At Adept IT Solutions, we understand how confusing some aspects of IT can be. Cybersecurity, and the extensive list of terminology and features that go alongside it can be quite daunting for users looking to obtain information. In a bid to provide helpful IT support, in the form of a cybersecurity glossary, we are providing the common key words and acronyms that arise when discussing cybersecurity, and their meaning.
Cybersecurity Glossary
This extensive cybersecurity glossary is aimed at providing insight into a number of common cyber keywords that appear on a daily basis in the IT world. As well as this, we are providing insight into some IT keywords that are not so familiar, to provide awareness of their existence, and their potential actions on businesses.
What is Access Control?
Access controls in cybersecurity regulate who can view or use resources, ensuring only authorised access. These controls involve user identification, authentication, authorisation, and activity auditing to maintain security.
What is Account Harvesting?
Account harvesting in cybersecurity refers to the process of collecting valid usernames or account information, typically through automated methods. Attackers use this information to perform further malicious activities to gain unauthorised access to systems and data.
What is Advanced Persistent Threat (APT)?
An Advanced Persistent Threat (APT) is a prolonged and targeted cyberattack where an intruder gains access to a network and remains undetected for an extended period. This is often aimed at stealing sensitive information, disrupting operations, or spying on organisations.
What is Antivirus?
Antivirus software in cybersecurity detects, prevents, and removes malicious software (malware) from computers and networks. It scans files, programs, and system memory for known viruses, trojans, worms, and other threats, to prevent hacking efforts.
What is Artificial intelligence (AI)?
AI in cybersecurity enhances threat detection, prevention, and response by using machine learning and data analysis to identify patterns and anomalies. It automates tasks such as monitoring, threat hunting, and incident response, improving accuracy and speed.
What is a Bot?
A bot is an application programmed to perform certain tasks automatically. Bots can operate independently, following given instructions without human intervention. Bots can be used to spread spam, scrape information, or run stolen social media accounts.
What is Brute force?
A brute force attack is a trial-and-error method used to decode sensitive data like passwords, encryption keys, and login credentials. The attacker systematically tries every possible combination until the correct one is found.
What is Business Email Compromise?
Business Email Compromise (BEC) in cybersecurity is a type of cybercrime where the scammer uses email to trick someone into sending money or divulging confidential company info. The attacker impersonates a trusted figure, and manipulates the victim into performing actions like transferring funds or sharing sensitive data.
What is Credential Theft?
Credential theft is the illicit acquisition of usernames and passwords with the intent to gain unauthorised access to systems, networks, or data. Phishing, keylogging, and malware is used to execute these thefts.
What is Credential Stuffing?
Credential stuffing is a type of cyberattack where hackers use stolen usernames and passwords that were previously stolen, to gain unauthorised access to other online accounts. This is possible because many people use the same username and password combination across multiple websites.
What is a Data breach?
A data breach is a security incident where unauthorised users gain access to sensitive or confidential information. This can include personal data personal information, sensitive data, and private business material.
What is a DDoS Attack?
A Distributed Denial-of-Service (DDoS) attack is a cybercrime where the attacker floods a server, website, or network with excessive internet traffic, rendering it inaccessible to legitimate users.
What is Encryption?
Encryption is a cybersecurity method that transforms readable data (plaintext) into an unreadable format (ciphertext) to protect sensitive information from unauthorised users.
What is Endpoint security?
Endpoint security is a cybersecurity approach that focuses on protecting endpoints or entry points of end-user devices such as desktops, laptops, and mobile devices from exploitation by malicious actors. It involves deploying solutions that can analyse, detect, block, and contain cyberattacks as they happen.
What is a Firewall?
A firewall is a network security device that monitors, filters, and controls incoming and outgoing network traffic based on predetermined security rules. Its primary purpose is to establish a barrier between a trusted internal network and untrusted external networks.
What is Internet of Things (IoT)?
The Internet of Things (IoT) refers to the network of connected devices equipped with sensors, software, or other technologies to gather, store, and share data via the internet.
What is a Keylogger?
A keylogger is a type of software or hardware that records keystrokes made on a computer keyboard. It’s used to capture sensitive information such as login credentials and credit card numbers without the user’s knowledge.
What is Machine learning?
Machine learning (ML), a subset of artificial intelligence (AI), is used in cybersecurity to analyse large volumes of data and spot patterns, making it ideal for detecting attacks in their earliest stages. It uses algorithms to learn patterns from existing data to predict answers on new data.
What is Malware?
Malware, short for malicious software, refers to intrusive software developed by cybercriminals to steal data and damage or destroy computers and computer systems. It includes various types such as viruses, worms, Trojan viruses, spyware, adware, and ransomware.
What is a Managed Service Provider (MSP)?
A Managed Service Provider (MSP) is a third-party organisation that offers outsourced monitoring and management of security systems to enhance a business’s cybersecurity capabilities. They proactively manage cybersecurity on behalf of their clients, aiming to safeguard an organisation’s digital assets, networks, and systems from malicious threats.
What is Multi-Factor authentication (MFA)?
Multi-Factor Authentication (MFA) is a security measure that requires users to provide two or more authentication factors to access an application, account, or network. These credentials could be something the user knows (like a password), something the user has (like a security token), or something the user is (like a fingerprint).
What is a Passphrase?
A passphrase is a sequence of words, or a sentence used to authenticate access to a system. It offers a more secure alternative to traditional passwords. Passphrases are longer and more complex, making them significantly harder for cyber attackers to breach. They can be composed of a series of words or a meaningful phrase.
What is Pharming?
Pharming is a type of cyberattack that redirects a website’s traffic to a fraudulent site without the user’s knowledge. This is typically done to steal sensitive information, such as login credentials or credit card details.
What is Phishing?
Phishing is where the attacker impersonates a trusted entity to trick victims into revealing sensitive information. This information can include usernames, passwords, credit card details, and other personal data. Phishing attacks often come in the form of fraudulent emails, text messages, or websites.
What is Ransomware?
Ransomware is a type of malware that encrypts a victim’s data, effectively locking them out of their own files or systems. The attacker then demands a ransom, often in the form of cryptocurrency, to decrypt the data.
What is Spoof?
Spoofing in cybersecurity is a deceptive technique where attackers mimic legitimate entities to gain unauthorised access. It involves impersonating trusted entities, often by altering key identifiers like IP addresses, email addresses, or sender information. Spoofing can take various forms, including IP spoofing, email spoofing, and website spoofing.
What is Spyware?
Spyware is a type of malicious software that infiltrates a computer system without the user’s knowledge or consent. Its primary function is to gather information about the user and their activities, often for malicious purposes. Attackers use it to track, steal, and sell user data, such as internet usage, credit card, and bank account details, or steal user credentials to spoof their identities.
What is a Trojan?
A Trojan is a type of malware disguised as legitimate software. Cybercriminals trick users into downloading and executing Trojans on their systems. Once downloaded, the malicious code executes tasks such as gaining backdoor access to systems, spying on users’ online activity, or stealing sensitive data.
What is a Worm?
A worm is a standalone malware program that replicates itself to spread from one computer to other devices. It leverages security loopholes to access a target system. Once a worm reaches one computer in a network, it uses the machine as a host to scan and infect other computers.
What is a Zero-Day Exploit?
A Zero-Day Exploit is a cyberattack method that leverages an unknown or unaddressed security flaw in computer software, hardware, or firmware. The term “Zero day” signifies that the software or device vendor has zero days to fix the flaw because malicious actors can already use it to access vulnerable systems.
Cybersecurity Glossary
As it can be seen, the world of cybersecurity is incredibly extensive, complex, and impactful on businesses. Malicious individuals and hackers have a long list of cyberattack types to now choose from, and as such, businesses must be prepared to combat this. Providing these terms is just the first step in providing awareness of what cyberattack signs to look out for.
If you are a business looking to increase their cybersecurity systems, and avoid hackers successfully infiltrating your systems, contacting Adept IT Solutions today is the next step for an increased level of security.
Adept IT Solutions, a leading provider of local IT support in Newcastle, The Hunter Region, Central Coast, Lake Macquarie and Sydney areas, can support your business through all your IT service needs.
We provide all the services a modern-day business could need from its IT Support provider. This includes Cybersecurity, IT Strategic Planning, and much more.
To chat further about our extensive list of services, contact us at 1300 423 378 (ADEPT) or email us at info@adept-it.com.au.