Cyber security definitions
Uh-oh, looks like you’ve been spear-phished by a zombie.
You do know what that means, right?
Cybercrime terms can be confusing and very easily mixed up. Here’s what you need to know.
Antivirus – software designed to prevent, detect and remove viruses including worms and trojans from your computer.
Authorisation – the process of giving someone permission to do or have something. In terms of a computer system, authorisation can vary from what a user can access to how long they can access the system for.
Backing up – the practice of copying data into a secure location so it can be recovered if it is deleted or corrupted.
Bot – see zombie computer.
Bring your own device (BYOD) – BYOD is a policy that allows employees to bring their own computer devices, such as mobiles, laptops or tablets to work. This can be potentially hazardous as it increases cyber risks.
Business interruption – any form of disruption that impacts an organisation’s normal operations. This could include being the victim of a cyber-attack, having your data held to ransom, or any breach of an organisation’s cyber security.
Computer forensics – looking for clues that will help explain how and why a cyber-attack has happened and using this information to reduce the risk of a future cyber-attack.
Cyber-attack – an attack on an organisation’s use of cyberspace in an attempt to access protected information or disrupt, damage or control the victim’s use of technology.
Cybercrime – any illegal activity involving a computer or connected device such as a mobile phone. Phishing, spamming and hacking are all examples of cybercrime.
Cyber security – any process or technology that is designed to protect computers, data and networks from a cyber-attack.
Cyber extortion – a cyber-attack, or the threat of a cyber-attack on an organisation, coupled with a demand for money to stop or prevent the attack.
Cyber insurance – an insurance policy that covers any losses relating to damage to, or loss of information from, a company’s IT system resulting from a cyber-attack.
Data breach – a data breach is when protected or confidential information is viewed or stolen by an unauthorised party.
Email bombing – an email bomb involves sending a large number of identical emails to a particular email address.
Email spamming – email spamming is a variation of email bombing, where the same email is sent to thousands of different email addresses.
Encryption – the process of converting data into code to prevent unauthorised individuals from viewing its content.
Firewall – a network security system that monitors incoming and outgoing traffic, and decides whether to allow or deny access based on a predetermined set of security rules.
GDPR (General Data Protection Regulation) – GDPR is a new regulation that will come into effect in May 2018 and outlines how companies must protect the personal data of EU residents.
Hacker – an individual who gains unauthorised access to a computer or IT network for either their personal gain or for that of an organisation they’re sponsored by.
Hacking – involves gaining unauthorised access to an organisation’s computer or IT network.
IT Infrastructure – IT infrastructure includes all IT systems (hardware, software, network resources and services) that play a role in an organisation’s IT-enabled operations.
Logic bomb – a logic bomb is programming code that is triggered under certain circumstances – after a period of time, or upon opening an application, for example. Once ‘detonated’, a logic bomb could delete or corrupt data, display a false message, or have other negative effects on IT systems.
Malware – software that is specifically designed to infiltrate and damage or disable computers.
Malicious software – see malware.
National Cyber Crime Unit – the NCCU is the part of the UK’s National Crime Agency (NCA) that specialises in fighting cybercrime.
Phishing – a spam email used to trick individuals into sharing their personal information eg password, card details or personal details.
Pharming – pharming is very like phishing, but in this case the user is redirected to a fraudulent web site without their knowledge or consent.
Ransomware – a form of malware that encrypts files on a device to prevent or limit an organisation’s access to their system or files until a ransom is paid.
Risk assessment – a cyber security risk assessment identifies any weaknesses in a company’s IT infrastructure while figuring out ways to fix them.
Software as a Service (SaaS) – SaaS describes any cloud services that allow customers to access software applications via the internet. Facebook, Google and Twitter are some of the best examples of Software as a Service.
Slag code – see logic bomb.
Spear phishing – very like phishing, but the email seeking access to confidential data targets a particular individual or business, and appears to be from a trusted person or organisation.
Spyware – a form of malware installed on a computer to get user’s private information, often secretly and without their knowledge.
Trojan horse – a virus that disguises itself as a regular application. Unlike other malware, a trojan doesn’t replicate itself, but instead provides a pathway for other viruses to access your IT system.
Virus – a malicious piece of code or software that alters the way a computer works. Much like a flu virus, they replicate themselves so they can spread quickly throughout a whole computer network.
Vishing – a telephone-based criminal practice, and a form of social engineering, involving persuading someone to hand over personal details and/or transfer money
Webjacking – another phishing technique whereby a hacker will gain access to an organisation’s site and redirect users to a different unsecure site where their information may be compromised.
Worm – a worm is very like a virus, but can move quickly between computer systems without human involvement – usually by relying on security failures on the target computer. Worms are dangerous as they can replicate themselves quickly, meaning thousands can be sent out from one computer.
Zombie computer – a zombie is a computer that has been compromised by a remote hacker who uses the hijacked machine to transmit things such as viruses and spam to other computers. Zombie computers will appear to be working normally, making them very hard to detect.