like Graham is nothing wrong.

The hospital after the incident has clearly mentioned that employees must not access their private e-mails during office hours. The hospital expended $33,000 for a company's services that investigated the security infringement.

According to security experts, it is for organizations themselves to ensure that they have defensive software to ward off spyware attacks.

Related article: Man Sues and Wins against ISP for Spamming Mail

» SPAMfighter News - 12/30/2009