Common Cybersecurity Terms
At Omnistruct, we believe in making cybersecurity accessible to everyone. The best way to do that is to demystify the terms used by cybersecurity professionals.
These are your stereotypical illegal hacking groups portrayed in popular culture. Black hat hackers break into secure networks and systems with the motive of destroying, modifying, or stealing some sensitive data, or to make the networks unusable for authorized network users. Essentially, these are the bad guys.
Cybercrime is a broad category of crime that includes ransomware, man-in-the-middle attacks, data theft, wire fraud, social engineering such as phishing, and many other crimes that are perpetuated with computers.
Cybersecurity compliance is the practice of building and operating a functioning security program in an organization. Many organizations are being asked to continually prove their compliance and their cybersecurity maturity to either win or keep business. The closer you are to your customers’ data the more compliance you will be asked to provide.
A threat is a perceived or real possibility of loss or misuse. Threats are what happens every day against every company. There are software, hardware, and process options to help deal with many threats but you must have the basics covered. If you get breached and can’t prove that you had reasonable security your insurance carrier can deny your coverage.
Although the term Dark Web emerged in 2009, it is unknown when it actually came into being. The difference between the surface web (the web most people use) and the Dark Web is custom software is required to access the Dark Web. Also known as Darknet websites, these sites are accessible only through networks like The Onion Routing project (TOR) and others specifically created for the Dark Web. The identities and locations of users stay anonymous and remain encrypted. The technology routes data through a large number of intermediate servers thereby keeping users on both ends anonymous. This is how illegal and black market data, information, and files are transmitted.
Data classification is a way to tag and segregate data that may contain specific information. Sensitive data that contains private information or classified data needs to be handled differently than regular data. There is a requirement to encrypt the data at rest, as well as in transit (across the wires), limit who has access to the data, log who attempts to access the data, and other important controls to keep the data safe.
Data mining is a buzzword used to extract patterns and knowledge from large data sources. It doesn’t entail extracting information from the data itself. The term can be applied to any form of data or information processing such as collection, extraction, warehousing, analysis, and statistics. It is also used to describe any application of things such as artificial intelligence (also known as machine learning) and business intelligence.
Data or information privacy is the public expectation that they can be guaranteed privacy for personal or classified information they provide to companies who hold that information.
Data protection is how privacy and integrity is ensured. This entails using set processes and strategies and is sometimes called data or information security. Any organization that collects, stores or handles sensitive data should have an extensive data protection strategy.
These days we refer to these as hacker speed bumps because many of them are configured in ways that allow Virtual Private Network (VPN) traffic or other things through without sniffing it out. A firewall is like a digital version of a building security team that, at minimum, sniffs out anything sketchy going in and out of your digital environments to/from the Internet and denies passage if things look suspicious. Curiously, many of these firewalls are set up to only inspect and stop sketchy things coming in the door as opposed to sketchy things leaving your digital world.
National Institute of Standards and Technology, one of the US nation’s oldest physical science laboratories focused on advancing measurement science, standards, and technology; that includes setting cybersecurity, privacy, and risk guidelines and standards in the USA. Omnistruct believes the NIST Cybersecurity Framework will become the standard for measuring business cybersecurity in the USA.
Virtual Private Network… In English, it simply means you have a piece of software, or an entire network, that when VPN is running, makes sure that everything you send or receive to your device (i.e: computer or smartphone) across the internet is done so in a really, really, really hard to decode version of computer “Pig Latin” just in case a hacker has tapped into the wired or wireless you are using for internet service.
A Wi-Fi Pineapple is a portable device originally designed to help defend against cyberattacks but is now being used as a tool to commit cyber crimes such as Man-in-the-Middle attacks. The tool works by allowing cyber criminals to steal data shared on public Wi-Fi networks. That is why it is always recommended to never share private information on a publicly-accessible Wi-Fi network.
A White Hat hacker is a term applied to computer security experts who employ ethical hacking techniques such as penetration testing (simulated cyberattacks) to suss out the vulnerabilities in an information system. They are the “good guys” to the Black Hat Hackers “bad guys.”
Phishing occurs when cyber criminals send out mass phony emails or advertisements purporting to be from reputable companies in order to get you to reveal your personal information, which includes passwords and credit card numbers. Another variation includes spear phishing emails which are sent to just one particular person, group, or organization in a bid to steal login credentials for a targeted purpose. A spear-phishing attack could come when the scammer purports to be from your bank or supplier.
Malicious software is software designed to cause malware attacks that are placed on a computer or a network. They can include spyware, ransomware, and Trojans designed to carry out data mining, decrypting files, or looking for passwords and account information.
MITM attack or a Man-In-The-Middle (MITM) attack is a form of cyber-attack where the attackers secretly intercept and relay messages between two parties who believe they are communicating directly with each other. The attack is a type of eavesdropping in which the attacker intercepts and then controls the entire conversation.
Domain Name Service (DNS) spoofing occurs when hackers poison entries on a DNS server to redirect a targeted user to a malicious website under attacker control where they then can use it for data theft, malware infection, phishing, and preventing updates.
Cross-site scripting (XSS) is an attack in which an attacker injects malicious executable scripts into the code of a trusted application or website. Attackers often initiate an XSS attack by sending a malicious link to a user and enticing the user to click.
Structured Query Language (SQL) injection occurs when attackers use malicious SQL code for backend database manipulation to access information that was not intended to be displayed. This information may include sensitive company data, user lists, or private customer details.
A password attack refers to any form of the method used to maliciously authenticate into password-protected accounts. These attacks are typically facilitated through the use of software that expedites cracking or guessing passwords and can include processes such as dictionary attacks, brute force attacks, or invalid password attempts.
Passive eavesdropping attacks is a variation of MITM attack where the attacker passively listens to network communications to gain access to private information, such as node identification numbers, routing updates, or application-sensitive data.
Social engineering is a scheme where scammers use psychological manipulation to trick users into divulging sensitive information such as a user’s identity, credit card information, or login information. Usually, they may pretend to be your boss, your supplier, customer support, someone from our IT team, or your delivery company to get you to give away sensitive information.
Session hijacking occurs when a hacker takes control of a user’s browsing session to gain access to their personal information and passwords by targeting computers or online accounts.
A zero-day exploit is a malware that can be difficult to detect and defend against as it exploits unknown and unprotected vulnerabilities in systems or computers.
A birthday attack is a type of cryptographic attack on computer systems and networks, which exploits the mathematics behind the birthday problem in probability theory. Birthday attacks can be used in communication abuse between two or more parties.
Internet of Things (IoT) attacks occur when attackers exploit bugs, unpatched vulnerabilities, critical design problems, or even operating system oversights to obtain unauthorized access to a network.
Uniform Resource Locator (URL) occurs when cybercriminals create counterfeit websites to lure in victims and obtain sensitive information. Often these fake websites look similar to the real thing and are common means of targeting victims.