As technology becomes more complex and pervasive, the way we talk about securing data is probably becoming a lot more confusing, especially if you don’t work in IT.
Of course, the technology industry has always been filled with jargon and obscure abbreviations. The difference now is that technology is such a critical part of business operations that senior leadership teams must have a clear sense of how it is being used, and how vulnerable they might be to a data breach or other attack. In fact, a recent survey from CSO magazine in the U.S. suggested that boards are still not regularly kept up to speed on cybersecurity protection. This may be because they feel they don’t speak the same language as their IT security team.
With that in mind, we’ve compiled a list of 60 most common terms that may be brought up in cybersecurity discussions, which we’ll share in a three-part series on expertIP. Most IT professionals will be familiar with these, of course, but ask yourself whether they would make sense to your CFO, COO or the CEO. If not, use this list as a jumping-off point in your next discussion.
Here are the first 20 terms:
- Anti-virus (AV) – An application used to identify and remove harmful software in a computer.
- Advanced Persistent Threats (APT): An advanced set of covert and continuous computer hacking processes, often triggered by hackers targeting specific organizations for monitory gain or other ulterior motives. APT typically is an extended activity involving sophisticated techniques that exploit vulnerabilities in an organization
- Adware: Adware is generally associated with free programs and apps that display advertisements to users to generate revenue for its author. Often adware is able to identify the Internet sites visited by users and render ads that relate to the user’s search and surf habits. Adware that has malware is referred to as Malvertisement.
- Application layer attacks: An application layer attack is a form of denial-of-service (DDoS) attack where attackers target a specific application to make it unavailable to its users. DNS Flood is an example of application-layer attack whereby a Domain Name Server is overwhelmed with more requests than it can handle, effectively making it unusable.
- Attack vector: An attack vector is a path taken, by a hacker, to gain access to a computer or network server to access its resources, or deliver malicious software.
- Bot: A bot, short for web robot, is a software application that runs automated tasks over the Internet. Bots help complete repetitive tasks on the Internet (e.g. web crawling for indexing purposes) at rates much faster than humans. Mostly bots are used for good purposes.
- Botnet: Though botnets (robot networks) have come to be associated with DDOS attacks, in reality they are just a network of computers on the Internet communicating with each other to complete repetitive tasks. When used maliciously, they form a network of compromised computers acting as bots to participate in a DDOS attack, often without the knowledge of the actual owner of the computer.
- Black-hole: The process by which incoming or outgoing traffic within a network is quietly discarded without notification to the sender/source. This is a technique adopted in responding to DDOS attacks to ensure malicious traffic does not reach the intended destination. The downside is that good traffic also gets blackholed in this process.
- Browlock: Short for browser-lock, this is a less aggressive variant of ransomware. Browlock prevents a user from closing the website that they are currently on. Messages are then displayed to the user indicating that they have violated the law and have to pay a fine to law enforcement authorities. Users who browse pornographic sites are often vulnerable to this trick.
- Backdoor: A method designed to bypass standard authentication process in a computer system or network. Backdoor access can be achieved through purpose-built programs or super-access privileges included as part of the design. US Government requesting for backdoor access to encryption systems is an example.
- BYOD: Bring your own device in itself is not a security term. However, the impact of unauthorized mobile devices accessing and sharing corporate data is a huge concern for network security advisors.
- Bruteforce attack is a password guessing technique that uses a trial and error approach. In this model, perpetrators use automated software to go systematically through series of guesses to break password and PINs. Due to the very cumbersome nature of this technique, this works better at guessing short and simple passwords. A “Dictionary Attack” is another password guessing technique where, using software, every word in the dictionary is tried as a password.
- Black Hat: Hackers, who break into computer networks to steal, disrupt, or destroy data that they are not authorized to access are referred to as Black Hat hackers. Motivations could include monetary gain, hacktivism, and espionage. Ethical hackers (the good guys) would fall into the White Hat category.
- Cipher: A secret or disguised way of writing – a code.
- Crypto-Ransom: A technique that is used by hackers to force users to pay a ransom to avoid files on their computer being deleted. The bad guys access computers through malware and/or botnets and encrypt important data that can only be decrypted using private keys stored on the perpetrator’s control servers. Payments have to be made using untraceable methods like Bitcoin.
- Command & Control: A term that refers to the infrastructure that is used to manage, control, and initiate actions through/from malware infected computers. Malware in a breached computer can stay dormant until a request for action is generated from the remote command and control server or program.
- Content Vectoring: A feature associated with firewalls that is used to redirect data to a filtering system where it is examined for viruses and other malware before it is forwarded to users.
- Certificate Authority: An entity or organization that issues digital certificates – electronic documents – that identify an individual, a company or a server on a network. A combination of public keys (publicly shown in digital certificates) and private keys (known only to the owner) ensure that unauthorized people do not have access to the data.
- Cyberattacks: A term that refers to offensive techniques used by individuals or organizations against computer networks, information systems, or personal computers. The perpetrators’ intentions may include stealing, destroying or disrupting flow of critical data traffic and information vital to businesses and individuals.
- DDoS: A Denial of Service (DoS) is a technique used by cybercriminals to overwhelm computer systems and networks by generating traffic volumes far above what the systems are designed to handle. The “Distributed” part of DDoS refers to the thousands of compromised computers/IP addresses that knowingly or unknowingly become participants in the attack.
Image courtesy of Boykung at FreeDigitalPhotos.net