Useful Cyber Terminology
05 April 2022
Cyber security can be confusing, especially if you don’t understand the different phases used. Below is a brief list of the most common words and their definitions to have you talking like an expert in no time!
- Bad actorA hacker, hacktivist, foreign intelligence, employee (current or ex), industrial competitor or cyber criminal who has bad intent.
- VulnerabilityThe flaw, feature or item exploited to achieve the bad actors goal(s).
- FlawAn unintended vulnerability. These can be the result of implementation and can go undetected for a prolonged period and are often difficult to remedy.
- FeatureThis is an intended function or item of functionality that can be misused by an attacker to breach a system. Features may improve the user’s experience, help diagnose problems or improve management but can also be used by an attacker.
- Employee and UserA computer or system that has been carefully designed and implemented can minimise the vulnerabilities of exposure to the internet. Unfortunately, such efforts can be easily undone. Users are a significant source of vulnerabilities. They make mistakes like using easy to guess passwords, leave their device unattended and can be exploited or pressured in to divulging information, installing software or taking other bad actions.
- BreachThe successful intrusion within your perimeter by an actor.
- PerimeterThe exposed elements of your network, computers, software and systems.
- Attack surfaceThis includes the perimeter as well as real world targets such as your offices, users and users home devices. Any area that can have pressure or be attacked.
- VectorThe attack vector is the method of delivery or route taken to exploit a vulnerability and hit the attack surface. Typically resulting in a breach and access within the perimeter.
- PhishingInvolves sending large numbers of people emails asking them for sensitive information or access.
- Water holingTypically a fake website or compromised legitimate website used to exploit visiting users.
- ScanningMethodically attacking wide swathes of the internet at random.
- RansomwareAlthough typically not targeted this will often be used in a targeted attack which could include disseminating disk encrypting extortion malware.
- Spear PhishingIs sending emails to targeted individuals that could contain an attachment with malicious software, or a link that downloads malicious software.
- Bot NetSuitable for all types of attack this is a large network of unwittingly hacked computers and devices used in an attack like a DDOS (Distributed Denial of Service).
- Supply SubversionAttacking equipment or software during manufacture or delivery.
- DDOSDistributed denial of service attacks involve flooding servers or internet connected devices with information so as to overwhelm them.
- Dwell timeThis is the amount of time a breach goes unnoticed within the perimeter. In 2019 in EMEA this was 54 days.