As often as some topic relating to cybersecurity is in the news, whether its online fraud, ransomware, or the almost weekly discussion of a new data breach, or form of serious exploits or hacks, one would assume that many of us would have some of the basic terminology memorized right? Not exactly; as long as cyber attacks continue to perpetuate the daily or weekly news cycle, there’s always a new term or buzzword that gets thrown around into the mix.
Our overall goal with this post is to take some of the most commonly used cybersecurity terms and lay them out as plainly as possible so that they are not only easy to understand, but easy to remember. We hope that in reading these terms, the next time you come across one while reading or hearing it, you’ll know exactly what it’s referring to.
- Software – a set of instructions that tells a computer how to perform a certain task. Also known as program, or application.
Examples: Microsoft Office, Internet Explorer, Mobile Apps - Hardware – The physical components of a computer, or other device.
Examples: Motherboard, CPU, RAM, Hard Drive - Server – A computer that provides data to other computers (ie it serves other computers).
Examples: Database server, Email server, Web server, Cloud server, File server - The Cloud – the cloud is nothing more than a set of high storage servers that are accessed over the Internet. The purpose is to store, and access data remotely rather than on your own physical device.
Examples: Apple iCloud, Amazon AWS, Dropbox, Google Apps, Microsoft Office Online - Virtual Private Network (VPN) – a tool or service that protects your information and privacy online by protecting your internet connection. VPN’s do this by masking location and encrypting web traffic.
Examples: NordVPN, ExpressVPN, IPVanish - Domain – computers, printers, telephones, and other devices that are interconnected and administered with a common set of rules. Also known as a Network Domain.
Not to be confused with Domain Name. - Domain Name – unique, easy-to-remember address used to access websites.
Examples: google.com, whitehouse.gov, smeinc.net - IP Address – a unique address that identifies a device on the internet or a local network. The internet version of a home address for a computer.
Examples: 127.0.0.1, 192.168.0.1 - MAC Address – a hardware identification number that uniquely identifies each device on a network. Commonly assigned by the manufacturer to a piece of network hardware (like a wireless card or an ethernet card).
Example: 00:1B:44:11:3A:B7 - Data Breach – an incident that exposes confidential or protected information. A breach might involve the loss or theft of your Social Security Number, bank account or debit/credit card numbers, personal health information, passwords or email.
Examples: Target, Equifax, LinkedIn - Exploit – a program, or code, designed to discover and take advantage of a security flaw or vulnerability in an application or computer system, typically for malicious purposes such as installing malware.
Examples: EternalBlue, WannaCry, Petya/NotPetya - Malware – short for malicious software, malware is an umbrella term for a number of malicious software variants designed to cause harm to computers and computer users.
Examples: viruses, trojan horses, worms, adware, ransomware, rootkits, and spyware.- Virus – a type of malware that can be either malicious code or a program written to alter the way a computer operates and is designed to spread from one computer to another.
Examples: Code Red, ILOVEYOU, Slammer, CryptoLocker, Zeus - Trojan Horse – a type of malware that is often disguised as legitimate software.
Examples: Backdoor Trojan, Fake Antivirus Trojan, Keylogger Trojan, Mailfinder Trojan. - Worm – a type of malware that spreads copies of itself from computer to computer.
Examples: Morris Worm, Koober, SQL Slammer, Stuxnet, WANK. - Adware – software that displays unwanted advertisements on your computer. Adware programs will tend to serve you pop-up ads, can change your browser’s homepage, add spyware and spam your device with advertisements.
Examples: Fireball, Gator, DeskAd, DollarRevenue, Appearch - Ransomware – a constantly evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable.
Examples: WannaCry, CryptoLocker, Bad Rabbit, Petya, Locky, Jigsaw - Spyware – malicious software designed to enter your computer device, gather data about you, and forward it to a third-party without your consent.
Examples: CoolWebSearch, Zlob, Gator, TIBS Dialer, Internet Optimizer. - Rootkits – a computer program designed to provide continued privileged access to a computer while actively hiding its presence.
Examples: NTRootkit, HackerDefender, Machiavelli, Stuxnet, Flame, Zeus.
- Virus – a type of malware that can be either malicious code or a program written to alter the way a computer operates and is designed to spread from one computer to another.
- Bot/Botnet – networks of hijacked computer devices (“bots”) that are used to carry out various scams and cyberattacks.
Examples: Mirai, Mariposa, Kraken, 3ve. - Denial of Service (DoS) – a malicious attempt to overwhelm a web property with traffic in order to disrupt it’s normal operations.
- Distributed Denial of Service (DDoS) – a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.
- Phishing/Spear Phishing – a type of social engineering attack often used to steal user data, including login credentials and credit card numbers.
- Social Engineering – the art of manipulating people so they give up confidential information.
- Clickjacking – attack that tricks victims into clicking on an unintended link or button, usually disguised as a harmless element.
- White Hat Hacker – an ethical computer hacker, or a computer security expert, who specializes in penetration testing and other testing methodologies that ensure the security of an organization’s information systems.
- Black Hat Hacker – a hacker who violates computer security for their personal profit or malice
We here at SME hope that the definitions to some of these commonly used terms will assist you in knowing what exactly is being referred to when you hear them, or what they are in regards to.
SME is here to help increase security posture and get rid of those sleepless nights, for any IT/security related questions, please give us a call at 703-378-4110 or email info@smeinc.net.