Cyberthreats are becoming more dangerous every day, and businesses are having trouble keeping up. Though installing security solutions such as antivirus software, firewalls, intrusion prevention systems (IPSs) and the like is a great step, understanding cybersecurity terminologies can be a big help.
In this post, we’ll be discussing the most essential terms that will aid in keeping your business protected against the latest attacks.
Advanced persistent threat (APT):
An APT is a state-sponsored attack in which a group of developers or threat actors gains control of a system for an extended period without the victim’s knowledge. APT-related threats are launched using in-house tools that are not usually found in the cybercriminal underground. After a successful reconnaissance, the threat actors can procure and retain access privileges even after certain attack points have already been blocked.
A security solution used to detect, quarantine, and remove malicious software on PCs, Macs, and mobile devices, and block access to known dangerous websites. Despite its name, antivirus software also covers other forms of malware such as worms, Trojan horses, ransomware, and spyware, among other threats.
This is the process of proving the real identity of a user by inputting a password, PIN, or pattern, or providing physical items like smart cards and flash drives. Authentication methods have also evolved to include fingerprint, face, iris, or voice scans.
A backup is a copy of computer data used as a substitute in case of data theft, corruption, or loss due to natural or man-made disasters like earthquakes and malware attacks. Backups can be saved on physical disks or servers, or in third-party cloud systems.
Business email compromise (BEC):
BEC is a type of scam designed to target businesses working with foreign suppliers and businesses that regularly perform wire transfer payments. This often begins with an attacker impersonating a business executive’s email account or any publicly listed email using keylogger malware or phishing methods. The fraudster asks an unwitting employee to wire funds for invoice payment to an alternate, fraudulent account via spoofed email, telephone, or facsimile.
Bring your own device (BYOD):
BYOD is a company policy that permits employees to use personal devices like laptops, smartphones, and tablets to the workplace to get work done. This policy is growing in popularity among businesses, as it provides better employee flexibility, which in turn leads to higher productivity, efficiency, and morale.
This the use of a network of internet-based remote servers to store, manage, and process data. The cloud, in theory, is more secure than in-house databases and servers due to the former’s data redundancy features.
This is the unintentional or deliberate exposure of confidential company data to an unauthorized party caused by an attack by an organized crime group or an insider. A data breach may involve sensitive information such as debit and credit card details, protected health information (PHI), personally identifiable information (PII), and trade secrets.
This is a condition where the same piece of information is stored in two separate places. It can mean two locations in a single database, or two areas in multiple software environments. If the data is corrupted or unavailable in one area, the information can still be accessed in another.
Distributed denial-of-service (DDoS):
DDoS is an attack method where the hacker enlists thousands of different computers to target an internet-accessible system and flood it with connection requests. Once the traffic becomes too much for the victim to handle, their system will crash and be deemed unusable.
An exploit kit is an automated threat that utilizes compromised websites to divert web traffic and unleash malware.
This is a network security solution that monitors incoming and outgoing network traffic. It can also allow or block specific connection requests based on a defined set of security rules.
A hacker is a person knowledgeable in analyzing, modifying, and disrupting computer systems. They can either be called ethical (also known as white hat hackers) or malicious (known as black hat hackers). Hackers can range from skilled programmers to those who have very little IT experience.
This is an act of identity theft wherein a criminal uses the stolen information of another individual or a company to make fraudulent transactions or agreements.
Simply known as “infosec,” information security is the practice of preventing unauthorized access, use, disclosure, modification, recording, or destruction of information, whether electronic or physical.
This is a surveillance software that can record keystrokes made on a system. It can capture instant messages (IMs), email, login credentials, and other PII typed on a keyboard.
This is a small piece of code injected into the macros of documents such as word documents and spreadsheets. Cybercriminals typically tell the recipient that by enabling the macro, the document will display properly. However, doing so will only release the malware inside it.
Short for malicious software, it refers to any application written with the intent of causing harm, disclosing sensitive information, or violating the security of a computer system. It can take the form of worms, viruses, Trojan horses, remote access Trojan horses (RATs), rootkits, ransomware, and spyware, among others.
Managed IT services provider (MSP):
MSPs are IT organizations that deliver managed services such as IT processes for a client under a subscription model. For instance, they can monitor a company’s IT infrastructure for incoming threats 24/7/365 for a fixed monthly fee.
Mobile device management (MDM):
MDM software refers to security software that enable IT administrators to control and monitor the number of mobile devices registered in a company’s network. MDM can be useful in preventing the leak of sensitive files and wiping gadgets of any data if they get lost or stolen.
Multifactor authentication (MFA):
MFA makes use of more than one method to verify the identity of a user. This could be through one-time codes sent to a smartphone, mobile app prompts, or fingerprint or facial scans. Through this technology, even if a hacker acquires a password, they will still not be able to log in without fulfilling the succeeding security measures.
This is a systematic scan to detect slow or failing network components like faulty servers, routers, or switches. An MSP often provides this service to uncover problems and fix them before they do any serious damage to a company’s IT infrastructure.
This is the process of researching, testing, approving, and installing updates and patches to computer systems. A patch may correct, improve, or expand existing software by introducing a new code provided by the application developer.
This is the fraudulent practice of sending messages purportedly from a legitimate entity (e.g., a bank or a co-worker) to steal personal and financial information. These messages typically contain links that imitate a legitimate company’s website to trick a user into handing over the information. Phishing can be done via emails, voice calls, and short message service (SMS).
This is a form of social engineering where the scammer pretends to need information to confirm the identity of the person they are talking to. Once trust is established, the “pretexter” will ask a series of questions designed to gather key information such as the victim's social security number, mother’s maiden name, or birthdate.
This malware encrypts files in a computer system and denies access to users unless a ransom is paid, usually in Bitcoins, MoneyPak cards, or similar payment systems. Ransomware is usually sent through email, but can also be found in malicious links and exploit kits.
This comes in the form of pop-up ads or messages to trick victims into purchasing and downloading useless or potentially harmful software. For instance, scareware can mimic Windows system messages to induce urgency and make the alert legitimate. These messages typically say that a large number of malware infections have been detected in the system, and the user should buy their software to resolve the issue. However, doing so will only install malware on your computer that will ultimately access files, send out fake emails in the victim’s name, or track online activity.
Service level agreement (SLA):
An SLA defines certain requirements or standards that an MSP has agreed to meet. For example, the agreement should detail what services, equipment, and software applications are included and the committed turnaround times.
This attack method involves any act that tricks a person or group of users into divulging personal or confidential information that may be used for fraud. Phishing, pretexting, and scareware are the most popular ways to conduct social engineering.
This distribution model makes computer programs available on the internet rather than locally on servers. The software is paid for as a monthly subscription instead of one-time purchases. Popular SaaS apps include Office 365, Google Apps, and Adobe Creative Cloud.
This malware can self-replicate and modify, corrupt, and destroy data. Viruses are typically attached to legitimate programs or documents to execute its code.
Zero-day are attacks that occur on the same day a vulnerability is discovered in a software. At that point, it's exploited before a fix becomes available from its manufacturer. Because of the lack of security patches from the software developer, cybercriminals can easily exploit the said vulnerability.
Now that you’re familiar with the lingo, it’s time for your business to take cybersecurity more seriously. Help is here with Binatech. Our managed IT services will ensure that your IT infrastructure is working at its optimal level, while reducing downtime along the way. Call us today to know more.