Glossary of Cyber Security Terms

When dealing with cyber security, it is not uncommon to come across some unfamiliar terms. The list of terms we offer here, while not comprehensive, is meant to aid in understanding of the issues you may face.
Keyword Definition

Authentication

The process of determining whether someone or something is, in fact, who or what it claims to be.

Broadband

High-speed data transmission system where the communications circuit is shared between multiple users.

Chrome

Software developed by Google to browse and navigate the Internet

Database

A collection of data that is organized so that its contents can easily be accessed, managed and updated

Drive-by Download

An attack that occurs when visiting a website that has been compromised or visiting a website that is designed to do harm. These attacks target security holes in browsers or in the plu-ins used in those browsers. That attack may not be seen

Encryption

The translation of data into a secret code.  To read an encrypted file you must have access to a key or password that enables you to decrypt it. Encrypted data is referred to a cipher text

Exploit

A software tool, process or technique designed to take advantage of a flaw in a computer system, typically for malicious purposes such as installing malware, stealing information, etc

FireFox

Software developed by Mozilla to browse and navigate the Internet.

Firewall

Hardware or software designed to prevent unauthorized access to a computer or network from another computer or network

Hacker

Someone who violates computer security for malicious reasons, kudos or personal gain

HTTP / port 80

HyperText Transfer Protocol.  The protocol used to transmit unsecured web pages over the Internet.  Uses TCP port 80 for transmission

HTTPS/SSL / port 443

A secure version of HTTP which encrypts data.  Uses TCP port 443 for transmission

Internet

A worldwide network of computers that allows the "sharing" or "networking" of information at remote sites from other academic institutions, research institutes, private companies, government agencies, and individuals

Internet Explorer

Software developed by the Microsoft Corporation to browse and navigate the Internet

Internet service provider (ISP)

Company that provides access to the internet and related services

Intrusion detection system (IDS)

Program or device used to detect that an attacker is or has attempted unauthorized access to computer resources

Key logger

A virus or physical device that logs keystrokes to secretly capture private information such as passwords or credit card details

Macro virus

Malware (ie malicious software) that uses the macro capabilities of common applications such as spreadsheets and word processors to infect data

Malware

Software intended to infiltrate and damage or disable computers. Shortened form of malicious software

Man-in-the-middle (MitM) attack

A type of attack in which the actor intercepts, alters, or eavesdrops on data as it travels between the sender and recipient. An example of this is intercepting messages through an unencrypted Wi-Fi connection

Patch

 A fix added to software to repair or improve aspects that are not functioning optimally, such as a security flaws, stability or speed of a browser or operating system.

Phishing

Method used by criminals to try to obtain financial or other confidential information (including user names and passwords) from internet users, usually by sending an email or text messaging that looks as though it has been sent by a legitimate organization (often a bank). The email or text usually contains a link to a fake website that looks authentic.

Protocol

The 'language' spoken between computers to help them exchange information. More technically, it is a formal description of message formats and the rules that two computers must follow in order to exchange those messages

Scareware

 A message, delivered through a computer or mobile device, that is intended to frighten or intimidate the viewer into taking an action, such as clicking on a link, purchasing software or sending money.

Social engineering

Using deceptive tactics to trick people into divulging confidential or personal information that may be used for fraudulent purposes. This information may be used for impersonation as well as to gain access to accounts.

SPAM

Spam is unsolicited e-mail on the Internet

Spear Phishing

 Same as Phishing (see above), but this messaging is targeted at a specific individual or group of individuals, to make the message seem more authentic.

Spoofing

Sending an email disguised to look like it is coming from someplace besides its actual origin. The IP address may be changed, the email address may mimic a known domain, and the email formatting may imitate the design attached to a well-known company or site

Spyware

 Malware that passes information about a computer user’s activities to an external party

TCP/IP

 "Transmission Control Protocol/Internet Protocol." TCP/IP is a combined set of protocols that perform the transfer of data between two computers.  It is the Standard protocol for all Internet-connected machines

Trojan

A malicious piece of code, usually hidden in another seemingly harmless piece of software or application. 

Virus

 Self-replicating malware that attaches itself to an application program or other executable system component and leaves no obvious signs of its presence

VPN

 Virtual Private Network.  A network in which some of the parts are connected using a public network (Internet), but the data sent across the public network is encrypted

Vulnerability

 A flaw or weakness that can be used to attack a system or organization

Worm

Malware that replicates itself so it can spread to infiltrate other computers

Need a reason to choose Sharonview?
you decide
Everything we do is geared toward helping you improve your financial standing, all while treating you the way you deserve. Experience the Sharonview difference.