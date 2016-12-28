What does it mean to have good cyberhygiene? And why is it important? Duane Dunston is a Champlain College professor and cybersecurity professional who joins us once a month to help make the complex simple. Watch the video for his take on cyberhygiene, being a good net citizen and more.

From Duane Dunston.

Why all the hubbub about using antivirus, applying security patches, and look for the little padlock on secure sites? Then, we say that you can't be 100% safe from a cyberattack, regardless of the protections you have in place? Why the hypocrisy? Well, it isn't hypocrisy, it is the same as any other type of safety system. We have locks on our doors, yet there are folks that make a living picking a lock when we get locked out of our house. Why do we hide our valuables in our pockets, jacket, or purse when someone can rob us with a gun, knife, or push us down and search for those items? What good is a home security system's panic alarm when an intruder blocks access to the alarm or you're not close by to activate it?

Just like our personal safety, we go through the procedures of using antivirus, patching, and looking for the padlock to minimize the likelihood of being affected by the most common threats. We lock our doors and windows because an intruder will check to see if the door or window is open before trying a method that causes more noise. We also have these procedures in place as deterrents. Someone can look in the house and see the security system and panic alarm, but how do they know there aren't other panic alarms or if the system is enabled. Is it worth the risk to break in and set off the alarm? Yes, they could break a window, but that dramatically increases the likelihood of being detected. Accordingly, we install antivirus and patches to protect from the most common threats. We look for the padlock to provide some assurance that our data is being sent from our computer to the remote computer. Yes, the person on the other end could use your credit card and personal information for their own gain, but so can the person that takes your credit card at a restaurant or grocery store.

The other issue with good cyber hygiene is to protect the rest of the Internet. I've heard people say they don't use antivirus or bother with updates. Well, that is certainly their prerogative, but it is not a good practice for being a good net citizen. Folks who practice this could be exposing the rest of the Internet to attacks. I recently worked on writing a spambot, keylogger, and screen capture malware. The spambot is used to send spam to random IP addresses, the keylogger is used to capture keystrokes, and the screen capture is used to take snapshots of a user's computer. Well, I did this for training purposes, but the most interesting part is that there was no noticeable change in the performance of my computer system, while the software was running. The spambot was sending about 50 emails a second and my computer didn't slow down and surfing the Internet didn't slow down. The point is that computers are extremely fast and so are Internet speeds so your computer could be used to send email spam (mine was controlled and not malicious), someone can store illegal software or images on your computer (the images don't have to be illegal), use your computer to attack another computer, or use your computer as a springboard to hack into other computer systems.

The days of your computer running slow to detect malicious software is almost obsolete due to very fast processors and large memory capacity of PCs, laptops, and smartphones. Botnets take advantage of these fast computers and fast internet speeds. A botnet consists of computer systems with malicious software. The malicious software is waiting for instructions to perform some type of action. Your computer may be a part of the botnet by sending a little bit of data - about 20 typed digital pages a second - to one website. You will likely not notice it happening, regardless of how trained you are at detecting security threats. However, when there are 100,000 computers or 2 million computers sending that data to the same website all at one time, that website is going to suffer a "Distributed Denial of Service" attack. The web traffic is "distributed" amongst 100,000 or 2 million computers and since there are so many bogus requests, legitimate traffic is 'denied' access to the 'service' offered by the website - Distributed Denial of Service attack. Your unprotected computer could be contributing to this attack.

If someone is using your computer to host illegal software and sharing that software with anyone on the Internet, you may not notice.

Computers come with very large hard drives that can hold a lot of data. You may not even know the illegal software is stored on your computer. You may be surfing the web, on Facebook, or chatting with someone on Skype and not have any slowness with your Internet speed.

Also, if someone has access to your computer, they can launch an attack from your computer and it is traced back to you (and other victim computers an attacker may have used before reaching their target.) This is similar to someone having you go and steal something from a store. You steal and get caught and you have to prove it was someone else that told you to do it.

Another important topic that has to be understood is that of personal information. First, we have to shake the fact that "I don't have anything anyone wants" or "I don't have money in my bank account." It is not always about YOU the individual person that you are. It is the information that is attributed to you. The information is what is stolen and then used for another purpose such as opening credit cards in your account, store credits, criminal activity, etc. The perpetrator may not care who you are, that's irrelevant. However, the information that is attributable to you is the most valuable.

I remember seeing a query to a credit reporting agency from an electric company. I was certain I didn't do it since my electric company didn't bear the same name. When I contacted the electric company, that performed the query, they said that someone had used my Social Security number to try and open an account. However, they suspected it was fraudulent upon seeing my credit report and didn't create the account for the person. This is a situation where the information attributed to me, my Social Security number, had value to someone (probably with bad credit). This would have been on my credit report if they defaulted on paying their electric bill. Why? The information attributed to me follows me and all activity associated with it. Even though the perpetrator used a different name, the Social Security number is unique to me. Additionally, the company that caught the fraud did their due diligence and did a good analysis of the results. This is how private companies can help mitigate identity theft.

Leaving your system unprotected could lead to a breach of your personal information and any other person's personal information that you have stored on your system or have access to. When someone is communicating with you via email, it is supposed to be between you and any other person they copy on the email. If your system has a keylogger on it or a screen capture utility, you could be exposing sensitive information about the other person who was expecting to have a private conversation with you. Having the attitude of 'nothing to hide' and not protecting your computer system could lead to the exposure of information about you or others. It could lead to your computer system being used to perpetuate attacks or the rampant amount of spam that exists on the Internet. Someone sharing a private story or personal situation with you via email could be exposed. Exposing private or personal information could lead to blackmail, extortion, public embarrassment, reprisal, etc. It is hard to argue that personal or private information shouldn't be in email because it is just how we communicate. Email is official communication.

It behooves us to be a good net citizen and practice good cyber hygiene to help protect other net citizens.