32 Cyber Security Terms You Should Know

Malware is a portmanteau of “malicious” and “software,” and describes any malicious code that infects a computer with unwanted files, programs or lines of code that can do a variety of destructive things. Malware can decrease a device’s functionality, allow cybercriminals to steal data or personal information, or take control of an entire computer or network. 

Phishing scams began in the mid-1990s, when hackers started targeting users of AOL, then the leading provider of internet service. Hackers stole users’ passwords by sending them emails posing as AOL employees, then generating random credit card numbers in the hopes of matching some of them to real users’ accounts. When the credit card number generator was shut down, phishers began targeting payment systems, which are the custodians of millions of credit card profiles. 

Today the practice continues with hackers using fake emails and websites to lure people into handing over personal information like bank details or account passwords.

Denial of service (DoS) attacks and distributed denial of service (DDoS) attacks are two similar types of cyber threats. Both are designed to interrupt a website’s normal functionality by overwhelming and paralyzing the site with a massive amount of illegitimate, bot-generated traffic, blocking legitimate users from accessing it. In a DDoS attack, the action is a system-on-system attack launched by a network of malware-infected machines controlled by the hacker. 

Ransomware is a type of malware that holds a company’s data or devices hostage, encrypting it until a specific amount of money is paid. Cybercriminals engaging in ransomware attacks may also threaten to use the stolen data to perpetrate additional attacks on a company’s customers. 

Healthcare payment systems have been recent ransomware targets. In early 2024, a ransomware attack on the country’s largest healthcare payment processor reverberated throughout the entire healthcare system. The attack prevented healthcare providers throughout the United States from electronically filling prescriptions or processing reimbursement from insurance companies.

A botnet is a network of devices that are infected with and controlled by malware, used to carry out a coordinated cyberattack. You may have also heard the term “zombie computers” used to collectively describe these connected devices, because they carry out the commands of a single attacker (called the bot-herder) who maintains control over them. By using botnets, cybercriminals can carry out attacks on a large scale.

The internet of things (IoT) is a term used to describe the network of interconnected devices that communicate to each other. This term covers everything from smart devices, appliances, vehicles and wearable smart products that enhance our day to day lives, to industrial machinery that monitor environmental conditions, track warehouse inventory and shipments, and control manufacturing processes. 

In the IoT, each device has its own Internet Protocol (IP) address, which enables users to interact with it, and allows the device itself to interact with a wide-reaching network of other devices to exchange data and perform tasks autonomously. 

Encryption is a method of scrambling information to make it inaccessible to unauthorized users. When used effectively, encryption enables even the most sensitive information like passwords and financial documents to be transmitted securely online. Encryption works by encoding text into a version called ciphertext, which can then be decoded back to plain text using an algorithm-generated key.

A firewall is a piece of hardware or software that follows a strict, predetermined set of security rules that determine what traffic to allow on a network and what to block.  

In computer networks, firewalls, sometimes called gateways, filter traffic and monitor it for malware or other external threats. 

A VPN, or virtual private network, makes working, shopping or browsing safer by creating an encrypted connection between your device and a remote server. Anyone who might be watching your online activities will then see the IP address of the VPN server, and not your computer. 

Encrypting your internet traffic through a VPN isn’t a cyber security cure-all, but it makes it much harder for would-be cybercriminals, or even advertisers, to monitor your web traffic.

A data breach is any incident where unauthorized parties gain access to sensitive data. This may include corporate data like intellectual property and financial information, or personal data like social security numbers, back account details or healthcare information. 

Organizations of all types and sizes can be vulnerable to data breaches. Even if there was no actual data lost, the cost of a data breach can be quite high. According to a 2023 IBM report, the global average cost of a data breach was $4.45 million. 

User Account Control (UAC) is a security feature in the Windows operating system, which works by limiting malware’s ability to make unauthorized changes.   

When a user signs in, the operating system creates an access token, a kind of passport, for that user that has their level of access built into it. With UAC enabled, if a standard computer user (which is what malware might be identified as) attempts to run an application that requires an administrator-level token, the user is prompted to provide additional administrator credentials. An example of this prompt would be: “Do you want to allow this app to make changes to your device?”

Many data breaches are the result of poor password management. Passwords that are weak, or using the same password for multiple accounts can be exploited by cybercriminals looking to gain access to accounts and networks. 

Password management tools help users stay safe by generating randomized passwords that are difficult to decipher for hackers but only require the user to remember one password for when they need to access the tool. Some of the top password managers provide high-quality user interfaces, tutorials, password hygiene alerts and support multiple forms of multi-factor authentication.

This specialized software is designed to scan your files for suspicious activity at regular intervals and detect and remove malware from your devices when it finds it. Antivirus software provides a defense against many kinds of malware, including spyware tools like keyloggers that allow hackers to steal your work or personal login credentials. 

For many organizations, security awareness training provides a way to educate their employees about best practices for spotting social engineering attempts like phishing or other scams. Despite all the technologies and tools companies use to fortify their systems, it’s the individual users that can often represent potential weaknesses in a company’s safeguards. 

Organizations are encouraged to extend this training to temp workers, contractors or anyone else who works with important information or has network access.  

This common form of malware is named for the giant wooden horse the ancient Greeks used to infiltrate the city of Troy. While they may look like legitimate programs, a Trojan Horse Virus can take control of your computer once it’s let in and rapidly spread across any network that it’s connected to. There are many different variations of this type of malware, each of them designed to infiltrate and exploit in a different way.

Next in our cyber security glossary of terms is spyware, which accesses your devices and watches your activity without your consent. 

Commonly used forms of spyware include adware and system monitors, which track a user’s activity like social media habits, emails, sites visited or keystrokes. It’s often used for a number of nefarious purposes, like identity theft, but it can also be used to collect and sell your data to third parties. 

This form of malicious activity typically uses social engineering tactics to trick users into clicking harmful links or downloading dangerous files with the goal of hijacking their accounts or stealing sensitive information. A common clickjacking strategy is using a transparent overlay that looks like a legitimate webpage over the malicious one and its strategically placed link. 

This broad category can actually embrace both friend and foe in the realm of network security: 

Computer viruses are a type of malware that attach themselves to a program or document on your device. They generally lie dormant until you activate the program or open the document the virus is attached to, but at that point they quickly replicate and spread. 

IP (Internet Protocol) addresses are an important part of how the internet functions. Each connected device has its own IP address, or an identifier that makes the device accessible and identifies what kind it is (computers, routers, websites, etc.)

The format for IP addresses is 4 sets of numbers broken up by a period, with each set ranging from 0 to 255. You may think IP addresses are generated randomly, but they’re actually produced and allocated by the Internet Corporation for Assigned Names and Numbers (ICANN).

This malware is particularly troublesome because it can replicate itself and spread automatically. Worm viruses can be used to steal data or cause servers to become overloaded and malfunction, consuming large volumes of memory and bandwidth along the way.

User authentication is the process of verifying a user’s identity and is an important step in minimizing unauthorized access to systems and the information they contain. While passwords can be effective, using 2 or more authentication methods is recommended as a best practice. For example, in addition to a password, a second form of authentication could be an SMS message with a one-time access code sent to the user’s cellphone.

Deepfake is a term we’re likely to hear more about as generative AI technologies mature. This term describes audio or video that’s been altered or generated using AI to create a misleading version of it. Initially used in the entertainment arena, there is concern that deepfakes could be used for more wide-spread and nefarious purposes. For example, politically motivated groups could release deepfake videos of public figures making incendiary statements or engaging in unwelcome behaviors. These actions could be used to embarrass an individual, but they also have the potential to have wide-reaching effects on public discourse. 

This cybercrime method positions the hacker between two network users. After intercepting an authentic communication, the cybercriminal puts up a fake version that the unsuspecting recipient interacts with, allowing the attacker to access and steal data from their computer or information network.

Penetration testing involves authorized attempts to gain access to apps or systems in order to identify weaknesses in their defenses before malicious hackers have a chance to exploit them. 

Typically launched against high-value organizations by experienced and well-funded cybercriminals, this sophisticated and sustained cyberattack enables intruders to steal intellectual property or state secrets for long periods of time.  

Like other intrusions, the cybercriminals gain access to a network through social engineering techniques, only this time they’re typically geared toward executive-level employees.

Keyloggers, which are also called keystroke loggers, are a type of spyware that monitors and records everything you type, then sends the information to hackers. Keyloggers can infect your system in the same way as other malware; once installed, the information they harvest (like account and credit card numbers or passwords) can be used to commit identity theft or fraud. 

Social engineering describes a variety of techniques used by hackers and con artists to exploit our human instincts. A social engineering strategy could be as straightforward as a persuasive individual bluffing their way past security in a physical space, or it could also be the first step in a plan to infiltrate a data network via phishing emails. Phishing emails, as we mentioned earlier, prey upon our tendencies to be helpful, polite or compliant, tricking us into divulging sensitive information or providing access to a source that appears to be trustworthy. 

Artificial intelligence integration is an emerging cyber security trend. When cyber security is powered by AI, it can analyze data quickly and efficiently, and assist in rapid decision-making when it comes to handling threats. AI and machine learning can understand trends and patterns in the flow of information and help security professionals work to predict them by providing data visualization and forecasting.

In cyber security, a bug is a software coding or specification defect that can lead to security failures by initiating a chain of weaknesses. The chain begins with the bug, then propagates through errors that become faults. These errors in system behavior can cause security failures that become convenient targets for cybercriminals.

Cloud computing has become a critical part of today’s Internet of things economy. Compared with the traditional model of physical, on-site data infrastructure, the cloud model gives organizations greater flexibility, and the ability to scale up their information systems. Used by businesses of all sizes, cloud computing and its data storage and security characteristics enable remote workforces and their organizations to take care of business seamlessly and productively.

Cryptography is a vital element in the secure transit of data and communication. Designed to prevent cybercriminals from intercepting sensitive information, modern cryptography uses algorithms and ciphers to convert information into a format that is only readable if you have the key to decode it.