written by
Greg

Cybersecurity Basics Glossary

Information Management 7 min read
Photographer: Markus Spiske | Source: Unsplash

Cybersecurity is the practice of protecting electronic information by mitigating information risks and vulnerabilities. It involves the use of security tools, policies, and procedures to protect against unauthorized access, use, disclosure, alteration, or destruction of data. Cybersecurity is important for businesses, governments, and individuals to protect their electronic information from cyber threats.

Here are some terms to help you know more about the terminology used in the cybersecurity realm.

What is a cyberattack?

A cyberattack is a malicious act that is carried out remotely, often through the use of a computer network. The purpose of a cyberattack can be to steal information, sabotage systems, or simply cause disruption. Hackers are the most common perpetrators of cyberattacks, but they can also be carried out by criminals, nation-states, or activists.

What is a cybercriminal?

A cybercriminal is a person who commits crimes using a computer or other device on the internet. They may use their computer to steal information, commit fraud, or spread viruses. Cybercriminals can be difficult to catch because they often use special software to hide their identity and location.

What is the threat landscape

The threat landscape is a term that refers to the current state of threats that exist to a particular system or environment. This can include both known and unknown threats, as well as the potential severity of those threats. The threat landscape can change over time as new threats are discovered, and it's important to keep track of these changes to ensure that your system remains as protected as possible.

What are attack vectors?

Attack vectors are pathways that attackers use to exploit vulnerabilities in systems. There are many different types of attack vectors, including exploits of system vulnerabilities, social engineering attacks, and malware infections. Attackers use these pathways to gain access to systems and data, which they can then use for malicious purposes.

What is a security breech?

A security breach is an incident in which unauthorized access to data or a system occurs. This can include unauthorized access to data, systems, or networks, as well as the theft or loss of data. Security breaches can occur through a variety of means, including malware attacks, phishing schemes, and social engineering. They can also be the result of negligence or poor security practices on the part of employees

What are Social Engineering attacks?

Photographer: Austin Distel | Source: Unsplash

A social engineering attack is when a hacker uses deception to exploit the trust of an individual or organization in order to gain access to information or systems that they would not otherwise have access to. Social engineering attacks can take many different forms, such as phishing emails, phone calls, or even in person interactions. The goal of a social engineering attack is to trick the target into revealing sensitive information or performing actions that will provide the hacker with access to sensitive systems.

What is a browser attack?

Browser attacks are malicious attacks that exploit vulnerabilities in a web browser. These attacks can allow an attacker to execute arbitrary code, steal user information, or hijack the user's session. Common browser attacks include cross-site scripting (XSS), cross-site request forgery (CSRF), and clickjacking.

What are password attacks?

In computing, a password attack is a type of method used to gain unauthorized access to a system or account by guessing the password. There are several different types of password attacks, but the most common is the dictionary attack. In a dictionary attack, the hacker uses a list of common passwords and tries them one by one until they find the correct one. Other types of password attacks include the brute force attack and the social engineering attack.

What are data breaches?

A data breach is a situation where unauthorized individuals gain access to sensitive or confidential information. This can include things like credit card numbers, social security numbers, or medical records. When this information is accessed, it can be used for identity theft or other malicious activities. Data breaches can occur through a variety of methods, such as hacking, email scams, or stolen laptops.

What is malware?

Photographer: Ed Hardie | Source: Unsplash

Malware is a type of software that is designed to harm or disable computers and computer systems. Malware can include viruses, spyware, Trojan horses, and worms, and can be used to steal data, passwords, or financial information, or to damage or disable computers and computer systems. Malware can be spread through email messages, websites, and social media channels, and can also be installed through malicious software programs.

What are malware propagation mechanisms?

Malware propagation mechanisms are methods by which malware is spread from one computer to another. There are many different ways that malware can spread, and each method has its own advantages and drawbacks. Common methods include emailing infected files, embedding malicious code in websites, and exploiting security vulnerabilities. Some malware can also spread through network shares and removable media drives.

What is a computer virus?

A computer virus is a type of malware that, once installed on a computer, can spread to other computers and devices connected to that network. Viruses can cause all sorts of damage, from slowing down your computer to crashing it entirely. They can also steal your data or passwords, or even use your computer to launch attacks on other networks.

What is a computer worm?

A computer worm is a type of malware that is designed to spread from one computer to another, without the need for user interaction. Worms can exploit vulnerabilities in the operating system or network infrastructure, and can propagate quickly across networks. They are often used to deliver payloads, such as ransomware or spyware, or to steal data.

What is a computer trojan?

A Trojan horse is a type of malware that tricks users into installing it by appearing to be something else. Once installed, it can do anything from stealing your data to logging your keystrokes to taking over your computer. Trojans are one of the most common types of malware, and can be very difficult to detect.

Malware Payload

Malware payload is a code that allows an attacker to take control of a computer system. The payload can be anything from a simple program that allows the attacker access to the system, to a more complex program that can steal data or damage the system. The term "payload" is used because the code is often delivered to the victim in a way that allows it to go undetected (e.g., as an attachment to an email or as part of a web page).

Types of Payloads

Ransomware

Ransomware is a type of malware that encrypts files on a user's computer and then demands a ransom payment to decrypt them. The ransomware typically displays a message informing the user that their files have been encrypted and that they need to pay a ransom to unlock them. Ransomware can be very costly for businesses, as it can damage or destroy critical data and disrupt business operations.

Spyware

Photographer: Michael Geiger | Source: Unsplash

Computer spyware is a type of malware that is installed on computers without the user's knowledge or consent. Spyware can be used to track the user's web browsing history, steal personal information, or even remotely control the computer. Spyware can be very difficult to remove, and can often cause problems with the computer's performance or stability.

Backdoors

A computer backdoor is a method of bypassing normal authentication procedures in order to gain access to a computer or network. These backdoors can be installed by attackers or system administrators with malicious intent, or they can be inadvertently created as a side effect of software vulnerabilities. Once a backdoor has been installed, it provides a means for unauthorized individuals to gain access to the system, often without leaving any detectable traces.

Botnets

A Botnet is a network of private computers infected with malicious software and controlled as a group without the owners' knowledge or consent. The term derives from robotics and refers to the use of robots or computer programs to carry out tasks.Botnets are often used to send spam, distribute malware, attack computers and networks, or steal sensitive data.

What is Multi-factor Authentication

Multi-factor authentication is a security process that uses multiple factors to verify the identity of a user. These factors can include something the user knows (a password), something the user has (a security token), or something the user is (a fingerprint). Multi-factor authentication provides an extra level of security by requiring more than one piece of information to verify a user's identity. This makes it more difficult for someone to hack into a system or steal someone's login credentials.

tech tips