Cyber Countdown to Christmas Day 8 – The terminology!

Cyber Countdown to Christmas Day 8 – The terminology!

In the world of Cyber Security there is a host of technical terms – understanding them all is a job in itself! Here we list the common types of Cyber-attacks and what they mean.
With continual advances in technology, Cyber Attackers are developing new ways to breach systems. Cyber Security Professionals are also developing new ways to protect these systems. A constant cat and mouse game!

Phishing is a type of fraud, an attempt to gain information (usernames, passwords, bank details etc) by pretending to be a trustworthy entity. As an example, an email pretending to be from a trusted source/well known company asking for your personal information.

As with the title – Ransomware is a type of malicious software, which threatens to expose your data or block access unless a 'ransom' is paid. As an example, the WannaCry ransomware shut down the NHS in the UK (and then spread!) in 2017. Infected machines received a demand of up to 600 dollars to decrypt files. This can happen to large/global organisations and home PCs!

Distributed denial-of-service (DDoS) attack
This type of attack happens when multiple computer systems attack one target (server, website etc). Information is flooded to the target (requests for access, messages etc), which then slow down/crash the system – denying access to the legitimate users. An example of a DDoS attack would be on a Bank's online service, stopping customers accessing their accounts.

Breaching or exploiting the weaknesses in a system or network. An example of hacking can be through a smart device (baby monitor/webcam/SatNav) which allows the Hacker to gain information/cause malice.

When one person or program pretends to be another by falsifying data. Where emails and web pages are made to look like they are from a legitimate source. Email spoofing is the most common form.

Malware, meaning malicious software, including viruses, worms, trojan horses, spyware etc. These malicious programs can be used to steal information, disrupt a service or delete/encrypt information.

Man in the Middle (MITM)
This can be used if proper security measures are not in place. Information can be manipulated by an attacker who is impersonating users and the communication between them. It is like eavesdropping on information and can be achieved through poorly secured Wifi or weak passwords.

SQL injections (SQLi)
An attacker can execute malicious SQL codes that control a web applications database server. A SQLi attack allows attackers to spoof identity, change existing data and allow complete disclosure of all data.

Cross Site Scripting
When malicious script is inserted into a trusted website. Cross Site Scripting occurs when an attacker uses a web application to send malicious code, to a different end user.

We use cookies to provide you with the best possible browsing experience on our website. You can find out more below.
Cookies are small text files that can be used by websites to make a user's experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
ResolutionUsed to ensure the correct version of the site is displayed to your device.
SessionUsed to track your user session on our website.
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
Google AnalyticsGoogle Analytics is an analytics tool to measure website, app, digital and offline data to gain user insights.

More Details