Glossary of Cyber Security Terms

When dealing with cyber security, it is not uncommon to come across some unfamiliar terms. The list of terms we offer here, while not comprehensive, is meant to aid in understanding of the issues you may face.
Keyword Definition


The process of determining whether someone or something is, in fact, who or what it claims to be.


High-speed data transmission system where the communications circuit is shared between multiple users.


Software developed by Google to browse and navigate the Internet


A collection of data that is organized so that its contents can easily be accessed, managed and updated

Drive-by Download

An attack that occurs when visiting a website that has been compromised or visiting a website that is designed to do harm. These attacks target security holes in browsers or in the plu-ins used in those browsers. That attack may not be seen


The translation of data into a secret code.  To read an encrypted file you must have access to a key or password that enables you to decrypt it. Encrypted data is referred to a cipher text


A software tool, process or technique designed to take advantage of a flaw in a computer system, typically for malicious purposes such as installing malware, stealing information, etc


Software developed by Mozilla to browse and navigate the Internet.


Hardware or software designed to prevent unauthorized access to a computer or network from another computer or network


Someone who violates computer security for malicious reasons, kudos or personal gain

HTTP / port 80

HyperText Transfer Protocol.  The protocol used to transmit unsecured web pages over the Internet.  Uses TCP port 80 for transmission

HTTPS/SSL / port 443

A secure version of HTTP which encrypts data.  Uses TCP port 443 for transmission


A worldwide network of computers that allows the "sharing" or "networking" of information at remote sites from other academic institutions, research institutes, private companies, government agencies, and individuals

Internet Explorer

Software developed by the Microsoft Corporation to browse and navigate the Internet

Internet service provider (ISP)

Company that provides access to the internet and related services

Intrusion detection system (IDS)

Program or device used to detect that an attacker is or has attempted unauthorized access to computer resources

Key logger

A virus or physical device that logs keystrokes to secretly capture private information such as passwords or credit card details

Macro virus

Malware (ie malicious software) that uses the macro capabilities of common applications such as spreadsheets and word processors to infect data


Software intended to infiltrate and damage or disable computers. Shortened form of malicious software

Man-in-the-middle (MitM) attack

A type of attack in which the actor intercepts, alters, or eavesdrops on data as it travels between the sender and recipient. An example of this is intercepting messages through an unencrypted Wi-Fi connection


 A fix added to software to repair or improve aspects that are not functioning optimally, such as a security flaws, stability or speed of a browser or operating system.


Method used by criminals to try to obtain financial or other confidential information (including user names and passwords) from internet users, usually by sending an email or text messaging that looks as though it has been sent by a legitimate organization (often a bank). The email or text usually contains a link to a fake website that looks authentic.


The 'language' spoken between computers to help them exchange information. More technically, it is a formal description of message formats and the rules that two computers must follow in order to exchange those messages


 A message, delivered through a computer or mobile device, that is intended to frighten or intimidate the viewer into taking an action, such as clicking on a link, purchasing software or sending money.

Social engineering

Using deceptive tactics to trick people into divulging confidential or personal information that may be used for fraudulent purposes. This information may be used for impersonation as well as to gain access to accounts.


Spam is unsolicited e-mail on the Internet

Spear Phishing

 Same as Phishing (see above), but this messaging is targeted at a specific individual or group of individuals, to make the message seem more authentic.


Sending an email disguised to look like it is coming from someplace besides its actual origin. The IP address may be changed, the email address may mimic a known domain, and the email formatting may imitate the design attached to a well-known company or site


 Malware that passes information about a computer user’s activities to an external party


 "Transmission Control Protocol/Internet Protocol." TCP/IP is a combined set of protocols that perform the transfer of data between two computers.  It is the Standard protocol for all Internet-connected machines


A malicious piece of code, usually hidden in another seemingly harmless piece of software or application. 


 Self-replicating malware that attaches itself to an application program or other executable system component and leaves no obvious signs of its presence


 Virtual Private Network.  A network in which some of the parts are connected using a public network (Internet), but the data sent across the public network is encrypted


 A flaw or weakness that can be used to attack a system or organization


Malware that replicates itself so it can spread to infiltrate other computers

Need a reason to choose Sharonview?
you decide
Everything we do is geared toward helping you improve your financial standing, all while treating you the way you deserve. Experience the Sharonview difference.