Every year the Oxford and Collins Dictionaries bring out new editions and announce the most used words of that year.
While global events such as the pandemic have made terms such as PPE and Covid-19 top of the list for the past two years there is also now a whole lexicon of words when it comes to cyber security.
Even a few years ago, only IT specialists would have heard of phishing and malware but today you find these terms in dozens of articles daily. And there are new ones being added all the time such as “hacktivist”: someone who is performing an illegal hack to leak information or disable a website, but in the name of a worthy cause.
Here are some of the more commons ones you may have come across, and one or two that are quickly becoming part of our everyday language.
A common and effective form of cyberattack, phishing involves sending emails to targeted users using various methods to entice them to click on links or attachments containing malicious code. They often take the form of urgent messages that claim to be from different companies, banks, or government agencies. Once the user clicks on the link or attachment, malware is uploaded into their computer to either steal log-in credentials or spread throughout a network.
2. Social Engineering
A particularly insidious form of security threat, social engineering exploits human psychology instead of technical hacking or programming tricks to gain access to passwords, access credentials, and personal information. Agents posing as contractors or contacts to build trust and relationships with employees over social media trick victims into divulging sensitive information.
3. Visual Hacking
Also called “shoulder surfing” or “screen snooping,” visual hacking occurs when someone steals sensitive information or credentials by physically looking at someone’s screen. This could be in a public place and be a simple as glancing at a computer monitor or picking up an unattended device.
4. Distributed Denial of Service (DDoS)
One of the most common forms of cyber attack, a DDoS attack bombards a server with access requests from multiple sources until the system is overwhelmed and shuts down. When the network goes down, data availability is compromised, and an organization can be vulnerable to a data breach.
A broad term used to identify any cybercriminal who has IT knowledge to launch attacks that disrupt services and compromise data. They typically use various forms of malware and hacking tactics to shut down and lock systems, steal access credentials, and manipulate data.
Linking to Point 8, this is a particularly damaging form of malware that completely locks a user out of their computer or network systems. Ransomware does this by encrypting key files that can only be unlocked by the attacker, who demands a ransom to release a key to unlock the system or files. Most cybersecurity specialists advise companies not to pay the ransom as there is no guarantee that the hackers will keep their side of the deal, and it also encourages further, more audacious, attacks on private as well as public sector organisations such as hospitals.
Malware refers to a broad range of malicious software that is introduced into a computer or network to provide unauthorised users with control over key systems and processes. Many data breaches can be traced back to some form of malware.
8. Man-in-the-Middle Attacks
One of the more difficult forms of cyberattack to detect, a MiM attack allows cybercriminals to intercept data while in transit between locations. They use this information to steal log-in credentials and personal information, sabotage, and corrupt data, or even spy.
The NEBRC is here to help businesses across our region to better understand and manage their cyber security. We are police led and a not for profit, working with our networks to stop cyber crime.
Find out how we can help your businesses by contacting us today at: firstname.lastname@example.org