A – Z of Cybersecurity
Whether you are an IT expert, use the computer at work or at home or just use the internet for fun, this article is for you. Cybersecurity is no longer the responsibility of the security engineers, rather everyone is responsible for enhancing cybersecurity.
This article provides explanation to common cybersecurity terms that you should be known to the most basic users of the internet.
- Adware: Adware, which is short for advertising software is unwanted software designed to run endless advertisements and pop-ups on your device. Adware is usually made for computers but you may also find versions for mobile devices. These applications are potentially harmful to you and your device as they send data about you to the developers without your consent after you install them unknowingly, either by visiting an infected website or installing them while installing a free software. They can be stopped and prevented with an antivirus and ensuring that your browser has the latest patches.
- Botnet: A botnet, formed from the words “robot network” is a collection of bots – compromised devices controlled by a bot master for the purpose of spamming or launching a Distributed Denial of Service(DDoS) attack. Any device connected could be part of a botnet as long as they’ve been compromised by the botmaster.
- Cryptography: Cryptography is the knowledge of the protection of information and communication through the use of codes so that it is unreadable to third parties unauthorized to have access to it.
- Dictionary attack: This is a form of brute force attack technique for cracking a password computer system or website by systematically using a large set of words in a dictionary as the password. This form of attack still works people a lot of people still use basic dictionary words as passwords.
- Encryption: This is the process of changing or encoding data to a form that cannot be readable to parties that are not authorized to have access to it, or has the encryption key to decrypt it.
- Freeware: Freeware is software that you can download, install and use without cost. Most of the linux-based software used for hacking is freeware with a voluntary option to donate to the developers. However, one should be wary of unverified freeware as some are used to embed virus and adwares.
- GDPR: GDPR, which is an acronym for General Data Protection Regulation standardizes protection law across all 28 European Union countries and sets rules for the control and processing of personal data and impose sanctions for organization that mishandle this sensitive data.
- Honeypot: In cybersecurity, a honeypot is an advanced cyber defense mechanism where a computer system is set to decoy cyber attackers. it is set up as a real system but in actuality it is isolated and closely monitored to study prospective attacks and develop countermeasure against them.
- Incident Response: this is an organized, documented step-by-step approach to addressing and managing a cyberattack. It is in place to contain a security breach, reduce further damage and loss, and speed up recovery time.
- Javascript: JavaScript is a high level interpreted programming language. It is one the most widely used programming language on the internet. Therefore, to be able to hack a website and provide web security on a general level, one needs to know a bit about how it works.
- Keylogger: A keylogger is a software or hardware device that records all keystrokes on a computer keyboard. It is usually used as a trojan spyware that runs without the knowledge of the victim and sends keystroke logs of the victim’s computer to the attacker.
- Linux: Linux is one of the most popular operating systems. It is the most used open source operating systems to date. Linux is the preferred operating system for hacking and there are various versions of it, the best of which is Kali linux which comes with various applications that can aid hacking and cybersecurity as a whole.
- Malware: malware is a general term for malicious software, which could include virus, trojans, worms, spyware or any piece of code in a system to disrupt the normal flow of the system for criminal purposes .
- Nmap: which is short for Network Mapper, is a free open-source software used for security scanning of devices and networks. It is the typical software for vulnerability scanning and network mapping.
- Open Source: software is a type of software of which the source code is released and can be studied, changed and distributed for free by users or other developers as they deem fit. Open source software is usually developed as public collaboration.
- Penetration Testing: This is the practice of running controlled attacks a network system, IT infrastructure, web application or end-user behavior to find vulnerabilities that a threat actor could exploit. Penetration tests are also called white-hat hacking as they are done by white-hat hackers that are usually employed by the organization to carry out such exercise.
- Quarantine: Quarantine is a function that antivirus software performs on a file that it is unsure of whether it is a virus or not. The software isolates the file while it determines whether it is harmful or not. During this isolation, the file is unable to run.
- Ransomware: Ransomware is a malicious software which encrypts a victim’s files. This allows hackers to hold the victim to ransom by restricting them to from using their computer system until a ransom is paid.
- Social Engineering: This is the technique of eliciting sensitive information and/or manipulating individuals into performing actions that may result in a security breach. Victims of social engineering do not know they’ve been compromised until much later.
- Trojan Horse: Usually just called trojan, this is a software that is disguised as a legitimate or harmless software but in actual fact runs another (usually malicious) program underneath which is capable of disrupting the normal flow of a system, hacking or spying on a system.
- Unauthorized access: This refers to illegal access to a resource, be it a website, server, account, data or service. It is what is often referred to as hacking.
- Vulnerability: A vulnerability is a weakness which can be exploited by an attacker. It could be weak passwords, protocol/system design flaws, software bugs.
- Worm: Worms are self-propagating and self-replicating types of malware that do not need to be attached to another program to cause havoc or spread. They use networking mechanisms to spread themselves.
- XSS: This stands for Cross-Site Scripting and it refers to a vulnerability found in website applications. A cross-site script vulnerability can be used by attackers to bypass access controls rules.
- You: You are also part of cybersecurity. You and everybody else is responsible for the security of your organization’s infrastructure and data. If you aren’t secure, then your organisation is as vulnerable as you are. An organisation is only as strong as the weakest link.
- Zombie: A zombie in cybersecurity context is a computer that is already compromised/infected and is being controlled remotely by the hacker to perform malicious activities. Most of the time owners of these devices are unaware of this compromise and a group of these zombies is referred to as a botnet.