A Non-Exhaustive Guide to Cybersecurity Lingo

Posted by Jennifer Bridgeman, Present Group 09-03-2023 04:25 PM

It is no longer just those in IT or business owners concerned about the security of their data that need to have a solid foundation in cybersecurity language. All employees should have an understanding of the most commonly used terms in IT security so they will be better equipped to protect themselves and the company they work for from cyberattacks.

However, many employees are still unfamiliar with many cybersecurity terms, and it is not made easy by all the abbreviations used. So, in this article we look at the definition of terms we believe everyone should know.

A form of malware that deliberately prevents you from accessing files on your computer — holding your data hostage. It will typically encrypt files and request that a ransom be paid in order to have them decrypted or recovered.

MFA (Multi-Factor Authentication)
The goal of multi-factor authentication is to create an additional layer of defence beyond just using a password. MFA is a security technology that requires at least two independent pieces of information (2FA) to verify a user’s identity when attempting to log in or access a resource.

EDR (Endpoint Detection and Response)
An EDR is designed to provide continuous detection and response to endpoints (workstations, laptops, servers) against malware and threats and thus provide anti-ransomware capabilities.
EDR comes with a set of behavioural detection rules and supports custom rule mechanisms in addition to providing AI-based detection to counter emerging threats.

SIEM (Security Information and Event Management)
The main purpose of a SIEM is to provide information by collecting event logs (syslogs). A SIEM aggregates data across your business from a variety of sources, including endpoints, web applications, physical and virtual servers, and network devices, allowing millions of events to be viewed in seconds. It also generates high-context alerts, allowing you to perform actions that reduce the vulnerability of your environments.

Social Engineering
This is a technique used to manipulate and deceive people to gain sensitive and private information or access. Scams based on social engineering tend to lure unsuspecting users into exposing data, spreading malware infections, or giving access to restricted systems.

It is a type of social engineering scheme that involves defrauding people using an app or a website that impersonates a trustworthy or often well-known business in an attempt to obtain confidential information. When you receive an email from Microsoft saying you need to update your password, don’t take it at face value — always verify the source first.

Malware is an umbrella term that describes all forms of malicious software designed to wreak havoc on a computer. Common forms include viruses, Trojans, worms and ransomware.

These malicious programs can perform a variety of functions, including stealing, encrypting or deleting sensitive data, altering or hijacking core computing functions and monitoring users’ computer activity without their permission.

A type of software application or script that performs tasks on command, allowing an attacker to take complete control remotely of an affected computer. A collection of these infected computers is known as a “botnet” and is controlled by the hacker or “bot-herder”.

A type of malware that functions by spying on user activity without their knowledge. The capabilities include activity monitoring, collecting keystrokes, data harvesting (account information, logins, financial data), and more.

A piece of malware that can replicate itself in order to spread the infection to other connected computers.

DoS and DDoS Attacks
A denial-of-service attack (DoS attack) is a cyberattack where the perpetrator seeks to make a resource unavailable to its intended users by flooding it with requests.

In a distributed-denial-of-service attack (DDoS attack) the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.

Zero-day Attacks
When a vulnerability is found within a piece of software, vendors will release an update to fix the gap in security. However, cyberattackers can release a piece of malware that exploits the security vulnerability before software developers can address it. This is known as a zero-day attack.

Dark Web
The dark web is a part of the World Wide Web that’s only accessible by installing special software and is used for more sinister purposes. It allows users to access an encrypted network where users and operators remain anonymous and untraceable. Because it’s so hidden, this is a haven for illegal activities.

Pen Testing
Short for Penetration testing, this is the practice of testing a computer system or network to find vulnerabilities that cybercriminals could exploit. The main objective of pen testing is to determine security weaknesses.

For more information on IT security offering, visit your Millenium Micro Affiliated Reseller and request a meeting with one of our security experts.

Jennifer Bridgeman, Present Group.