Cyber Security Jargon Buster

Cyber Security

Generally, the term refers to the security deployed to protect information that is stored on computers. Depending on context, it can also be used to describe those actions aimed at preventing and detecting attacks on systems from external parties.

Social Engineering

This is a non-technical method used by hackers to trick people into breaking their normal security procedures or to get people to disclose information to them by pretending to be somebody they are not. Social engineers take advantage of human nature, particularly our weaknesses, to get us to divulge information we would not normally give to a stranger or to do something that causes malware to be downloaded onto our computer.

Spoofing

This is when the sender of an email edits the “From” address to make it look like it came from somebody else. Most of these are just a nuisance but there are also the insidious ones, where the sender is purporting to be somebody you regularly deal with and looking for sensitive information, or is requesting that you to carry out a particular task (e.g. money transfer). The Reply-To address may be very similar to the legitimate one you are familiar with and the Spoof might not be obvious on first glance.

Phishing

A phisher uses an email to entice its recipient to click on a link or to fill out a form or to open an attachment. In the past, phishing was usually recognisable by the use of poor English but today they are much more sophisticated. Phishing emails look like they are coming from a legitimate source and clicking on the link it contains could cause malware to be downloaded onto your computer. Some phishing emails ask for a form to be filled – they are looking for personal information / bank account details / credit card details / etc. Completing these forms are likely to lead to your account being compromised.

Vishing

This is the use of a telephone call to attempt to scam the victim into revealing private information that will be used in identity theft. The scammer usually pretends to be a legitimate business and fools the victim into thinking that they will profit or lose something if they do not take immediate action.

Spear Phishing

Spear phishing is an email-spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information.

Watering Hole

In this attack method the target is a particular organization or group; the attacker observes or learns the websites the organization often visits and infects one or more of them with malware. The next time the target visits the watering hole (website) and clicks on a legitimate-looking link they unwittingly download malware.

DDoS

Distributed Denial of Service. This is a form of electronic attack involving multiple computers (usually compromised) which send repeated requests or pings to a server to load it down and render it inaccessible for a period of time.

The Cloud

The term “cloud” comes from early network diagrams, in which the image of a cloud was used to indicate a large network. Today it simply refers to computing resources that are physically remote from the user. Usually hosted in a high specification data centre.

Penetration Test

Often referred to as Pen Test, this is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit.

Intrusion Prevention System (IPS) 

IPS is a network security technology that examines network traffic flows and prevents unauthorised access to systems and information.

Intrusion Detection System (IDS)

IDS was originally a technology used to detect whether an attacker has or has attempted to gain unauthorised access to computer resources. It is now generally included in IPS solutions.   

DMZ (De-Militarised Zone)

This a physical or logical sub-network that contains and exposes an organization’s external-facing services to an untrusted network – usually a larger network such as the Internet. An external network node can access only what is exposed in the DMZ, while the rest of the organization’s network is firewalled. If its design is effective, it allows the organization extra time to detect and address breaches before they can further penetrate into the internal network.

Firewall

The device that monitors and controls traffic to and from a network.

Vulnerability

A flaw or weakness that can be exploited to attack a system or organization.

Malware

The software that is specifically designed to disrupt, damage, or gain authorized access to a computer system.

Spyware

Malware that passes information about a computer user’s activities to an external party.

Integrity

In the context of computer systems, integrity refers to methods of ensuring that data is real, accurate and safeguarded from unauthorized user modification.

Two Factor Authentication (2FA)

A higher level of access control that requires the user to KNOW something (e.g. a username and password) and to HAVE something (e.g. a fob). A common example of this is receiving a code on your smartphone when logging into a remote system (e.g. banking); you need to HAVE the phone to gain access.

BYOD (Bring Your Own Device)

A practice whereby an organisation encourages its employees to use their own device (smart phone / tablet) for business purposes. Originally thought to increase employee use of technology and to reduce costs.

Encryption

This is the process of encoding a message or information in such a way that only authorized parties can access it. An authorized recipient can easily decrypt the message with the encryption key provided by the originator.