Cyber Security Blog

Stay ahead of the curve with industry trends, cutting edge tech and inventive strategies.

Cyber-Security: It’s all Greek to me

All things cyber now constantly infiltrate our lives as well as our inboxes and have formed a whole new language. To help you become more cyber-literate here is a glossary of terms you are likely to hear.

Cybercrime, cybersecurity and cyberattacks are just a few of the terms that are commonly bounced around on the technological landscape. Along with everything prefixed ‘cyber’ are acronyms denoting different services used to combat cybercrime such as IPS and IDS and those that describe other technological concepts like PSN. If this jargon wasn’t enough to confuse you, there are also many everyday terms which have semantically evolved to encompass everything virtual – so when a website asks you to ‘accept cookies’ they won’t be the chocolate filled kind you would usually expect. All things cyber now constantly infiltrate our lives as well as our inboxes and have formed a whole new language. To help you become more cyber-literate here is a glossary of terms you are likely to hear.

 

Adware   Software designed to force ads to display on your computer. Some adware is specifically designed to be malicious.

AP       Access Point. A device that allows wireless devices to connect to a wired network using Wi-Fi.

Black Hat     An unethical hacker.

Bots   A software ‘robot’ which performs a set of automated tasks. Search engines in particular use bots (A.K.A spiders) to scan through webpages. Usually, they are not intended to interfere with a user. However, a black hat may use a bot to their advantage by using them to perform many destructive tasks and introduce malware to your system.

Botnet    A botnet is a network of zombie drones under the control of a black hat. When black hats are launching a Distributed Denial of Service attack for instance, they will use a botnet under their control to accomplish it. Most often, the users of the systems will not even know they are involved or that their system resources are being used to carry out DDOS attacks or for spamming. It not only helps cover the black hat’s tracks, but increases the ferocity of the attack by using the resources of many computer systems in a co-ordinated effort.

Cookies     A small packet of information from a visited webserver stored on your system by your computer’s browser. It is designed to store personalised information. For example, if you visit a site with forms to fill out on each visit, the information you provide can be stored on your system as a cookie so you don’t have to go through the process of filling out the forms every time you visit.

Data Centre      Often referred to as the brain of a company. The data centre stores, manages and distributes company data.

DNS    Domain Name Server. Like a phone book, the DNS maintains a directory of domain names. These are translated to IP addresses so that computers can access each webpage via an IP address.

DOS      A Denial of Service Attack. This kind of attack is designed to overwhelm a targeted website so that it crashes or is no longer accessible.

Encryption    Encrypting data is when information or data is converted into a code which is used to prevent unauthorised access.

Firewall     Checks information coming from the Internet or a network and either blocks it or allows it to pass through to your computer

Hacker     ‘Hacker’ has become the catch-all-term to describe someone who uses a computer to gain access to unauthorised data.

Infrastructure    A collection of physical or virtual resources that supports an overall IT environment:  server, storage and network components.

IPS       Intrusion Prevention System. Monitors a network for malicious activity. IPS inspects data and if it detects malicious activity it blocks the attack as it is developing.

IDS          Intrusion Detection System. Monitors a network for malicious activity. The IDS achieves this objective through early warnings aimed at systems administrators. However, unlike IPS, it is not designed to block attacks.

IP Address     Similar to a postcode or a car registration number, every computer has an IP address as a unique code.

Malware       Software which is specifically designed to disrupt or damage a computer system

NGFW      Next Generation Firewall. A sophisticated hardware or software-based network security system that is able to detect and block cyber-attacks. It combines a traditional firewall with other preventative measures such as IPS or IDS.

Penetration Tests    (Pentest). Pen testing is an attack on a computer system which is used to find weaknesses in the system. It can uncover how easy it is to hack into a system and using this information sufficient security measures can then be put in place.

Phishing     An individual sends out a false link within an email claiming to be part of an institution (PayPal, Ebay and Apple are commonly used). Once the link is clicked on it gives unauthorised access into your network.

PSN        Public services network. The PSN is a UK government programme which aims to unify network infrastructure across the public sector into an interconnected “network of networks” to increase efficiency and reduce overall public expenditure.

Sandboxing   Sandboxing is a method used to isolate potential malware. For example, similar to the process of detonating a bomb, malware is taken to an isolated location and observed to see what it does. It can then be determined whether it is malware or not.

Spam       A.K.A junk email or unsolicited email.

Spear Phishing     Similar to phishing but these emails are targeted towards specific organisations or individuals.

Spoofing      Black hats will often cover their tracks by spoofing (faking) an IP address or masking/changing the sender information on an email so as to deceive the recipient as to its origin. For example, they could send you an email containing a link to a page that will infect your system with malware and make it look like it came from a safe source, such as a trusted friend or organisation.

SSL    Secure Sockets Layer. Security technology which establishes an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.

Trojan   A Trojan, or Trojan Horse, is a malicious program disguised to look like a valid program, making it difficult to distinguish from programs that are supposed to be there. Once introduced, a Trojan can destroy files, alter information, steal passwords or other information, or fulfill any other sinister purpose it was designed to accomplish.

Virus    A virus is a malicious program or code that attaches itself to another program file and can replicate itself to infect other systems. Just like the flu, it can spread from one system to another when the infected program is used by another system

VPN       A network that is constructed by using public wires — usually the Internet — to connect to a private network, such as a company’s internal network. There are a number of systems that enable you to create networks using the Internet as the medium for transporting data.

White Hat       Unlike the black hat, the white hat is an ethical hacker.

Worm   A worm is very similar to a virus – it is a destructive self-contained program that can replicate itself. Unlike a virus, a worm does not need to be a part of another program or document. A worm can copy and transfer itself to other systems on a network, even without user intervention.

Zombie/zombie drone     A malware program that can be used by a black hat to take control of a system so it can be used as a zombie drone for further attacks, like spam emails without a user’s knowledge. Zombies can be introduced to a system by opening an infected email attachment, but most often they are received through non-mainstream sites like file sharing sites, chat groups, and online casinos that force you to download their media player to have access to the content on their site, using the installed player itself as the delivery mechanism.

Watch this space! This glossary will be frequently updated. We will do our best to explain new terms to you so that you are not left behind in the cyber-language.

Latest posts