There’s no question that cybersecurity jargon can be hard to understand. A lot of the terminology is unique and focuses on various topics. To make your guides easy to digest, you must know your audience and include only the necessary information. Additionally, the design determines how well your guide is retained.
Like the wooden horse the Greeks used to circumvent the city of Troy, a Trojan Horse is a software program that claims to have useful functionality but carries a hidden payload. These payloads can be malicious and use the application’s functionality to bypass security perimeters and mechanisms. A man-in-the-middle attack involves inserting oneself into a private conversation between two parties while controlling or manipulating the dialogue. This can be done via eavesdropping, for example. A SOAR (Security Operation and Response) system enables businesses/entities to automate threat responses. This reduces time to resolution and allows for faster escalation through automated investigations and decision-making. It can also detect abnormal behavior and monitor malware and other suspicious activity. An example of a SOAR system is the RSA Cybersecurity Operations Center.
One of the common cybersecurity terms is the attack vector, the paths through which cybercriminals gain unauthorized access to your systems, servers and networked devices. They can range from malware and phishing attacks to brute-force password hacking, compromised credentials or man-in-the-middle attacks.
Cybercriminals leverage attack vectors to wreak havoc on businesses, steal data and technology, and extort ransom payments. Their motivations vary, from disgruntled former employees to malicious hackers and even terrorists or hacktivists.
An example of an attack vector is SQL injection, which exploits a vulnerability in Structured Query Language (SQL), which enables communication with databases. Hackers use this attack vector to hijack servers and expose confidential information. They can also use it to create a botnet that sends phishing emails or mines cryptocurrency. This demonstrates why you must ensure your software and hardware are secure against all attack vectors.
Authenticators are the physical or digital means users use to demonstrate their identity. They consist of personal factors, or tokens, that allow a party to verify a user’s claimed identity. Federal agencies must validate their authentication solutions through NIST SP 800-63-3 guidelines to ensure they can resist various exploits and other attacks. However, many authenticators need to meet the requirements of these guidelines, which may create vulnerabilities in an organization’s security posture. For example, Mitiga reported that Microsoft’s Authenticator app does not require a second form of authentication and allows administrative users to elevate their non-admin accounts into admin rights.
Backdoors are hackers’ secret entrances to access devices, networks and software applications. They allow threat actors to bypass security measures and gain high-level user access, steal data or install malware.
Cybercriminals typically create backdoors from malicious programs such as remote access trojans, cryptojackers, spyware and worms. However, hardware and software manufacturers can also build them into their products on purpose. For example, the NSA has incorporated backdoors into the firmware and other hardware components to intercept network communications for foreign intelligence purposes.
Software developers often create backdoor accounts to quickly move in and out of applications as they code and test them. Unfortunately, these backdoors aren’t always removed and can be used by nefarious actors to exploit vulnerabilities.
A botnet is a group of internet-connected devices (personal computers, servers, mobile phones and Internet of Things IoT devices) infected with malware. Cybercriminals control these devices without their owners’ knowledge and use them to execute different kinds of cyber attacks.
They can use a botnet to send spam emails, engage in click fraud campaigns or generate malicious traffic for distributed denial-of-service attacks. They can also be used to mine cryptocurrency or boost views of a website or advertisement. Botnet is a portmanteau of “robot” and “network.” Traditional bot programs are controlled by centralized command and control servers, while newer ones use peer-to-peer (P2P) networks to avoid detection. Disrupting these servers can dismantle the botnet and stop its activities.
Cryptography is a cybersecurity practice that uses algorithms, engineering, and mathematics to create complex codes that hide the meaning of a message. This allows for information to be sent over the internet without the risk of being read by unauthorized parties. This is essential for securing information like credit card transactions, email, and web browsing.
Cybersecurity is a field that constantly evolves and can be difficult to keep up with. It also has a language that can be intimidating to those who need to be better versed in it.
Data encryption is necessary for responsible security programs, scrambling information into ciphertext that can only be decoded by authorized parties. It can encrypt static data (data stored on computers, servers and mobile devices) or dynamic data like messages in transit or social security numbers entered into an online banking system.
Different types of data require different levels of encryption; for example, large files benefit from granular encryption, while simple, structured information like account numbers and passwords is more suited to tokenization.