Features Editor’s Commentary
Practicing better cyber hygiene

Back in the summer months of 2022, I created a list of topics that I wanted to feature in Blue Line in 2023. For this July/August edition, I picked topics like cybercrime, fraud, technology and innovation. These are definitely topics that we’ve looked at before but are constantly changing in today’s world, so there’s always something new to learn and focus on. Little did I know back in 2022 that I would have a personal connection to this topic. Let me tell you the story.

In early June, I interviewed Chris Lynam of the Royal Canadian Mounted Police (RCMP), who leads the team at The National Cybercrime Coordination Centre (NC3). We spoke about cybercrime, and our conversation ranged from how cybercriminals are evolving, to how his team approaches cybercrime and why everyone should practice cyber hygiene, including members of law enforcement. (For more from that conversation, you can check out page 10.)

An hour or so after Chris and I ended our interview, I received a phone call from a member of my company’s human resources team. In this call, she told me that she’d received an email—from my email address—asking that my personal banking direct deposit information be changed to something new. She called me because she noticed the language and tone of the email didn’t match my regular style, and she wanted to confirm if it was really me asking for the banking change.

I told her right away that I hadn’t sent that email.

“The information could be useful to tracking down who was behind it and preventing additional attacks.” – Chris Lynam

From there, she alerted our IT team of a possible hacking of my account, and they deactivated it while they investigated the matter. Scans of my computer were required, and by the next morning, we learned that the hacker had only been able to send that one email to HR. Needless to say, my passwords were changed, multi-factor authentication was put in place, and I was able to get back to my work as usual.

When I told Chris Lynam of this weird coincidence, he urged me—or my IT team—to report it to local law enforcement because, even though the hacker was unsuccessful, he said, “the information could be useful to tracking down who was behind it and preventing additional attacks.”

While this may seem like an insignificant event to some, this was the first time that I had been cyberattacked, and I sincerely hope it’s the last time. The weekend after this incident occurred, I changed all of my personal passwords because I was worried I might be attacked again.

What I took away from this, and what you might as well, is that any person at any time can be the victim of a cybercrime. Remember, it’s important to practice cyber hygiene, such as regularly changing passwords or adding multi-factor authentication, as Lynam describes in more detail in our cover story.

And as always, if there is a topic that you think we should be talking about, and that fellow officers could benefit and learn from, please reach out to me at any time (bschroeder@annexbusienssmedia.com).

Until next time, happy reading and be well.