You’ve probably heard a lot about cybersecurity lately. Since the major cyber-attack on the NHS, there seems to have been an outpouring of publicised cyber-attacks on large and small businesses alike. Just in the last few weeks Superdrug, British Airways and Bristol Airport have all been hit with some form of cyber-attack.
Although it can be scary to hear about all these attacks bringing them to our attention helps us stay prepared and ahead of the game. If we know how cybercriminals hacked into other businesses, we can use our own preventative measures to reduce the chances of it happening to you. It might also be useful for you to know whether you’re protected. But unfortunately, the news often uses a lot of cybersecurity jargon when explaining exactly what went on. I mean who really knows what ransomware, DNS and encryption all mean off the top of their heads? So, we’ve created a guide of some of the most commonly used terms in cybersecurity to clear up some of the confusion so you can understand what’s going on.
The Cloud or Cloud Computing
accessing and sharing data, information, and applications over the Internet.
a general term used to describe the programmes, instructions, applications or scripts used to operate a device (i.e. computers, phones, tablets – (hardware))
a general term used to describe the physical elements of a device (i.e. computer, phone, tablet). This is anything that is physically tangible. Software is used to operate hardware
is a type of software that acts as an intermediary between hardware and software. An operating system manages all other software on the device
Internet Protocol (IP) Address
a string of number assigned to any device that accesses the Internet that acts as a unique identifier to track what you do in the Internet
Domain Name System (DNS)
the equivalent of the Internets phone book. It stores data about all the devices that access the internet
Virtual Private Network (VPN)
a tool that allows you to remain anonymous on the Internet by blocking your location and device data, whilst also hiding where you’ve visited
a patch is an update to an operating system, application or software that addresses and corrects a security vulnerability.
an algorithm that converts plain text to cipher text. Ciphertext is scrambled plain text to a point that it becomes unreadable therefore hiding information.
defensive technology designed to keep out threats
An application installed on your device (computer, phone, etc) that scans all content that you open for threats (i.e. content that may be harmful to your device). It will scan documents, attachments, and applications. Threats detected by antivirus will be contained and removed.
a form of security compromise that often is not malicious. In the event of a breach, data is usually released by mistake, via negligence or another unintentional incident
an attack designed to overwhelm your security defences via quick or repeated attacks. Or by forcing their way in by attempting every possible login in option until they are successful.
Phishing (or spear phishing)
an attempt to gain sensitive information such as usernames, passwords or bank details for malicious reasons by disguising themselves as trustworthy sources in the form of electronic communication. Phishing attacks often use email communication to lure victims into entering personal information by posing as legitimate providers, such as banks, social media services, suppliers
short for malicious software is an umbrella term used to refer to all forms of hostile and intrusive software including worms, virus, trojan horse, spyware, adware, ransomware and so on. Malware is defined by its malicious intent as it is designed to be a threat so does not include software that causes unintentional harm
malicious software that allows hackers remote access to your device through a back door
spyware can be malicious or innocuous. It is a form of software installed on a users device without their knowledge that tracks and obtains information covertly. Innocuous spyware could be a keylogger on a child’s computer to see what they’re searching on the Internet or cookies on a webpage to track user visits. However, malicious spyware can be used to obtain sensitive information from the device without the user’s knowledge.
a type of malicious software that can rapidly replicate in order to spread the infection to other devices
a type of malicious software aimed to corrupt, erase or modify information on a device before them spreading to another
malicious software intended to trick users into visiting websites or downloading software with malware installed on them. Scareware frequently uses pop-ups that appear to be legitimate warnings from antivirus companies claiming your device has been infected, designed to frighten people into buying fake anti-virus software that will install some form of malicious software onto their device instead.
a type of malicious software that limits or prevents people from access their device and system. Hackers will lock computers or files to force you to pay a ransom (typically in an online currency e.g. bitcoin). Hackers will often delete or destroyed files and data even after the ransom is paid.
an application or script that performs tasks on command, allowing hackers to take control of the affected device remotely to tell it what to do. Hackers or bot-herders infect devices with bots/botnets and control them remotely.
Distributed Denial of Services (DDoS)
a form of cyber-attack intended to make a service such as a website unusable by flooding it with malicious content, often using a collection of infected devices to flood the service. A bit like a lot of people blocking a door to a shop
This list could just keep on going. If you want to know about any more cybersecurity jargon just ask and we’ll be happy to answer! 😊