There are many cybersecurity terms that are used to describe cybersecurity concepts, but not all of them are familiar to everyone. If you need a refresher on some standard cybersecurity terms, this article is for you.
This article defines 101 cybersecurity terms using clear language and concepts. Whenever possible, the definition will include a real-world example or analogy to make it easier to understand. Definitions can vary based on context or perspective, so each term's description may have different connotations depending on your background knowledge.
That being said, the examples provided in this list should provide enough information to help anyone understand what these words mean. After reading this article, you will have a general understanding of today's most common cybersecurity terms that will help you build the foundation of your cybersecurity knowledge. Let's begin!
Access control is the act of regulating who, or what, is allowed to access specific information. The goal of access control is to ensure that only authorized people can gain entry into the system and that they are not able to do anything malicious once they get in.
Example: When you log into your email on a computer, you will notice that there is usually some form of "Submit" button. This typically indicates an area where information needs to be inputted before you are given access to your account. This type of mechanism is an example of access control because it gives people permission to access the email system only if their credentials are correct.
An asset is anything that has value to the organization. Assets can range from physical objects, like desks or servers, to more abstract concepts, like data about customers.
Example: If your business has a server that contains all of its accounting information on it, this would be an asset because it has value to the company.
Authentication is confirming who someone is based on their identity. This typically involves asking for some kind of credentials or proof before allowing access to resources or further activities.
Example: When you use your credit card at a restaurant, authentication occurs during the payment process . The waiter will usually ask for your name and then type it into a dedicated terminal before verifying that you are authorized to pay for your meal with the company's credit card.
Authorization is a process that allows someone or something to have access to specific resources after their identity has been confirmed through authentication. This is typically done by verifying permissions and privileges, which are granted based on an individual's role within the organization. For example, a manager may have permission to approve expense reports but an assistant would not.
Example: After your credit card has been authenticated, it can be authorized for use at a restaurant as long as you have the proper permissions associated with your account.
Backup is a process that creates a copy of data that can be used to restore information if something happens to the original. This is typically intended as a way to help prevent data loss by creating copies in secondary locations.
Example: Tony's PC crashes and his files are lost, but he has been backing up his computer regularly so he has no problem restoring everything from his latest backup.
A blacklist is a list of things that should not be allowed into or through an area. It is typically comprised of unwanted people or objects and is often associated with security systems. For example, some schools give parents the option to put their student's names on a "blacklist" that would not allow their children to go on certain field trips.
A bug is a software problem that causes an application or system to malfunction in some way. This term often includes problems that are security related but can also be used more generally for any type of issue.
Example: A flaw was found in the code for Tony's company's new app because it allowed anyone with the right password to access his account. The engineering team had to fix these bugs before putting it up on the App Store again.
Cloud computing is a service provided over the internet that offers resources, including hardware and software, as if they were being accessed locally. Instead of purchasing expensive equipment, companies can purchase or lease resources from cloud computing providers.
Example: Tony's startup company only needs a few extra servers when they are in the planning stages, but buying them would be too expensive. They decide to use cloud computing instead so that they can have access to the necessary equipment without needing to have it all onsite.
A cracker is an individual who breaks into systems with malicious intent. This term is often used synonymously with hacker, but it does not necessarily have a positive connotation like "hacker" can. The word "crackers" was made popular by Steven Levy's 1984 book about hackers called "Hackers."
Example: Tony's company accidentally opened themselves up to a cracker attack when they made the "forgot password" option on their website too easy to guess.
A cyberattack is any type of malicious activity that interrupts, damages, or takes control of computers or computer networks. These can take many different forms and range from relatively simple attacks like spamming to very complex operations like espionage.
Example: Malware is one of the most common types of cyberattacks.
Cybersecurity is the protection of computer networks and systems from digital attacks. This includes protecting users, hosts, and other machines on the network as well as any information stored within those networks. There are many different ways to protect a network, and cybersecurity professionals work to choose the best methods for various situations.
Example: Tony uses several different types of cybersecurity software on his devices to help protect him from cyberthreats.
A distributed denial of service attack occurs when multiple systems flood the bandwidth or resources of a targeted system, which prevents legitimate users from being able to access it. These are often carried out by botnets, which are networks of computers that hackers have gained control of and can use to coordinate attacks.
Example: Tony’s company’s website experienced downtime for five hours over the weekend because they had been targeted by a DDoS attack that overwhelmed their defences.
A digital certificate is a unique code used to verify the identity of an individual, business, or other entity. These are verified by trusted organizations like VeriSign and then stored in a central database. Digital certificates can be issued for secure email (S/MIME), web servers (HTTPS), and many other common programs and protocols.
Example: Tony has to install a new digital certificate on his computer before he can access the company website. This is part of their cybersecurity measures to prevent unauthorized users from accessing information they shouldn't have access to.
DLP refers to software or systems that help monitor and detect data leaks so that they can be stopped or contained. DLP systems are capable of checking a variety of different types of data and can frequently identify issues before they lead to a leak.
Example: Tony regularly reviews logs from his DLP software to make sure that the data on his computer is secure at all times.
A denial of service attack is any attempt to make a machine or network resource unavailable to users. This can take many forms, but the end goal is always the same: preventing legitimate access until the attack is over. These can be much more complex than simple DDoS attacks and frequently involve malware like botnets.
Example: The website for Tony's company was hit with a DOS attack right before they were going to launch their new product. They had no choice but to delay the launch because legitimate customers would not be able to access the company’s website under those conditions.
An encryption key is a string of numbers and/or letters used to encode information so that it cannot be understood by anyone without the key. Encryption can be used to protect anything from small pieces of data like passwords to entire hard drives and servers.
Example: Tony uses an encryption key when sending sensitive information through his email so that it is secure even if it's intercepted while in transit.
A firewall is any device or software program that controls the incoming and outgoing connections of a network. Firewall rules can be created to filter traffic based on IP addresses, port numbers, time of day, or any other common method used to identify where data is coming from or going to.
Example: Tony configured his firewall so that only certain types of traffic are allowed on specific days and times. This helps to prevent unauthorized access to his computer when he isn't around.
IaaS is a cloud computing service model in which customers are provided with basic infrastructure like servers and storage for their applications and data. The customer then configures the features and manages all software and settings themselves.
Example: Tony uses IaaS instead of having to maintain his own servers in-house because it offers all the benefits of owning your own infrastructure without any of the downsides or costs.
An insider threat is a malicious threat that comes from an employee, contractor, business associate, or other trusted individual with access to an organization's information or network. These can often go unnoticed for long periods of time until someone discovers the irregular activity they've caused.
Example: Tony has become suspicious that one of his employees, Sophia, is an insider threat and is causing regular problems on their network. He alerts his cybersecurity team who determine that she has installed ransomware on several servers and is now demanding payment in bitcoin.
An intrusion prevention system is any hardware or software product designed to detect and prevent attempts at unauthorized entry into a network or system. This includes DDoS attacks, malware, phishing scams, and many other common cyberattacks. Once detected, it can attempt to block these malicious users from accessing data or using the network.
Example: Tony is concerned that his company's website will be targeted by a DDoS attack, so he installs an IPS to help protect it against future intrusions.
An ISP is any organization or business that provides users with access to the internet. This can include traditional companies like Comcast and Time Warner Cable as well as cellular carriers like Sprint and T-Mobile. ISPs are often also web hosting providers.
Example: Tony needs high-speed internet for his home office but isn't satisfied with his current service plan, so he switches to an ISP that offers faster speeds at a lower cost.
A patch is a file update for software programs, designed to update, fix, or improve the system's security. Patches are released whenever a cybersecurity vulnerability is discovered in a piece of software and hackers begin to exploit it before its creator can develop a fix.
Example: After being notified by his ISP that there is a critical patch available for the computer in his home office, Tony updates all of his software so that he is protected from attackers.
Patch management is the process of identifying vulnerabilities in software, creating patches for them where necessary, and then distributing those patches to computers or networks. This often involves testing the patch on a test system before rolling it out.
Example: Tony's cybersecurity team ensures that his company is fully up-to-date on all critical patches so that they are never exploited by hackers. They also have backup plans in place should any patch create new problems instead of fixing old ones.
Phishing is an attempt to acquire sensitive information like usernames, passwords, credit card details, social security numbers, and/or other personal ID through deceptive tactics disguised as legitimate communication from a trusted organization or individual. These attacks are done using emails, text messages, and/or phone calls.
Example: Sophia is trying to gain access to Tony's home office. She decides to send him an email that seems like it came from the company IT department asking for his login credentials.
A restore is the process of undoing changes made to a computer or network after it has been compromised by dangerous intruders or malware. This can include restoring deleted data and undoing system changes that were made as well as updating software back to its original state before any infections occurred.
Example: Tony's cybersecurity team restores all of the data on his company servers so they are exactly how they were before the ransomware attack.
Ransomware is a type of malware that blocks access to a computer system and demands payment in order for the blocks to be lifted. This can include all types of personal information or just specialized information like photos, videos, or documents.
Example: Jane's home office gets infected with ransomware after she clicks on an email link but fortunately her data was backed up in the cloud earlier in the day. She contacts her cybersecurity team who helps restore her files from backup. Because Jane didn’t have any sensitive personal or customer data saved in those files she doesn't have to pay the ransom fee.
Sniffing refers to monitoring the traffic being sent over a network in order to capture packets moving through it without detection by the network's owner.
Example: Sophia tries to gain access to Tony's home office by sniffing his wi-fi connection but he has already set up protection against this type of attack through WPA2 encryption.
Spoofing is when someone submits false information in an attempt to gain unauthorized access or privileges on a website, system, or network. This could include submitting false credentials for the purpose of accessing resources or attempting to trick users into installing malware by displaying illegitimate messages as if they came from trusted sources.
A spear phishing email is similar to normal phishing emails with one major difference - it uses details about its target that are specifically tailored to increase the likelihood it will be successfully received and acted upon. This information can be gathered through various methods but often involves social engineering tactics.
Two-factor authentication is an additional safety measure that requires users to submit two pieces of evidence in order to gain access to their accounts, devices, or systems instead of just one. The first piece is typically something you know like a password or PIN while the second piece is something you have like a physical token or biometric identifier.
Two-step authentication is when users are required to submit two different proofs in order to gain access instead of just one. Similar to traditional 2FA, they are both pieces that you have - something you have and something you know.
Example: Sophia tries to gain access to Tony's home office but he only allows entry after two-step authentication is enabled. The first piece of evidence is something he has, usually a physical token device that must be inserted into his computer or phone in order for him to access the second piece of evidence, which is something he knows like a password or PIN.
Active Directory (AD) refers to an integrated directory service - typically implemented using Lightweight Directory Access Protocol (LDAP) - that helps manage devices and users on Windows networks. It can help keep track of individual properties like username, title, department name, location information, date/time stamp when they joined the company, etc. AD also stores group information like memberships, email aliases for distribution lists, etc.
Example: Jane is the new employee for Company X and she is added to their internal directory of users which helps keep track of her personal information including what department she's in, her job title, office location, etc. Employee directory services also keep track of group membership where Jane can be assigned access to certain projects or files based on her departmental affiliation.
WPA2 is a WiFi security protocol that uses AES encryption to protect against packet sniffing by utilizing four distinct keys for authenticating users - one key pair for communicating with the access point and another for client-to-client communication, which is optional. This was developed in response to the vulnerabilities found in WEP, which used RC4 encoding that could be easily cracked within a few minutes or less.
Example: Tony's cybersecurity team adds a new firewall rule through WPA2 protection to block all incoming traffic from Sophia's device since it has been compromised. They also help him update his webcam software so she can't access it again.
WEP - Wired Equivalent Privacy - is a WiFi security protocol that was first adopted by the IEEE in 1999 to help secure wireless networks. It uses RC4 for authentication and data encryption, which is why there are only three main components (instead of four like WPA2) including an initialization vector (IV), data encryption key (DEK), and integrity check value (ICV). Unfortunately, its design was flawed due to the use of weak IVs that are easy to predict - allowing attackers to easily access unauthorized systems without being authorized.
Example: Tony's cybersecurity team adds a new firewall rule through WEP protection to block all incoming traffic from Sophia's device since it has been compromised. They also help him update his webcam software so she can't access it again.
Unauthorized access refers to the act of gaining illegal entry into a device, system, or network. Spoofing someone's identity to gain access is also known as social engineering.
Example: Sophia tries to spoof Jane's identity by sending herself an email pretending to be her with instructions for Tony to add her WPA2 passcode during the holiday party. This would give her unauthorized access to their network, which she can leverage for other attacks.
A virtual private network (VPN) allows you to create a secure connection to another location and access resources as if you were actually there. The other computer sees your connection as an incoming connection from the VPN server and not as a private or external address. The two most common forms of VPNs are remote-access VPNs and site-to-site VPNs. Remote access routers, which connect directly to the Internet, let users work from home or on the road using their own laptops and desktops. Site-to-site VPNs connect two corporate networks together over a public medium to give employees access to their company's intranet.
Example: Often companies let users establish these connections from home or on the road via a VPN client software. However, there are security risks involved if it's not set up correctly. A VPN client on your home computer lets you access shared files, email and apps that are located on a vpn server at work.
virus is malware embedded inside another legitimate program without the user's knowledge that could: 1) replicate itself using a host file or program; 2) spread throughout different types of media (e.g., USB); 3) perform unwanted actions on personal computers and networks; 4) possibly collect private information. Viruses often have the potential to become a security risk if someone clicks on a file that has been attached to an email, downloads it from a website, or opens one from another location.
Example: Tony's cybersecurity team finds a virus hidden inside Sophia's document that is disguised as her resume on his computer.
Vishing is typically done through VoIP (Voice over Internet Protocol) technology where users interact with attackers pretending to be legitimate companies like banks and credit card issuers via phone calls. They attempt to lure targets into giving up credit card information, personal information, and account credentials.
Example: Tony's cybersecurity team installs a vishing detector that can tell if any of his employees are falling prey to Sophia's vishing attempts. She tries phishing their accounts by calling them about an issue where they have been locked out of their system, but he alerts his staff right away so she doesn't get anything from them.
A vulnerability is a flaw or weakness in design, implementation or internal control of a system that could be exploited by a threat source (e.g., hacker). A security risk becomes an exposure when it is not properly mitigated against with safeguards like encryption which prevents unauthorized access - often due to the fact that there are no security controls to mitigate the risk - which can create a potential threat.
Example: Tony's cybersecurity team discovers that Sophia is trying to gain access into his system by exploiting vulnerabilities on his home webcam software. They update the software so she cannot exploit it again, but they also deploy new decoy systems for her to hack into instead.
A whitelist is a list of acceptable input or behavior that an application will allow before considering it potentially malicious (e.g., spam). It is the opposite of a blacklist (which is considered more susceptible to false positives). The most common use case for whitelisting is in anti-virus programs where updates need to be manually approved by users or administrators before they can be installed.
Example: Tony's team whitelists his alias so he doesn't have to go through the hassle of dealing with Sophia every time she tries to gain access into his system. They've taken care of everything for him so he never needs to deal with her again, unless there is an issue with cybersecurity on his end.
Software that performs the job of protecting the computer from various forms of malicious software (e.g., viruses). It usually does this by scanning all incoming network traffic and files for things like viruses, spyware, adware, ransomware, keyloggers, worms and other malware that an attacker could use against it or its users.
Example: Tony's cybersecurity team deploys an anti-virus software on his system to keep up with Sophia's constant attempts at breaking into his computer. They scan all files for security issues and send any findings back to the department for analysis.
A specific type of anti-virus (anti-malware) product that has a suite of tools to protect users from a variety of threats including viruses, spyware, rootkits, Trojans, worms and other types of malware. It usually does this by scanning all incoming network traffic and files for things like viruses, spyware, adware, ransomware, keyloggers, worms and other malware that an attacker could use against it or its users.
Example: Tony's cybersecurity team deploys an antivirus software on his system to keep up with Sophia's constant attempts at breaking into his computer. They scan all files for security issues and send any findings back to the department for analysis.
A persistent attempt by attackers of breaching an organization's information security defenses and gaining access to sensitive data or systems - often over a period of months or years. It is not new, but organizations and government entities continue to be surprised by hackers' tenacity after they breach their firewalls and other security measures that would typically repel them from gaining access in such a short time frame.
Example: Tony's cybersecurity team implements a new set of policies and procedures to prevent Sophia from breaching his system after she managed to break into it again. They also add a script that scans for any APT attempts that may be linked to her access point.
A process or set of procedures which describes how an organization would continue critical functions in the event of a catastrophic event, loss of connectivity or other key disruption which could potentially damage an organization or its ability to function.
Example: Tony's team has a business continuity plan in place should anything happen to their main datacenter - including if his office building were ever attacked by a terrorist group like he suspects Sophia is responsible for. He was required by law to have this plan in place, but he wishes he could have prevented this breach altogether.
A security measure to monitor for suspicious or malicious activity by examining things like network traffic, users' keystroke frequencies and reading patterns of users who are authenticated with access privileges to sensitive data.
Example: Tony's team has different analysis programs in place to monitor his behavior - including his terse phrases and sudden changes in behavior on the web which seem out of character given his usual descriptions on social media. They suspect it might be an indication that something is wrong and continue their investigation even after Sophia managed to break into his system.
A cryptography algorithm that breaks up plaintext messages blocks of fixed size, applies a set of mathematical transformations to them and then reassembles the pieces after they are encoded into ciphertext. They are generally the simplest type of encryption algorithm, but many experienced hackers have found ways around these types of algorithms in order to steal data through brute force attacks or breaking more complex algorithms with enough time and resources.
Example: Tony's cybersecurity team recently added a new block cipher to his system which is theoretically impossible for Sophia to break given its level of difficulty - even if she managed to get her hands on the decryption key. He knows it may be a while before he becomes wiser about this issue, but at least he can rest easy knowing that no one will know his secrets until then.
A network of private computers infected with malicious software which can be used to attack larger networks. They are formed by "slaving" the individual hacked machines into a botnet so that they can communicate with each other and perform commands sent from a central controller - often without their owners' knowledge.
Example: Tony's cybersecurity team tries to determine whether his machine is part of a botnet, but it becomes much harder when he keeps encrypting his traffic in an attempt to hide it. Eventually, they are able to determine that Sophia may have access to one or more bots she could use against them at any time.
Unreadable data because it has been encrypted using cryptography measures like an algorithm or cipher. They are generally decoded through methods like one-time pads or using brute force attacks on weaker algorithms.
Example: Sophia manages to encrypt Tony's entire system, rendering it unusable until she decrypts the ciphertext so his team can figure out what she did to get in and stop it from happening again.
A hacking tactic which tricks users into clicking something different than what they think by hiding the real link behind another visible link - often used in phishing scams.
Example: After Tony's cybersecurity team figures out that Sophia is responsible for the breach, they warn him not to click any links that seem suspicious or attempt to login through any site other than his bank since she may have set up clickjack traps in case he tried anything like that.
A branch of cybersecurity that focuses on protecting a company's computer networks from outside threats - often by creating countermeasures to find and stop attacks from hackers before they do any harm. It is often practiced by placing restrictions on what employees can do, using programs to monitor network activity for suspicious activity and other important measures to control what happens online.
Example: Sophia knows that Tony's cybersecurity team has access to CND tools that she doesn't, which will make it much harder for her to break into his system again if he figures out the extent of the damage she caused. She decides it may be safer for her to call off this fight until she can acquire these resources herself so she doesn't suffer a humiliating defeat.
A function which is used to encrypt and decrypt a message using a key and an algorithm. Since there are many different kinds of ciphers, some have been found to be more secure than others depending on their use - making them easier or harder for hackers to break into.
Example: Tony's cybersecurity team decides it might be best if he installs this software as soon as possible so they can cipher his data with this powerful new algorithm which isn't available anywhere else yet. They know it will take years before Sophia learns how to figure out what they did based on the code alone since it's such a sophisticated protocol that she will probably believe she was hacked again like last time until then.
A company's critical infrastructure is its most vital elements that are needed to keep the business running. They can be anything from computer systems, communications networks, buildings and other physical structures, but they are often targeted by cybersecurity experts who want to make sure they don't fall into the wrong hands.
Example: Tony's cybersecurity team investigates whether Sophia hacked his critical infrastructure in an attempt to gain access to this new malware delivery system she may have started using recently. Since she built it herself based on leaked code from the NOC (Network Operations Center), they begin searching for signs of infiltration or damage which could cause serious problems if left undetected.
A system that identifies software flaws which can be used by hackers to break into a computer, smartphone or other device to steal data or gain control of it remotely. It is updated regularly as new vulnerabilities are discovered, which also makes it important for companies like Tony's to stay on top of software updates since bugs and loopholes often get patched this way - especially after high profile attacks like the one Sophia made against the DNC last year.
Example: After hearing about all the threats Sophia poses from his cybersecurity team who know more about these issues than he does, Tony decides it would be best if they made sure CVE was installed on all their devices so everyone in his office will be more prepared if she ever tries something like that again.
The science of encrypting and decrypting information between an authorized user and the software they are using through ciphers. It's too complicated for most people to understand how it works in detail, but these mathematical formulas can also be used for other purposes by cybersecurity experts depending on the algorithm used.
Example: Tony thinks about whether or not Sophia will hack him again since she has come up with some really clever ways of doing this over the past year. He decides he wants to start encrypting his data with this software so she can't figure out what he's saying even if she manages to break into the system again before his cybersecurity team takes more precautions.
A rapidly growing environment where different kinds of devices are connected to the internet together to make it easier for them to communicate with each other, both on a local and global scale. This allows cybersecurity experts to do some pretty amazing things when they aren't worrying about an endless stream of new threats that are constantly evolving thanks to Sophia's efforts.
Example: Although Tony is not very good at this kind of thing, he has heard that his city is everyone's ecosystem now since more companies are coming in every day. He decides it would be best if he asked his CIO (Chief Information Officer) if their cybersecurity team can start using this new protocol soon since Sophia might try another attack on him like last time.
The act of spying on someone online by hacking into their computer systems or mobile devices to retrieve sensitive information that can be used against the owner in one way or another. It's different from cybergossiping, but cybercrime is often done for fun too depending on who the hacker is and what they are trying to accomplish.
Example: Tony's cybersecurity team notifies him that his computer has been hacked again and that cyberespionage is taking place.
Two or more teams of people working together to launch cyberattacks against a certain target, either as part of their job or as a hobby. They usually do this for fun through the internet and don't intend to cause serious harm unless they are hired by businesses as part of an APT (Advanced Persistent Threat) attack, but it's difficult to tell these kinds of groups apart from one another since cybercrime can be so profitable.
Example: Tony decides to ask his CIO if they should hire some new cybersecurity team next year since Sophia might take this too far and try to harm them or their reputation in cyberspace as a whole, which could result in other companies thinking about doing the same thing against them.
An incident where unauthorized access to private data is obtained by an individual or group of people, usually through hacking or espionage, which could lead to serious problems for everyone involved if the perpetrator isn't caught before they do anything malicious with it - especially when this information contains personal information related to millions of innocent people who aren't involved with this latest attack.
Example: Tony and his cybersecurity team notify everyone in the company that there is a data breach in progress, and that they need to report anything suspicious occurring on their personal devices immediately since it might be related to the hack.
The state of having excellent or reliable data when it is not being tampered with by someone else, which means the receiver of the information still trusts the sender for when they are sending vital updates or important news to them through cyberspace.
Example: Tony wonders about the data integrity of his company's database after seeing several wrong data values.
The act of collecting information from different sources without breaking any laws or regulations when it comes to how companies or individuals are allowed to use it. This usually involves their online history or personal information that they have willingly given away on social media, which is then used by companies for marketing purposes without the user's direct knowledge of what their data has been turned into.
Example: Tony hears people talking about how companies have started using data mining techniques to get more accurate customer demographics, but he isn't sure if that is exactly ethical or not.
The analysis of electronic data to determine how it happened and who was responsible for causing damage to someone's computer system or mobile device. This can occur after a data breach has occurred, but it only happens when the perpetrator hasn't done anything to hide their tracks through encryption or other methods.
Example: Tony's cybersecurity team is trying digital forensics in order to find out who hacked into the computer systems at his company last night.
The act of hackers taking control over users' personal devices without their knowledge, either using phishing techniques or by tricking them into downloading a virus onto their computer or mobile device. These usually occur when people visit adult websites, but the hackers disguise it as an advertisement that seems safe to click on at first, and then things go downhill from there.
Example: Tony's mother says that she got a drive-by download once while trying to visit a news article after seeing it on social media, but she didn't know that this was possible at all.
The act of changing data into a certain form so that only the right people are able to read it without anyone else figuring out what is being said. This might be used in espionage tactics or other forms of cybercrime that are designed to keep the evidence hidden for as long as possible, which is much more difficult than it sounds.
Example: Tony's cybersecurity team has been trying to figure out how the encryption on their database works since they found an encrypted file in there, but they don't think that any of them know enough about this process yet.
The act of listening in on someone else's conversation without their knowledge or consent, either through audio or video surveillance. This might actually be legal if someone is in public, but it becomes illegal if they are in someone else's home or business that is not meant for everyone to see.
Example: Tony sees the IT guy walking around with earbuds in his ears and wonders if he can eavesdrop on conversations using them since he walks past a lot of people each day.
The information that appears on a screen or is transmitted electronically once it has been encrypted through cryptography - which the computer decrypts using symmetric or asymmetric key algorithms. It looks like gibberish to most people, but once decoded it becomes plain text again and provides access to the original data.
Example: Sophia tries to access a few of her previous company's computers, but they have encrypted data so a lot of it appears as ciphertext on the screen which makes it really hard for her to do anything or find out what they are doing.
Political hacktivism is the act of hacking into a computer system in order to spread a certain political message that you have. This can include demonstrations or protests, but it usually focuses more on improving society by exposing corruption in some form.
Example: Sophia's friend wants her to hack into the computer systems at her company so they can expose how corrupt they are, but she doesn't know if she should do it or not since all of her coworkers could lose their jobs.
A server that is set up to look like a legitimate computer on the network, but it actually contains false information in order to trick the hacker into trying to access it. This allows security teams to see how hackers work and what they do with the information that they have managed to gain access to, but it also makes them vulnerable.
Example: Tony's cybersecurity team set up a honeypot on a computer at their organization so the hacker can come back to it later since they know what machines he targeted last night.
The act of using someone else's information in order to access their accounts or services without them knowing about it. This is usually done by downloading this information illegally, but sometimes people also use physical methods to get hold of personal documents that will allow them to change the person's identity into their own.
Example: Sophia wants to know if her coworker can access her company account without being detected since he has her credentials, so she asks Tony for help since he knows a lot about cybersecurity stuff.
When someone uses someone else's information in order to gain access to their accounts or services in an attempt to steal from it or make purchases on the user's behalf. These are often done through hacking in some form when the hacker manages to access the user's account, but they are sometimes done through physical methods also.
Example: Tony needs to check if his credit card has been compromised since someone tried to use it at a local restaurant, but he doesn't know which one of his accounts might have been hacked into.
A system that was created in order to monitor the network for signs of suspicious activity. These are often computer systems themselves or software programs that run on computers because they need something automated in order for them to work best, and they will do this by looking at key indicators like how much traffic is coming through the network at specific times or whether data packets are intact or not when they enter the network.
Example: Tony needs to make sure that there aren't any hackers intruding on his company's network, so he set up an IDS on all of their computers in order to monitor anything suspicious.
A policy that was created in order to regulate the way that employees behave when they are using computer systems and networks. Every organization has one of these, but they often change throughout time as hackers become more sophisticated and technology advances. This is meant to protect both the company's assets and their clients' information since this could be detrimental if it ends up in the wrong hands.
Example: Sophia enjoys working for her company because she knows that they have an information security policy in place, so she is happy to follow all of those rules.
A standard put into place by Microsoft that allows them to decide how client web servers can interact with each other. This was exacerbated by the fact that these computers communicate over HTTP rather than HTTPS, which means that hackers could intercept the information being sent between them if they wanted to.
Example: JBOH is a security concern for Tony since he knows that hackers could easily intercept the data being transferred between web servers if they tried.
A type of malware that allows someone to get access into a computer system without ever touching the physical machine itself, normally through logging characters typed on the keyboard or taking screenshots of whatever is happening on screen at specific times. These are often used in order to get passwords or other sensitive information from someone else, but they can even be used to trace the movement of the mouse pointer.
Example: Sophia has been getting weird emails lately, so she wants Tony to take a look at her computer to see if anything fishy is going on.
A group of computers connected together in order to share information between each other more easily than they would be able to by sending it across the Internet. These are typically contained within an organization or company itself, which means that users must request permission in order to access them unless they want their information stolen.
Example: Sophia has noticed that some people have been acting differently ever since they started working on her team, but she doesn't know what's causing this behavior change.
A method that hackers use in order to gain access to specific web pages without actually being invited into them, usually by taking advantage of vulnerabilities in their link structures. This is also known as a man-in-the-middle attack because it allows the attacker to read every single piece of information exchanged between two computers before sending it on its way.
Example: Tony notices that someone has been link jacking his company's website, but he needs more proof since he can't tell what kind of information they are getting from this intrusion.
Any type of program or software that was created with no other purpose than to infiltrate computer systems and gather information from them, usually by being hidden from the user and their security software. An example of this would be a keylogger or a worm.
Example: Tony has been getting some strange emails lately that seem to have some kind of malware attached to them, but he is unsure what they are trying to do since he can't open them up.
A type of threat that comes from someone who is not part of an organization or company, which means that it might be harder for them to detect these hackers before they get too much information out. This could be because they receive less attention from the IT department than employees themselves might get, especially if there isn't enough money in the budget for additional security measures.
Example: Tony's company has been having a lot of problems with outsider threats lately, so he needs to upgrade their security system in order to prevent any more bad news.
When an organization decides to outsource some or all of its IT operations to another external business instead of keeping them in-house, which means that they are now depending on that other business for their information security. This can be dangerous because these services might not always be as secure as the ones handled by the employees themselves, especially if they are worried about spending too much money on them.
Example: Tony is worried that her team doesn't have enough resources available to ensure good cybersecurity practices, which means that she is considering outsourcing parts of it right now.
A non-profit organization that was started in order to improve all aspects of web application security, which means that their goal is to identify and address the most critical security flaws before releasing any new software. They originally released a list of the top 10 vulnerabilities back in 2003, but they updated it numerous times since then because technology changes so quickly and there are always new threats popping up every day.
Example: Tony has been doing some research on what other types of online services use for cybersecurity measures, and he found out about OWASP while looking through one company's website.
This is when someone installs a sniffer into a network in order to capture all of the packets that are being sent through it, which means that they have access to every bit of information that is being transmitted between computers at any given point. This type of data can include email messages, passwords, bank account information, emails, and other personal details.
Example: Tony noticed some strange activity near the servers earlier today, but he needed more proof before telling anyone about it. He found out later on that someone had been packet sniffing his company's local area network.
A type of security assessment where a controlled attack is launched against the organization's systems by an outside entity in order to find vulnerabilities that could be exploited by actual hackers. These tests are designed to simulate exactly what a hacker can do in order to get inside the network without being too obvious, which means that they are usually run by an ethical hacking team.
Example: Tony is not sure how good his company's cybersecurity practices are since he hasn't had them tested before, so he might want to hire someone to perform penetration testing on their systems soon.
A system used for encrypting information and sending it over the internet safely, which works because every time someone uses this type of connection both sides need access to private keys in order to decrypt anything sent back and forth. This infrastructure also allows people to create digital certificates with their own unique information attached in order to sign, verify or encrypt their messages.
Example: Tony really wants to use email encryption for all of his sensitive company information, but he can't figure out how to set up a PKI infrastructure.
When a hacker breaks into a retailer's system using a POS system in order to steal customer credit card and personal information, which means that they usually aim for companies that have hundreds or even thousands of computers on their network. This type of intrusion is very difficult to stop because these machines handle huge amounts of sensitive customer data every day, and at least 90% of them don't secure their POS systems according to recommended security guidelines.
Example: A recent study found out that more than 70% of all cyberattacks target retail businesses, and that almost half of those involved POS intrusions.
A type of malware that enters a victim's computer system without them noticing, and then encrypts all of their files so they cannot be accessed anymore. The attacker can choose to either decrypt the information for a fee or destroy it forever, which means that this type of threat usually targets high-value files like pictures, videos, tax records, or other important documents. This is considered to be one of the fastest-growing types of cyber threats in recent years since it spreads quickly just like viruses did back in the day.
Example: Tony has heard plenty about ransomware attacks even though he never experienced one himself.
This is when someone tries to figure out every possible bad thing that could happen if certain cybersecurity practices are not used. Organizations of all types and sizes usually use this type of strategy to make sure that they are prepared for any negative outcome related to information security, which can also help them figure out what resources they will need in case something bad happens like a data breach or ransomware infection.
Example: Since Tony's company does business with several other businesses within the industry, he really needs risk assessment software that was designed for companies like his.
When someone manages and reduces their cybersecurity risks by removing some of the threat factors that could cause problems down the line. It is possible to do this on an individual level as well as through organizational changes, which means that risk management practices usually revolve around things like ensuring user awareness, finding and fixing vulnerabilities, and coming up with a cybersecurity plan.
Example: Tony is the risk manager for his company which means that he has to make sure that everyone understands how to properly secure their devices and data so something bad doesn't happen in the future.
An isolated environment where all of the software and apps someone wants to run can be tested without putting anything else at risk. Although sandboxing used to be considered a type of testing method, it is often used by malware experts today in order to figure out if an unknown program could cause problems on a device or not before they actually let it loose on their own systems. This type of practice is becoming more popular since executable content can contain any code regardless of what it is, which means it can be anything from a trojan to ransomware.
Example: Tony has been trying to get his company to start sandboxing all new apps before they run on the network just in case one of them tries to do something malicious.
A security control is a method that someone uses to stop cybercriminals or hackers from getting into their system or protected information. This practice includes several different types of solutions including firewalls, antivirus software, and encryption methods among many others, which means that organizations have plenty of options when it comes to choosing cybersecurity controls for their company. They need these controls in order to stay protected against malware infections and other cyber.
Example: Since Tony's company has an online presence, he realized that they would need several different security controls in place to make sure their information stays safe.
This is a cybersecurity term for software that collects data about all types of network activity and then analyzes it in order to find any possible cyber threats. Hackers often use this type of system against individuals or businesses since SIEM is usually used by companies to keep track of everything that happens on their digital networks. Then, after the analysis is complete, the system can either send reports about what was detected directly to administrators or automatically block the threat so no malicious activity ever gets through.
Example: The reason why Tony's company got hacked had something to do with their SIEM system not generating enough reports.
Software that is installed on a device without the user's permission so it can do things like log keystrokes, take screen captures, or track internet behavior. The main reason why cybercriminals use spyware is to steal personal information like passwords, financial data, and usernames, which means that spyware can often be connected to ransomware infections.
Example: Tony would never download software from an unreliable site because he knows it could have spyware embedded inside it.
This is one of the common cybersecurity terms that people use to refer to the various types of software and hardware manufacturers use to create different products. The supply chain is created by a series of companies that work together in order to get something from production all the way into consumer's hands, which means that each company has to do things correctly or else the product could have vulnerabilities built into it for cybercriminals to exploit.
Example: Tony decided not to buy his new laptop from an unknown manufacturer since he knows about how risky their supply chains can be.
A process where someone evaluates any possible threats against their digital assets in order for them to make changes as necessary in order to stay protected. Threat assessment is usually completed by companies that keep their company's cybersecurity status up-to-date, which means that it can be used to find out about any possible cyber threats so they can be avoided before the hackers ever have a chance.
Example: Tony hired an outside consultancy firm to perform a threat assessment for his small business so he could see how secure it really was against potential cyber threats.
A type of malware that disguises itself as something legitimate but then performs malicious activities when certain actions are taken, like downloading/installing other types of programs or opening certain files. Trojans are often either included inside emails or products disguised as helpful things. Hackers often use Trojans to install other types of malware since their victims are unlikely to suspect that the Trojan is really malicious software.
Example: Tony's company was infected with ransomware because it came through an email attachment that looked like an invoice but was actually a Trojan Horse virus disguised as one.
A type of malware that can spread from one device to another on its own, which means it doesn't need any help from users in order to do what it wants. The main difference between worms and viruses is that worms don't need any outside resources in order to be harmful, while some viruses need a certain file or string of code in order for them to be able to perform the tasks they were programmed for.
Example: Tony installed an antivirus program on all of his devices so he can protect them from any worms that might hijack it.
A device that has been infected with malware and is being controlled by a hacker to do whatever they want, which means the device is just a tool for the hacker to use whenever they please. The main reason why hackers want control over these machines is because they're usually very powerful computers that are capable of doing large amounts of damage in botnets, which are groups of infected machines that work together towards one malicious goal.
Example: The reason why the power plant was hacked had something to do with their servers becoming compromised because someone unknowingly infected one computer at their offices and turned it into a zombie.
A type of attack where the hacker is able to counterfeit responses from a DNS server in order to achieve their goals, which means that they can trick your computer into sending information to another device without you knowing. Hackers often use this technique in order to steal people's personal information and financial data by redirecting them onto a fake website intended for phishing purposes.
Example: Tony always makes sure to update his operating system as soon as new security updates are available because he wants to make sure he stays protected against any potential DNS Spoofing attacks.
This is an extremely dangerous form of cyberattack used by hackers so they can force computers not to access the correct websites, which often leads to a loss of data or an exposure to malware. This is done by giving the computer false information about where it should go, usually because the hacker knows that their victims trust them more than they should.
Example: Cache poisoning was used to have the wrong domain stored in that cache, so that when a user accessed the site, they were served the wrong version of the site.
An attack where hackers will try to get users to visit a fake website by purchasing domain names that look like other popular and trusted websites. They use this technique in order to steal people's personal information, money, and/or infect their device with malware.
Example: Tony always makes sure he double checks his URL before entering any information into it because he knows how much money cybercriminals are making off of cybersquatting these days.
A type of numerical identifier used to identify devices on a network, which means they're primarily used for computers but can also be used for other devices such as smartphones or tablets so long as it is connected to the internet.
Example: Hackers often use IP addresses when they are performing an attack so they can make sure that their efforts are directed towards the correct person or website.
A type of server used to convert human-friendly domain names into numerical IP addresses in order for computers, smartphones, tablets, etc. to be able to properly communicate with each other. Since these servers are responsible for connecting devices on the internet in order for them to talk, they're often targeted when hackers want to perform cyberattacks so they can direct people towards fake websites/fake information without them knowing about it.
Example: The name server routed the traffic requested by the URL to the correct IP address.
This is a type of identifier that follows this pattern: http://www.website.com and is used in order for humans and computers alike to be able to access specific information on the internet, whether it's their favorite website or something they found while searching online. Hackers will sometimes use these links so they can trick you into thinking you're looking at one thing when you're really looking at another, which could potentially lead people to download unsafe/unwanted files onto their device.
Example: The URL Tony was sent wasn't what he thought it was but instead had malware built into the code, which led to his computer getting infected.