Editor’s note: Wired for Safety is a weekly column on cybersecurity and other tech issues. Duane Dunston is an assistant professor of cybersecurity and networking at Champlain College. He received his bachelor’s and master’s of science from Pfeiffer College. From 2001 to 2011 he worked in cybersecurity for NOAA. He is a first-year doctoral student at Northeastern University. His other activities include “You Have A Voice,” a project to develop an electronic screening assessment to identify human trafficking victims.
[W]hy all the hubbub about using antivirus software, applying security patches, and looking for the little padlock on secure sites? Then we say that you can’t be 100 percent safe from a cyberattack, regardless of the protections you have in place? Why the hypocrisy?
It isn’t hypocrisy, it is the same as any other type of safety system. We have
locks on our doors, yet there are folks that make a living picking a lock when we get locked out of our house. Why do we hide our valuables in our pockets, jacket or purse when someone can rob us with a gun or knife, or push us down and search for those items? What good is a home security system’s panic alarm when an intruder blocks access to the alarm or you’re not close by to activate it?
We also have these procedures in place as deterrents. Someone can look in the house and see the security system and panic alarm, but how do they know there aren’t other panic alarms or if the system is enabled? Is it worth the risk to break in and set off the alarm?
Accordingly, we install antivirus and patches to protect from the most common threats. We look for the padlock to provide some assurance that our data is being sent securely from our computer to the remote computer. Yes, the person on the other end could use your credit card and information for personal gain, but so could the person who takes your credit card at a restaurant and processes it out of your view.
The other issue with good cyber hygiene is to protect the rest of the internet. I’ve heard people say they don’t use antivirus or bother with updates. Well, that is certainly their prerogative, but it is not a good practice for being a good net citizen. Folks who practice this could be exposing the rest of the internet to attacks.
I recently worked with a former student on writing a spambot as well as key-logger and screen capture malware. The spambot is used to send spam to random IP addresses, the key logger is used to capture keystrokes, and the screen capture is used to take snapshots of a user’s computer.
I did this for training purposes, but the most interesting part is that there was no noticeable change in the performance of my computer system while the software was running, even though the spambot was sending about 70 emails a second.
The days of your computer running slow to detect malicious software are almost obsolete. Computers are extremely fast, and so are internet speeds, so your computer could be used to send spam (mine was controlled and not malicious), or someone can store illegal software or images on your computer or use your computer as a springboard to hack into other computer systems.
A botnet consists of computer systems with malicious software. The malicious software is waiting for instructions to perform some type of action. Your computer may be a part of the botnet by sending a little bit of data — about 20 typed digital pages a second — to one website. You will likely not notice it happening, regardless of how trained you are at detecting security threats.
However, when there are 100,000 computers or 2 million computers sending that data to the same website all at one time, that website is going to suffer a “distributed denial of service” attack. The web traffic is distributed among 100,000 or 2 million computers, and since there are so many bogus requests, legitimate traffic is denied access to the service offered by the website, hence the name.
If someone has access to your computer, that person can launch an attack from your computer and it is traced back to you (and other victim computers an attacker may have used before reaching the target). This is similar to someone having you go and steal something from a store. You have to prove it was someone else who told you to do it.
Leaving your system unprotected could lead to a breach of your personal information and any other person’s personal information that you have stored on your system or have access to.
When someone is communicating with you via email, it is supposed to be between you and any other person copied on the email. If your system has a key logger on it or a screen capture utility, you could be exposing sensitive information about the other person, who is expecting to have a private exchange with you.
Someone sharing a private story or personal situation with you via email could be exposed, which could enable blackmail, extortion, public embarrassment, reprisal, etc. It is hard to argue that personal or private information shouldn’t be in email, because it is just how we communicate. Email is official communication.
It behooves us to be a good net citizen and practice good cyber hygiene to help protect other net citizens.
