Cybersecurity and Dark Web glossary of terms
Posted 28th June 2021
In a world where we are constantly sharing information, cybersecurity should be at the forefront of everyone’s minds. However, we also understand that sometimes there are terms that are used that might not be understandable to people who don’t work in IT. So, we thought we’d help with a Cybersecurity and Dark Web Glossary (written in Plain English).
Antivirus software monitors your devices to detect cybersecurity threats. Your antivirus should alert you to the threat and remove or quarantine the malicious code or software.
A cybercriminal who is attempting to access your systems or steal information.
The process of verifying your identity. This can range from a password, PIN, or fingerprint all the way through to multi-factor authentication, which requires you to access particular devices.
Saving a copy of all your files and documents to a separate, secure location. This can be the only way to protect against data loss.
A list of users, devices and domains that are either blocked or denied access.
The unauthorised access of data, computer systems or networks.
Bring your own device (BYOD)
A policy that allows staff members to use their own devices at work for work purposes. This means that they will usually be connected to a business’ IT infrastructure and may contain sensitive information. We also have a useful BYOD blog here.
A tool for encrypting and decrypting data.
A malicious technique by which a victim is tricked into clicking on a URL, button or another screen object. Clickjacking can be performed in many ways and is designed to trick the user into handing over valuable password information.
A deliberate, malicious attempt to damage, disrupt or gain access to computer systems, networks or devices. We have a range of blogs on cyber security here.
Cyber Essentials is an accreditation, designed by the UK Government, which provides the information, training, and ultimate peace of mind that your business is implementing the necessary internet hygiene measures that will ultimately reduce its vulnerability. LP Networks is an accredited Cyber Essentials Certifying Body, find out more here.
All the methods and systems you use to ensure that your IT infrastructure is safe and secure from cyberattacks. This could include endpoint security, firewalls, back-ups, and staff training.
The Dark Web is the third layer of the Internet and can only be accessed using special access software. This is where criminal actions occur, stolen information is bought and sold, and cybercriminals communicate. It is advisable to regularly check to see if any of your data is currently being sold on the Dark Web through a checking service. We have a Dark Web Monitoring Service.
Loss or unauthorised sharing of data and information to individuals outside your organisation.
No longer having data. This could be because it’s been stolen, deleted, or forgotten about.
The measures your company takes to protect confidential data and prevent it from being accidentally or deliberately corrupted, destroyed, or disclosed.
The process of deciphering encrypted text back into its original form.
Denial of service (DoS)
This type of cyberattack prevents you from accessing your system or resources by overloading the service with requests.
A cybercriminal uses known dictionary words, phrases or common passwords to access your IT system.
Drive-by Download attack
Malicious software or a virus that is installed on a device, usually from visiting an infected website, without the user’s knowledge or consent. This can then install software such as tracking tools and keystroke loggers.
Encrypting documents makes them unreadable without a unique code or key.
Internet-connected devices on a network – e.g., smartphones, laptops, and tablets.
The use of hacking techniques for legitimate purposes – i.e., to identify and test cybersecurity vulnerabilities. The actors in this instance are sometimes referred to as ‘white hat hackers’.
When information is transferred from a system without consent.
This term is used when someone uses a weakness in a system to access it and gain information.
A physical or virtual boundary that surrounds a network or device and protects it from unwanted access. Firewalls can be hardware or software.
GDPR means General Data Protection Regulations and is European legislation designed to prevent the misuse of data. It gives individuals greater control over how their personal information is used online.
Someone who breaks into computers, devices, systems, and networks. In most cases, this is done with malicious intent, although ethical hackers also work to find vulnerabilities in systems.
A honeypot is a decoy system that attracts potential attackers and protects existing systems by detecting attacks or deflecting them.
An incident is any breach of the security rules for a system or service. This may include any attempts to gain unauthorised access, the unauthorised use of systems for the processing or storing of data, malicious disruption, denial of service, and changes to a system’s firmware, software, or hardware without the owner’s consent.
Incident response plan
A plan of action for dealing with any cyber incident.
A signal that tells you that a cyber incident is in progress or may have occurred.
Internet of things (IoT)
The ability of everyday objects, such as cat flaps, doorbells, kettles, fridges and televisions, to connect to the Internet.
This happens when an attacker uses a false IP address to trick the user or a cybersecurity solution into believing they are legitimate.
Jailbreaking happens when a user removes a device’s security restrictions (typically on mobile phones) to install unofficial apps and modify the system.
Keyloggers are software or hardware that track keystrokes and keyboard events to monitor user activity. Typically, they are used as a way of accessing logins and passwords.
A logic bomb is a piece of code carrying a set of secret instructions which is inserted into a system and triggered by a particular action. Typically, they are malicious and usually delete files.
Malicious code is intended to hurt the confidentiality, integrity, or availability of an IT system.
Malvertising is the use of online advertising to deliver malware to a device or system. In some cases, you don’t even need to click on a link to become a victim.
The term malware represents any viruses, Trojans, worms, code, or content that could negatively impact an organisation or individual.
Man-in-the-middle Attack (MitM)
A man-in-the-middle attack happens when a cyber-criminal places themself between the victim and the website the victim they’re trying to reach. This is done to either harvest the information being transmitted or alter it.
Mobile Device Management (MDM)
Mobile Device Management (MDM) is a type of software designed to monitor, manage and secure devices. It allows remote administration and management of the device, protecting it from potential harm. We offer MDM services.
All software has to have updates (patches), and developers create them as flaws are discovered. Ensuring that your system’s patches are always up to date is called Patch Management and is an essential factor in managing cybersecurity. Find out more about Patch Management here.
Penetration testing (pentest)
Penetration testing is a service that identifies weaknesses in a system through the use of ethical hacking. LP Networks offers a Pentest service, find out more here.
Pharming happens when a user is redirected to an illegitimate website, even though they’ve entered the correct address.
Phishing usually comes in a fake email or text message that asks for sensitive information or pushes a user to visit a phoney website. The purpose is to gain login information that can be used maliciously.
Ransomware is a type of malware that encrypts all the data on a device and blocks the owner’s access to it. After this has happened, the victim will receive a message that tells them that they must pay money to get a decryption key to allow them to access their system and files. Find out about the Manchester United Ransomware attack here.
Security Information and Event Management (SIEM)
SIEM represents the software that we use to monitor, log, and analyse security events.
A set of rules that set out the acceptable use of an organisation’s information and services designed as a means of protecting information and data.
Phishing via text message: exactly the same as a phishing email but sent by SMS, users are asked for sensitive information or encouraged to visit a fake website.
Unsolicited, bulk messages.
Spear phishing is a cyberattack that aims to extract sensitive data from a victim using a very specific and personalised message designed to look like it’s from a person the recipient knows or trusts.
Spyware collects and steals sensitive information without the victim’s knowledge. Trojans, adware, and system monitors are different types of spyware. Spyware stores the victim’s internet activity and can also harvest usernames, passwords, and financial information.
SSL / Secure Sockets Layer
SLL is a method of encryption that ensures the safety of data sent and received from a user to a website. Encrypting this data means that no one can snoop or gain access to confidential information, e.g., card details. Legitimate websites use SSL (they start with HTTPS), and you should avoid inputting any information into websites that just start HTTP.
An evaluation of the characteristics of individual threats.
Threat management is a multi-layered approach to threats that includes prevention, detection, response, and recovery.
A computer program that seems to be legitimate and useful but also has a hidden malicious function that evades cybersecurity systems.
Two-factor authentication (2FA)
The use of two different components to verify a user’s claimed identity, for example, receiving a code by text message and using a username and password. This is also known as multi-factor authentication (MFA).
Any access that violates a security policy.
A URL injection happens when a cybercriminal creates new pages on a website owned by someone else. Sometimes, these pages can contain malicious code alongside spam and suspect links.
Virtual Private Network (VPN)
A VPN is an encrypted network that allows secure connections for remote users, for example, in a business that operates in multiple locations.
Virus is the term for a program that self-replicates within a system and infects legitimate software programs.
A vulnerability is a weakness or flaw in software, a system, or a process that an attacker can use to gain unauthorised access to a system.
A self-replicating, self-propagating program that uses networking mechanisms to spread itself.
Zero-day refers to new vulnerabilities (or bugs) that haven’t been discovered by vendors or cybersecurity programs that hackers can exploit.
A zombie computer is connected to the Internet and appears to be performing normally. However, it can be controlled by a hacker with remote access to it, allowing them to send commands through an open port. Zombies are primarily used to spread spam or infected data to other computers or launching DoS (Denial of Service) attacks.