The Ultimate Cybersecurity Glossary: Part Two (N-Z)
With the new decade upon us, we’re readier than ever to help you protect your business from any possible cybersecurity threat you could encounter. The first step in any line of defense is to assess the current situation and see what areas can be strengthened. For you to do this, a working knowledge (or at least open browser tab) of cybersecurity jargon will be indispensable.
Here is Part One (A-M) for further reference.
Pro-tip: Press Ctrl+F or Command+F to search for a specific term you want to know more about. With nearly 50 terms, the odds are that it’s here!
Think of the employees who have access to your company’s intranet or shared files. The user permissions given to these individuals grants them access to the company’s shared network so that information can be transmitted, stored and secured more seamlessly.
Want to make sure that your employees have the cybersecurity basics down? Send them our glossary or even train them yourself!
The tools, activities, programs and policies in place to protect an organization’s network which can include its hardware, software, data, communication system, or infrastructure that is physical or virtual.
National Security Agency or NSA
The NSA is the official United States cryptology organization housed underneath the Department of Justice or DOJ. The NSA is responsible for maintaining foreign and domestic intelligence by monitoring, collecting, and processing information and data on a global scale.
Has your phone ever sent you an alert that you haven’t done a cloud backup over a certain period of time? This is the exact same idea but at the scale of your business! An off-site backup is a copy of all your company’s data located in a cloud system or other physical storage location where it can be accessed in case you happen to lose your records.
You can read more about preventing data loss with cloud backups here.
Software that has its code listed freely as a template to use, share, and modify.
Compare to closed source.
The practice of centralizing, securing and authenticating passwords so that they are challenging to decipher. On the other hand, password management can also help make passwords readily available between team members so that information as sensitive as a password is shared safely.
A strategy put in place to manage upgrades or updates to software applications.
This occurs when a user is redirected to a fake website without realizing it. In most cases, the fake website looks exactly similar to the actual website that the user intended to visit.
Pharming is often undetected because the change to the original website URL is so subtle.
The method of soliciting user information via fraudulent communications targeted. This social engineering is usually done with emails disguised as coming from a legitimate source but will deliver the target’s information back to the hacker’s actual source.
Most email clients will flag suspicious emails like Gmail has done above, but always double check with someone in person if you receive an email from them requesting any type of information (especially the kind they should already have access to)!
These programs are bundled into another program that a user downloads with the goal that the user will select “next” by force of habit and install a virus or malware intentionally.
Personally identifiable information. This is any data that links you back to your identity. It could be as accessible as your full name to something as sensitive as your social security number. This is the type of information that is often compromised during data breaches.
These customizable additions to browsers or software add extra functionality. As with anything you download, be sure to vet the program before installing it!
Basically the superbug in technology, a polymorphic virus is a malicious program that can modify itself when it replicates. This adaptive technique allows it to evade detection by standard security software.
Keep hackers and viruses out with Jungle Disk Network Protection.
Also known as PII. Examples of this kind of data include your name, address, phone number, email, zipcode or Social Security Number.
A network worm with backdoor capabilities.
See also worm.
Quality of Protection
This refers to your network’s ability to maintain operational service according to what is expected of the product during an attack.
A form of malware that can be easily installed on a victim’s computer. Ransomware prevents a user from being able to operate their computer as they normally would unless they comply with the hacker’s demands. To regain access to your laptop and files, you typically have to pay a ‘ransom’ – to the attacker in exchange for unlocking your system and returning normal access.
RAT (Remote Access Trojans)
A malicious program which can allow hackers to overtake a system from a separate physical location. Using this malware, the attacker can access and steal confidential and personal data from the infected machine."
A CAPTCHA service from Google that protects websites from spam and fake traffic caused by bots.
One of the most dangerous and hard-to-detect types of malware, rootkits are defined by their ability to mask its own existence, control the operating system, and prevent its detection even further. Rootkits are most commonly used by hackers to access a system and steal information.
A strategy that isolates development from live production in order to enhance security and further organize code.
A simple form of code that can be written in plain text within word editors.
Secure Password Encryption
The process of converting or changing a password’s plaintext into ciphertext.
Learn more about Secure Password Encryption.
An attack where a hacker literally hijacks or takes control of a computer session in order to perform illegal activities such as taking over the victim’s online accounts.
The programs and other operating systems used by computers. This can be delivered online or via a physical storage system such as a CD.
Unwanted or unexpected emails sent in bulk. For the most part, spam is used to distribute malware.
An attack in which a person, or program, disguises themselves as someone else by forging data to gain an advantage or trust of someone else.
A term coined in the mid-1990s to describe malware that was used to gain access to a user’s systems and monitor their data, files, and behavior. Often used to disable firewall or anti-malware software while consuming CPU activity to increase an endpoint’s vulnerability to attack.
Standing for Secure Sockets Layer certificate, this certificate authenticates the identity of a website and encrypts the information sent to the server using secure technology.
Software that can only be run for a limited amount of time (i.e. trial) before it expires.
A form of malware disguising itself as a harmless computer program but providing hackers with the ability to execute a variety of attacks that steal information, disrupt functionality or damage data. Just like the Trojan Horse in Roman history!
Unauthorized access is when a person gains local, physical or even remote access without permission to a network, system, application, data, or other resource.
See Spoofing. This type of spoofing technique is used by hackers to redirect users to malicious URLS like phishing sites. This is achieved by creating a fake URL which impersonates or mimics the URL or domain of a legitimate and secure website that is seen as trustworthy to users.
Virtual Private Network
A virtual private network, commonly referred to as VPN allows you to establish a secure connection to another network via internet.
A malicious program typically attached to a legitimate or seemingly harmless program, such as files, applications or downloads. When the program runs, the virus gets executed and performs activities that can piggyback onto the original program. The consequences can include data corruption, virus expansion throughout a network and company wide systems and machine damage. A virus spreads by copying itself and attaching to other files.
A vulnerability is a flaw that allows someone to operate a computer system with authorization levels in excess of that which the system owner specifically granted.
A hacking campaign targeted at wealthier individuals or high-ranking employees within a specific company. Also known as whaling.
(See also spear phishing)
White hat hacking
Hacking that is usually done out of curiosity or exploration and only causes minimal collateral damage.
A precursor to viruses, worms have been infecting systems since the days when mainframes were the only existing computers. Worms can also self-replicate and spread via social engineering or by exploiting flaws in applications.
(See also virus, social engineering.)
XMT is also called transmit. XMT is the method of sending data to an alternate computer or device.
An abbreviation for Year 2000 or Year 2000 bug. As the new millennium approached, many feared that problems would arise given computer programs were storing year values as two-digit figures (ie 99 for 1999) instead of four-digit figures. Many feared that electronic devices would cease working causing hysteria amongst some groups. While Y2K proved to be a non-issue, it is one of the first recorded phenomenons where we see cybersecurity and prevention measures being brought to a societal level of awareness.
See Zero-day Vulnerability.
An attack that happens when hackers identify and take advantage of the zero-day vulnerability. Oftentimes, hackers will develop an ‘exploit’ or malicious code or release malware before the flaw can be patched, or fixed.
A flaw or bug that exists in the software, hardware or firmware that it is unknown to the developers who launched or created it. This flaw creates a security vulnerability which hackers can take advantage of via Zero-day Exploits.
The Bottom Line
When it comes to protecting your data and your company, you can never know too much. If you’re interested in diving into the world of cybersecurity terms further, we recommend the Computer Security Resource Center for more information!
Finally, even though we get excited to share what we think will be useful for your protection, we understand that all this talk of hackers and malware can potentially be overwhelming. For that reason, our team is always available to consult with you about any questions or concerns you may have! At the end of the day, we want you to walk into this new decade feeling armed against cyber threats. If you think you could benefit from a comprehensive cybersecurity suite to support you on this, please be in touch with us!