Cyber Security Glossary | Security Terms in Simple English

Glossary of Cyber Security

A

admin privilege

‘generally’ the highest level of privileges on any given system

Advanced Persistent Threat (APT)

A stealth threat actor that gains unauthorised access to a computer network and remains undetected for an extended period

antivirus

a software application that functions on a laptop or device to identify, block or remove malicious code (i.e. virus, spyware, ransomware, malware)

attack vector

an attacker’s technique to gain unauthorised access to a computer or network 

attacker

A threat actor who seeks to intrude into computer systems with malicious intent to delete, steal or disable sensitive information and exploit the outcomes for his gains (financial or otherwise)


B

botnet

A network of compromised systems connected to the internet, controlled by an attacker to commit coordinated attacks 

black hat hacking

hacking into computer system or networks with malicious intent

bug

A weakness, failure or fault in a computer program that causes unintended code interaction

breach

A security incident when unauthorised access takes place on computer systems, devices or networks 

brute force attack

A popular password cracking process using combinations (automated) and probabilities (manual) to identify passwords

bring your own device (BYOD)

a policy that allows staff to bring their personal devices to be connected at workplace for work purposes


C

catfishing

utilising social media (including dating sites) fake identity to target a specific person for deception

certificate

Digital identity for a device, user or system to allow authentication and secure exchange of data

cloud computing

it means storing, processing and transmitting data over the internet instead of your computer

there are multiple models how cloud computing is used in todays’ world, this includes paying for usage of infrastructure, platform or software resources 

credentials

single or multiple piece of sensitive information (password, token, certificate) used to authenticate and verify user’s identity

cyber essentials

A UK Govt backed self-assessment certification to help protect businesses against the most common cyber attacks while demonstrating cyber security commitment 

cyber attack

an assault launched by cyber criminals using single or multiple computers against single or multiple computers or networks to gain unauthorised access with purpose of stealing, accessing or modify the underlying data

cyber incident

a breach event where security policies have been violated with single or multiple actions, namely:

  • attack attempts
  • successful unauthorised access gained to single or multiple systems or data 
  • stealing or modifying data
  • changes to the system state without owners consent
  • disruption 

cyber stalking

use of internet or electronic means to stalk or to harass an individual, group or organisation.

 


D

data

a set of facts such as numbers, words, observations, descriptions

 

data at rest

data stored in storage such as tape drives, disk drives, USB drives or backups

deny list

A way of access control that blocks data transmission , also cited as ‘blacklisting’ in the past

dictionary attack

A brute force attack that utilises dictionary words, phrases or common passwords 

digital footprint

all the data marks you leave behind as you use the internet

denial of service (DoS)

an activity that uses one computer system or network to floods the target systems or service with huge amount of requests in order to deny access to legitimate users

distributed denial of service (DDoS)

a denial of service (DoS) attack that utilises multiple systems and/or networks to target a specific network with huge amounts of traffic
 

drive by download attack

a user clicking on attachment or a link that initiates malicious software or virus installation on the user device without users knowledge

E

encryption

a way of scrambling data that only authorised parties can understand with possession of a secret key

endpoint 

it could be any device that is physically an end point on a network. This could be a laptop, mobile, workstation, server or virtual environments

exploitation

malicious code that takes advantage of a weakness or a flaw in target systems (computers, mobile, devices) to cause intended consequences

ethical hacking

A cyber security attack simulation to identify weaknesses in the computer systems that may otherwise result in reputation, regulatory or financial implications for a business. The simulation actors , also known as security consultants, are often terms as ‘white hat hackers’. Whereas black hat hackers are the ones who engage in illegal / cyber crime activities.

exfiltration 

data transfer activity from within company systems towards  external (outside the organisation) systems 

F

firewall

a network security mechanism (software or hardware) that acts as a gatekeeper for incoming and outgoing traffic as per defined rules

firmware

specific class of code that provides low-level control for a device’s hardware

fileless malware

a variant of malware that exclusively resides in computer’s memory

G

GDPR 

European legislation , General Data Protection Regulation, designed to prevent the misuse of personal data
 

 

H

hacking

activities aimed at compromised digital services or devices such as tablets, computer systems,  mobile devices and/or networks.

honeypot 

a computer system or network intended to mimic the victims of hacking that helps limit access to actual systems by utilising the learnings from mimicking attack victims

I

identity theft 

deliberate use of someone’s identity for financial gains 

Infrastructure as a Service (IaaS)

a cloud computing shared responsibility model that involves provisioning of computing infrastructure as a service for cloud users

insider threats

legitimate users abusing their privileges to gain unauthorised access to the systems or data. See this detailed blog post on insider threats

Internet of Things (IoT)

objects that fall into everyday life that are connected to the internet in order to exchange data with other devices or systems over the internet. Examples include security cameras, thermostats, electronic appliances

ISO 27001

A standard in information security management systems (ISMS), demonstrating the highest level of accreditation.

J

jailbreak

a mobile security term that relates to removal of security restrictions of a device, allowing modification and installation of new applications on the underlying system. Read more about mobile security 

javascript

A scripting or programming language that is used to create and control the content of a website, to program the behaviour of website pages to do specific actions

just-in-time (JIT) access

a computing concept that involves compilation during execution of a program at run time rather than before execution. Just in time access provisions access for users to have privileged accounts and resources access when they need it (time based), not otherwise (permanent). This concept is used in various domains of computing for example, just in time azure access , just in time IAM


K

keylogger

a software or hardware that secretly records a user’s keystrokes on a computer system

L

logic bomb
a piece of code that sets off a malicious function when specific conditions are met. For example, hackers hiding logic bombs in viruses or malware that triggers upon finding itself on a system within target network
 

macro malware

A malicious program that uses the macro capabilities of applications (usually Microsoft office) that helps attackers compromise the underlying program or system

malvertising

Delivering malware programs using online advertising methods

malware

a malicious code (includes virus, trojans, worms) intended to cause adverse impact on organisation or individuals computer system

man in the middle (MiTM) attack

a program successfully interposing itself between a client (usually user’s computer or browser) and the server (website, network servers) to oversee, steal or modify the transmitted information 

Mobile Device Management

a type of software solution deployed to monitor, manage and secure the mobile devices allowing central remote administration and management


N

network firewall

An access control system that controls incoming and outgoing traffic to/from a network


O

Open source

A type of software that is listed as free for user, share or modification


patching

A process that involves management of managing updates to firmware or software to improve functionality and address security flaws

pentest

Short for penetration test. An authorised test of a computer network or system designed to look for security weaknesses so that they can be fixed. Read detailed article here.

pharming

A malicious technique used to redirect users trying to access legit resources towards an attacker controlled website 

phishing

Fraudulent emails targeted to encourage recipients to visit a fake website , run malicious program sent as attachment or perform actions (filling in forms, call , transactions).

PII (personally identifiable information)

any data that could potentially be used to identify an individual. For example, full name date of birth, NI, Social Security Number, license number, bank account , password , passport, email address.

proxy server

A server between a computer and the internet used to enhance security controls and provide service to multiple users behind a perimeter


Q

Quality of Service (QoS)

Performance measure that assesses the performance of hardware and software services delivered by a program or service provider under the terms of a contract 

query string

part of the URL where data is passed to a web application (server) and/or back-end database


R

race condition

condition of a program, software or system where unintended outcome is due to its’ dependency on the sequence or timing of other uncontrollable events. 

ransomware

a malicious software that renders underlying systems or networks unusable until a ransom is paid  

risk

something that causes an organisations not to meet its objectives

rootkit

stealth malware that masks its existence under the legitimate resources required by the computer system to prevent its detection

S

sandboxing

a technique that utilises process isolation to increase security 

sanitisation

electronic or physical destruction methods to securely erase or remove data from memory

Security Information and Event Management (SIEM)

An application used to monitor, log, analyse security events to support threat detection and incident response activities

Security Operations Center

A central department that is responsible for identifying, analysing and responding to security incidents.

security incident

an event that indicates breach of the security policy of an organisation, that may include:

  • unauthorised access attempts to a system and/or data
  • unauthorised use of systems
  • changes to the system state
  • disruption or denial of service attacks 

software as a service (SaaS)

Describes a business model where consumers access centrally-hosted software applications over the Internet.

social engineering

An act of manipulating people to carry out specific actions in order gain access to their sensitive information 

smishing

Phishing using SMS/ text messages sent to users prompting for submitting sensitive information via multiple ways (visiting a website through a link, calling or QR codes)

spear-phishing

A targeted form of phishing that is designed to look legitimate in order to gain unauthorised access to their system or prompting them to divulge information they have

SQL Injection

An attack tactic used by threat actors to attack applications in order to enumerate information stored in the database. This attack is carried out from an internet user (unauthenticated or authenticated) perspective to exploit the weaknesses in the application code. 

SSL/TLS Certificate

A digital identity (small file) that cryptographically establishes an encrypted link between a web server and a user’s browser

Steganography

A technique to encrypt data, hiding it within text or images for malicious intent.


T

threat assessment

An assessment performed to identify and evaluate the credibility and seriousness of a potential security threat to an organisation. See more on attack surface assessment  

two-factor authentication (2FA)

Using two different components to verify a user’s identity. This term is used interchangeably with multi-factor authentication. See how 2FA usage helps against cyber attacks


U

unauthorised access

an access that violates security policy of an organisation

username

usually the first piece of information that makes part of online identity (an account on an email service provider, grocery store or elsewhere)

URL injection

URL injection, more commonly known as Unvalidated Redirects and Forwards in the cyber security world, is a technique where a threat actor injects input causing the web application to redirect user to attacker controller website making it a viable opportunity to carry out phishing scams or steal user credentials 

 

V

virus

computer programs , a form of malware, that are designed to infect legitimate programs or systems

Virtual Private Network (VPN)

An encrypted network often created to allow secure connections for remote users, for example in an organisation with offices in multiple locations.

vulnerability

A weakness, or flaw, in software, a system or process. An attacker may seek to exploit a vulnerability to gain unauthorised access to a system.


W

water-holing (watering hole attack)

a fake setup (website or multiple websites) designed to lure legitimate website visitors to exploit their identity or prompting them to divulge sensitive information 

whaling

Highly targeted phishing attacks (masquerading as a legitimate emails) that are aimed at senior executives.


Z

zero-day

newly discovered vulnerabilities that are not yet patched by vendors, and are known to hackers that can be exploited to gain unauthorised access

zombie

a computer connected to the internet, that has been compromised by a threat actor, virus, trojan horse program. These systems are unaware of their participations in large attack campaigns such as DDoS attacks in coordination with botnets, similar to zombie attacks of horror films.

CONTACT US