The A to Z of Cyber Security terms
Cyber Security is a complex place to live in, it is an ever-evolving landscape of challenges, that changes on a daily basis, and is difficult for the seasoned professional to keep up with. Just keeping up with and understanding the acronyms and terms associated with Cyber can be daunting.
With this in mind we have put together this Cyber Glossary that provides an A to Z list of the common terms you might come across in your security travels. Each term comes with a brief and simple explanation to help you with your understanding.
A : Access Control to Availability
Controls which users are granted access to certain resources, and prevents access to users who are not entitled to them
A set of step-by-step instructions to be followed, usually by a computer, in order to solve problems and perform calculations.
Software that detects potentially malicious activity and helps stop and remove it, typically based on signature files.
Short for Application, software available on a smartphone and tablet.
Actor who controls malicious software to intentionally exploit computer systems, typically to steal or destroy information.
The process of gathering and analysing assets to ensure they follow policies and aren’t vulnerable to security breaches.
The process of confirming your identity to determine who you are and whether you are allowed to access the requested resources.
After authentication, this is the process of approving or giving permission to, someone or something that has requested access to a resource.
The need to ensure that resources are available to those who need them, and that the requirements for the business purpose can be met.
B : Backdoor to Byte
A tool installed onto a computer by an attacker that gives them easy access to the system after being compromised. Bypasses any interaction with security precautions on the system.
Used as a measurement of data passing through a communication channel in a certain amount of time.
Short for Binary Digit. The smallest unit of data for information storage.
A list of applications, that users are not allowed to run in an organisation. Typically includes software on a computer that prevents users from installing any of the blacklisted applications.
A network of computers connected to the internet that are infected with malicious software. Used to coordinate cyber-attacks without consent from the owner.
The act of data and resources being affected or accessed by someone without authorisation.
A software application that provides services and information from the web/ internet server.
Brute Force Attack
An automatic process that tries to discover passwords and access data through trial and error, entering a huge number of combinations one by one.
Bring Your Own Device (BYOD)
A policy employed by an organisation that allows employees to use personal devices for work purposes.
Business Email Compromise
An exploit which involves an attacker spoofing a corporate email account and pretending to be that employee or executive. Often used in financial fraud, they use the employee’s position to attempt to trick users into opening malicious attachments, or to obtain money from employees, customers or partners of the company.
Short for Binary term. Important unit of computer storage, typically equivalent to 8 bits.
C : Certificate to Cyber Security
Digital identification for a computer or user that confirms they are who they say they are. Also allows for the secure exchanging of information.
Also known as the CIA triad. The cornerstone of Information Security that includes Confidentiality, Integrity & Availability.
An algorithm used for encrypting and decrypting files.
A service that allows for shared storage and resources, typically hosted on the internet rather than locally.
A group of computers that are connected together, and are capable of sharing and exchanging data.
The need to ensure that private information is only available to those who have authorisation to access it.
A small file shared between a website and the browser on the user’s computer. Stores information regarding the user’s activity on the website, allowing the website to remember user preferences when in use.
A threat that changes the system without the owner’s consent/knowledge and alters its data.
A reactive security measure that prevents and blocks intruders from accessing a computer system.
A type of cyber attack that involves using large volumes of stolen or leaked login credentials (usernames and passwords) to perform large scale automated login attempts against online systems or services.
Information that verifies a users identity. This can be a username, password, token or certificate.
A digital currency used to securely make payment transactions, without the use of central banking systems. Strong encryption techniques are used to transfer funds and ensure the units of currency are generated correctly.
The solving of mathematical problems in order to decrypt the transaction data from a block of cryptocurrency. Whoever solves the problem first is able to authorise the transaction and receives a certain amount of cryptocurrency themselves.
An attempt to gain unauthorised access to a computer system or network to damage, steal or change information or data.
The protection of computer systems, networks and information from theft or damage.
D : Data at Rest to Dropper
Data at Rest
Data that is stored in external storage, such as hard disks and other removable devices.
Data in Transit
One of the three states of digital data. Is either information that travels over a public network, or data that travels securely through a private network.
A technique used to analyse existing data and information in order to produce new information that appeals more to an audience.
The process of converting encrypted data into its original, readable form.
Denial of Service (DoS)
When a user is prevented from accessing a service that they are authorised to use; typically done by overloading that service with a large amount of requests.
A brute force attack in which the attacker uses common words and phrases to guess passwords. Usually known dictionary words.
Any trace of digital information that is left behind by a user’s online activity.
A digital code that is present on electronic documents, to verify the senders identity.
Distributed Denial of Service (DDoS)
The act of preventing use of a computer system by flooding it with data from a collection of individual computers, all at the same time. Similar to DoS, however it is coordinated by multiple computers, rather than one.
Also known as a Drive-by download. When a virus or malicious software is unintentionally installed onto a device without the user’s knowledge.
A type of malware designed to harm a target system by carrying and installing another malicious program onto it.
E : Email Account Compromise to Exploit
Email Account Compromise
An exploit in which an attacker gains access to a user’s email account, using it to monitor or intercept communications or send email as the victim. This is often used in financial fraud scams.
The process of making a message unusable and unreadable by any unauthorised users using a mathematical function.
End User Device (EUD)
An abbreviation used to describe any portable device that is connected to an organisation’s network. Typically, smartphones, tablets, laptops and desktops.
To use resources or data for purposes other than its intended use, or to take advantage of something that is vulnerable.
F : Fingerprint to Firewall
A small string of data that corresponds to a larger computer file, and can be used to identify it, much like a human fingerprint.
A security measure on a computer that controls what is and isn’t allowed access to a network. Can be hardware or software.
G : Gateway
A network device that is responsible for acting as an entry or exit point between different networks.
H : Hacker to Hyperlink
Someone who uses computer skills to gain unauthorised access to a computer system or network.
A fake computer system or network that is designed to attract attackers. The system uses this attack to learn from it and defend against it in the future.
A computer that has full access to the other computers in the same network, and can give information or resources to them. The host of a network is a network node that is also assigned a network address. Any device that has a connection to a network is a host.
Hypertext Transfer Protocol; is the primary protocol used in the world wide web that tells the web server how to respond to the users request.
Hypertext Transfer Protocol Secure. Appears in the first part of a URL, HTTPS is a more secure variant of HTTP.
An object on a document, usually a word, phrase or image, that can be clicked on to direct the user to either another document, or a specific location in a document.
I : Incident to IP Address
A type of online fraud in which an attacker uses malware or social engineering techniques to steal someone’s personal information with the intent of impersonating them.
A breach of a systems security rules, which can include malicious activity, making changes to the system without the owner’s consent, or gaining unauthorised access to the system.
The risk of legitimate users participating in malicious activity that damages a system they have been given access to.
Internet of Things (IoT)
The potential for everyday and household objects to connect to the internet; typically, televisions, fridges, cameras etc.
A unique form of identification that allows networks / the internet to identify computer systems. The traditional format of an IP Address is IPv4, which is a 32 bit address, and appears in a sequence similar to the following: 172.16.254.1. Each number represents an 8 bit binary value.
M : Macro to Mitigation
A piece of software that can perform tasks without user control in certain applications. This can be abused by an attacker to access an unauthorised system.
A malware attack that is disguised and delivered by an advertisement.
Short for malicious software. Any kind of software that negatively changes or damages a computer system. This includes viruses, trojans, worms, ransomware etc.
Security Measures put in place by a user to minimise the risk of an attack.
N : Network to NIDS / NIPS
A collection of more than one computers that are connected and share resources.
Network Intrusion Detection / Prevention System (NIDS / NIPS)
A security measure in a network that detects and examines traffic flow within the network, to detect and prevent vulnerabilities from being exploited. Typically works as a secondary layer of security behind a systems firewall.
O : Online Fraud
Also known as internet fraud. Refers to any kind of fraudulent activity that is committed online. The most common types of online fraud are Phishing and Spoofing; other scams include identity theft and credit card fraud.
P : Patching to Platform
The process of updating software to fix issues and vulnerabilities and improve its functionality.
A cyber-attack that involves firing commonly used passwords at an online system or service to try access a large number of accounts.
Short for penetration test. A test designed for a computer system or network that searches for any vulnerabilities, so they can be fixed or improved.
An incident where a user enters a web address, but is instead directed to a different, unauthorised website.
An email sent to a massive amount of users, rather than a specific target, that tricks a user in an attempt to discover personal, important or confidential information.
The software and hardware that an application is running on.
R : Ransomware to Router
Malware that prevents the target from accessing or using their computer system until they pay the attacker. Typically includes the malicious encryption of a compromised users files.
The act of addressing an issue or vulnerability and repairing or changing it.
A reaction in regard to an incident or security event.
A potential exposure to danger or vulnerabilities present within a system.
A process that discovers potential risks and decides how serious they are.
Also known as a gateway. A network device that sends data packets to other computer networks.
S : Security Policy to Switch
A set of rules specific to an organisation that states how they provide security for their client’s and employee’s sensitive information.
The part of a computer system that responds to user requests and provides a service in return.
A mechanism that allows a user to connect to services such as files and printers on other systems across a network.
Software as a Service (SaaS)
A system used by businesses that allows users to access applications that are hosted by the business over the internet. This is a cloud-based system.
The process of securely removing and erasing data from a systems memory, through either electronic methods or physical destruction.
A method used in which internet traffic is redirected to a chosen destination. This is used by law enforcement to take down a highly malicious service, or by security professionals to capture and analyse malicious traffic.
Similar to the Sinkhole above but used for malicious intent. An exploit in which a sinkhole is used to launch an attack, that denies access to a service. Also known as blackhole attack.
Similar to phishing, however the attacker uses text messages rather than email.
The act of manipulating a user to perform certain actions that benefit the attacker.
Also known as Unsolicited Bulk Email (UBE), Spam is the sending of a large amount of unwanted emails, or junk mail, to a user/users; typically including advertisements and commercial content.
A form of phishing that targets a specific person by pretending to be someone the user knows.
The act of gaining unauthorised access to a computer system, by sending messages to that computer, that appear to be coming from a trusted host.
A smart network device for creating local networks, that tracks a host’s MAC address, mapping it to the attached port and ensures that data is only forwarded to the specific destination host.
T : Threat to Two-Factor Authentication (2FA)
Anything that has the potential to breach a computer system or security policy, usually to cause harm.
A form of malware that disguises itself as legitimate software in order to harm the user’s computer system.
Two-Factor Authentication (2FA)
A security measure that means the user must use two separate forms of identification to access data. This is usually their standard password as well as a second randomly generated token password. Also known as multi-factor authentication (MFA). Single factor relates to ‘something you know’ while two factor relates to ‘something you know & something you have’.
U : Unprotected Share to User
A type of share that allows any user to connect to the devices and systems, without any need for consent. Also referred to as Anonymous Access Share.
Any person or organisation that accesses or utilises a computer system or network.
V : Variant to Vulnerability
A new type of malware that is a modified version of existing malware. Often confused with Zero-day malware.
A type of malware that replicates and multiplies itself in order to overwhelm the security measures.
Virtual Private Network (VPN)
An encrypted connection to private network that is connected over a public network (such as the internet). Can be used to safely share private and sensitive data with other users without being monitored by unauthorised users.
A weakness in a computer system that an attacker can exploit to gain unauthorised access and cause harm.
W : Water-Holing to Whitelisting
Water-Holing (Watering Hole Attack)
Setting up an illegitimate website to exploit any visiting users.
A process that responds to HTTP requests made by users and directs them to the corresponding website.
A form of targeted phishing that is directed at senior executives, typically disguised as a legitimate email. Similar to spear-phishing.
The authorisation of applications that can be used by an organisation to protect their systems from other harmful applications.
Z : Zero-day to Zombie
Zero Day (0-day)
The term used to describe the day a new threat or vulnerability is discovered, before it is known to antivirus & security companies, meaning there may not yet be any solution to protect against it.
A computer connected to the internet that has been compromised by an attacker, which can be used to perform malicious tasks. Also refers to each individual device of a botnet. The owner of a zombie is usually unaware that the device has been compromised.
Last updated: 1st August 2019