From anti-malware to website spoofing and spear fishing, there are a wide range of terms that have been developed by cybersecurity experts to describe the various defence measures and the attack types they provide protection against. You can explore a selection of these terms, along with their definitions, below:
Angler – a scheme where a cybercriminal impersonates a customer service type account, attempting to contact a disgruntled individual and lure them into sharing personal or account details.
Antimalware – protective software designed to filter out and contain incoming malicious software and block its access to a device or network.
Anti-ransomware – software designed to block crypto malware from infiltrating a computer’s systems and causing havoc by encrypting important data files and services.
Authentication – the process of verifying the identity of a website via digital certificate or a computer system’s user through confidential credentials.
Biometric – an authentication method employed in computer security systems to control access and validate the identification of an individual.
Botnet – refers to multiple devices connected to the internet, each running multiple bots. The combined power of botnets is used in DDoS attacks on servers and spam campaigns.
Clickjacking – an attempt to fool a user into clicking on a malicious link that they perceive to be trustworthy, with consequences ranging from a malware download to harvested credentials.
Cyberbullying – a type of harassment employing electronic means where individuals or enterprises are targeted online and subjected to insults, abuse and comments designed to damage reputations.
Data breach – the unintentional or intentional exposure, loss, alteration or destruction of secure or confidential information.
Data encryption – refers to a method of converting stored or sent data from an easy to read format to an encoded appearance, rendering it unreadable until it is decrypted.
DES Encryption – short for Data Encryption Standard, a symmetric-key algorithm developed for encrypting digital data. While too insecure for apps, the algorithm has influenced advances in cryptography.
DDoS – short for Distributed Denial of Service, an attack using DDoS overwhelms a network or server with more requests than it can cope with, rendering it inoperable.
Digital document signing – a convenient solution for signing electronic documents swiftly and securely online using authentication methods such as passwords, PINs and fingerprint scans.
Drive-by – a tactic employed by cybercriminals to spread malware infections, with malicious script installed on unsecure websites that infects visiting user’s devices automatically.
Eavesdrop – a cyberattack where data is stolen in transit across an unprotected network via a smartphone, computer or other connected device.
Exploit – refers to code devised to take advantage of a known security weakness or software vulnerability.
Fraudulent Emails – also called scam emails, refers to messages via email designed to deceive targets for personal gain or to cause harm to an individual or enterprise through an act of fraud.
Firewall – a type of security system for networks that monitors and manages incoming as well as outgoing traffic on the network based on established security protocols.
GDPR – abbreviation of General Data Protection Regulation, which is an EU law regulation concerning privacy and data protection within the European Union and European Economic Area.
IP Spoofing – refers to the use of Internet Protocol packets that use a fake source IP address in order to impersonate a trusted computer system.
Malware – refers to software conceived and constructed to cause harm to a computer, client, network or server.
Malware Cleaner – a tool designed to clean not only malware, but also adware, viruses and additional cyber threats from a computer’s system.
Network Spoofer – a cybercriminal tool or ploy that uses a computer or network to trick a target network into believing it is a trusted entity.
Personally Identifiable Information (PII) – refers to any data that can be employed to identify a specific individual, such as names, email addresses, account numbers, dates of birth and even biometric data.
Phishing – a fraudulent tactic used to acquire sensitive or personal data by pretending to be a trusted individual, conducted via electronic messaging channels like email and instant messaging.
Ransomware – malicious software that encrypts user files, blocking access until a ransom payment is made by a victim.
Rootkit – a term for a collection of malicious software engineered to access either a device or part of its software that is designated confidential and inaccessible.
Social hack – a tactic to manipulate individuals or groups in order to acquire access to sensitive areas or information without having the correct authorisation.
Spear phishing – when malicious operators send electronic messages under the pretence of being a trusted source to induce victims into revealing confidential or sensitive information.
Spoofing – a tactic used by hackers to impersonate an individual or enterprise when contacting a target to fool them into taking a specific action, such as parting with funds or private data.
Spyware – refers to malicious software developed to acquire private information on an individual or organisation, with the obtained data used to cause harm.
Trojan Horse – refers to programs designed to breach a computer’s security system by pretending to be authentic software.
VPN – abbreviation of Virtual Private Network, which is a solution that expands a private network over a public network, allowing users to send and receive data securely over both public and shared networks.
Water Holing – a cyberattack where a threat operator observes or predicts websites used by an enterprise and infects them with malicious software.
Website spoofing – when a replica of an authentic website or webpage is created for criminal purposes, typically to harvest private credentials like usernames and passwords.
Whaling – a specialised form of phishing attack that targets senior management and executives while pretending to be a legitimate message encouraging them to wire funds or reveal data.
The cybersecurity landscape is always evolving. With malicious operators constantly creating new tools to trick and thieve, which are then countered by a newly developed security solution, there can be little doubt that any list of technical terminology will be adding an array of new terms in the future. For advice on enterprise cybersecurity and operating safely, contact our specialist team at Galaxkey today.