Glossary of Cyber Security Terms

When dealing with cyber security, it is not uncommon to come across some unfamiliar terms. The list of terms we offer here, while not comprehensive, is meant to aid in understanding of the issues you may face.
Keyword Definition
Authentication The process of determining whether someone or something is, in fact, who or what it claims to be.
Broadband High-speed data transmission system where the communications circuit is shared between multiple users.
Chrome Cross-platform web browser developed by Google to browse and navigate the Internet
Database A collection of data that is organized so that its contents can easily be accessed, managed and updated
Drive-by Download An attack that occurs when visiting a website that has been compromised or visiting a website that is designed to do harm. These attacks target security holes in browsers or in the plug-ins used in those browsers. That attack may not be seen
Encryption The translation of data into a secret code.  To read an encrypted file you must have access to a key or password that enables you to decrypt it. Encrypted data is referred to a cipher text
Exploit A software tool, process or technique designed to take advantage of a flaw in a computer system, typically for malicious purposes such as installing malware, stealing information, etc
FireFox Cross-platform web browser developed by Mozilla to browse and navigate the Internet.
Firewall Hardware or software designed to prevent unauthorized access to a computer or network from another computer or network
Hacker Someone who violates computer security for malicious reasons, kudos or personal gain
HTTP / port 80 HyperText Transfer Protocol.  The protocol used to transmit unsecured web pages over the Internet.  Uses TCP port 80 for transmission
HTTPS/SSL / port 443 A secure version of HTTP which encrypts data.  Uses TCP port 443 for transmission
Internet A worldwide network of computers that allows the "sharing" or "networking" of information at remote sites from other academic institutions, research institutes, private companies, government agencies, and individuals
Internet Explorer Software developed by the Microsoft Corporation to browse and navigate the Internet. This software has been deprecated and replaced by Microsoft Edge.
Internet service provider (ISP) Company that provides access to the internet and related services
Intrusion detection system (IDS) Program or device used to detect that an attacker is or has attempted unauthorized access to computer resources
Key logger A virus or physical device that logs keystrokes to secretly capture private information such as passwords or credit card details
Macro virus Malware (ie malicious software) that uses the macro capabilities of common applications such as spreadsheets and word processors to infect data
Malware Software intended to infiltrate and damage or disable computers. Shortened form of malicious software
Man-in-the-middle (MitM) attack A type of attack in which the actor intercepts, alters, or eavesdrops on data as it travels between the sender and recipient. An example of this is intercepting messages through an unencrypted Wi-Fi connection
Microsoft Edge Cross-platform web browser published by Microsoft to browse and navigate the Internet. Serves as replaced for Internet Explorer.
Patch  A fix added to software to repair or improve aspects that are not functioning optimally, such as a security flaws, stability or speed of a browser or operating system.
Phishing Method used by criminals to try to obtain financial or other confidential information (including user names and passwords) from internet users, usually by sending an email that looks as though it has been sent by a legitimate organization (often a bank). The email usually contains a link to a fake website that looks authentic.
Protocol The 'language' spoken between computers to help them exchange information. More technically, it is a formal description of message formats and the rules that two computers must follow in order to exchange those messages
Scareware  A message, delivered through a computer or mobile device, that is intended to frighten or intimidate the viewer into taking an action, such as clicking on a link, purchasing software or sending money.
Smishing Similar to Phishing, Smishing is an attack that tries to trick the end user to click on a link in a text message or sms to lead them to a data collection tool. The message attempts to look legitimate or vague enough to urge someone to click on the link. As with phishing the goal of the criminals is to try to obtain financial or other confidential information (including user names and passwords) from internet users.
Social engineering Using deceptive tactics to trick people into divulging confidential or personal information that may be used for fraudulent purposes. This information may be used for impersonation as well as to gain access to accounts.
SPAM Spam is unsolicited e-mail on the Internet
Spear Phishing  Same as Phishing (see above), but this messaging is targeted at a specific individual or group of individuals, to make the message seem more authentic.
Spoofing Sending an email disguised to look like it is coming from someplace besides its actual origin. The IP address may be changed, the email address may mimic a known domain, and the email formatting may imitate the design attached to a well-known company or site
Spyware  Malware that passes information about a computer user’s activities to an external party
TCP/IP  "Transmission Control Protocol/Internet Protocol." TCP/IP is a combined set of protocols that perform the transfer of data between two computers.  It is the Standard protocol for all Internet-connected machines
Trojan A malicious piece of code, usually hidden in another seemingly harmless piece of software or application. 
Virus  Self-replicating malware that attaches itself to an application program or other executable system component and leaves no obvious signs of its presence
VPN  Virtual Private Network.  A network in which some of the parts are connected using a public network (Internet), but the data sent across the public network is encrypted
Vishing Similar to Phishing, Vishing is a method used by criminals to try to obtain financial or other confidential information (including user names and passwords) from internet users, usually by calling phone numbers directly. The call can be from a live person or a recording, attempting to appear as though it has been sent by a legitimate organization (often a bank).
Vulnerability  A flaw or weakness that can be used to attack a system or organization
Worm Malware that replicates itself so it can spread to infiltrate other computers

Need a reason to choose Sharonview?
you decide
Everything we do is geared toward helping you improve your financial standing, all while treating you the way you deserve. Experience the Sharonview difference.