Do your eyes glaze over when you hear people talk about tech? Sure, you know cybersecurity is important for your business, but sifting through all that dense lingo can be frustrating. Luckily, we have pulled together a list of key terms to help demystify the jargon and raise your cyber threat intelligence.
Black Hat Hackers
It’s a common misconception that all hackers are cybercriminals. In actuality, there are three main distinctions in the hacker community: black hat, white hat and grey hat. Black hats are the notorious cybercriminals that hack businesses, personal computers and financial accounts for their own gain. White-hat hackers are your friendly neighborhood computer whizzes that purposefully (and with permission) infiltrate corporate networks to test vulnerabilities and improve security. Grey hat hackers are something in between. Maybe they are hacktivists, savvy trolls or lone wolves. While they may break the rules, crash website or infiltrate your business without permission, they don’t do it for personal gain. Though not malicious, grey hat hackers can be very damaging to your business interests.
Also known as a “zombie army,” botnets are large networks of infected private computers which can be remotely commanded by hackers and cyber crooks. Botnets are regularly used for DDoS attacks (see below) and are often built using spam emails and phony downloads.
Let’s say you have a padlock and you can’t remember the combination, so you just keep trying until something works. A brute force attack basically works the same way. This trial-and-error method works to crack your password through exhaustive effort, often thousands of times per second. Just another reason to use better password protocol.
Bring Your Own Device policies are being quickly adopted by workplaces everywhere – and for good reason! BYOD is generally more affordable for companies and preferable to employees working remotely. However, BYOD open up a whole world of cybersecurity risks since workers are prone to losing devices, ignoring protocol and connecting to vulnerable Wi-Fi.
Plagiarism for the digital age. Content scrapping is an automated web attack that steals content from the web and publishes it to another site. This can lower SEO effectiveness, decrease web traffic, diminish engagement and sales, hurt advertising revenue, throw brand awareness and cost bundles in legal fees or copyright infringement suits.
Credential stuffing is an automated injection attack that takes stolen usernames and passwords and tries to match the pairs across the web to gain access to your accounts. Moral of the story? Don’t reuse passwords for multiple accounts!
Distributed Denial of Service attacks have been big in the news lately. A DDoS uses large numbers of fraudulent web requests to crash sites and services. While often used for cyber protests, it can also be used to prevent legitimate traffic from reaching your site.
Encryption is like a secret language between friends. If Lisa passes a note to Omar, only the two of them can read it. Even if it is intercepted by someone else, they will be unable to read it without a key or cipher.
Bad or malicious software comes in many forms: Trojans, adware, spyware, malware, ransomware, etc. Basically, sneaky cyber crooks trick users into downloading harmful software on their computer which the hacker can then use to spy on their activities, sell their personal information to advertisers, spread their malware or lock their computer until a ransom is paid.
Phishing has been around for a long time. Phony websites or emails are used to defraud online users into sharing their personal sign-in information with nefarious actors. Hopefully, by strengthening your cyber threat intelligence you can avoid phishing scams.
Also known as two-step verification, this technique goes beyond passwords and PINs (which are hacked all too often) to include a physical token to access your device or network. Trying to login to your work email? Your provider may send a text to your phone for additional verification. Or maybe a key FOB is required to unlock your device. Since you are likely to have a secondary verification in your possession, it is much harder for cybercriminals to access your accounts.
We hope this helped boost your cyber threat intelligence so you can feel confident perusing cybersecurity news or contributing in your next meeting with IT.