contact@cyfor.co.uk

Manchester: 0161 797 8123London: 0207 438 2045

contact@cyfor.co.uk
Manchester: 0161 797 8123
London: 0207 438 2045

Cyber Threats Glossary

4th July 2017

SHARE VIA: Tweet about this on TwitterShare on LinkedInShare on FacebookGoogle+

cyber threats glossary


Cyber Threats Glossary


A concise cyber threats glossary detailing the core cyber security risks that face organisations today

 

  • Backdoor attack

This attack bypasses normal authentication security to access a computer system. A successful attack enables the attacker to remotely issue system commands, update malware, as well as steal data and hijack servers and websites. Once installed, detection is difficult as many backdoors are designed to bypass intrusion detection systems.


  • DDoS attack

A Distributed Denial-of-Service attack is designed to render a server or computer unusable. This is achieved by overloading it with high volumes of data, preventing legitimate users from normal access. In many instances, a person may not even realise that his or her computer has been hijacked and is contributing to the DDoS attack.


  • Drive-by downloads

Malware that is placed on a legitimate website and is automatically downloaded to a user’s system just by visiting the site, without their consent or knowledge. A small section of code is downloaded to the user’s system, where it then reaches out to another computer to download the program. The user’s operating system, as well as programmes such as Adobe and Java are often exploited for vulnerabilities.


  • Macro virus

Malware (malicious software) that utilises the macro capabilities of common applications such as spreadsheets and word processors to infect data.


  • Malware

A broad term for software that covers a variety of cyber threats including viruses, worms, spyware/adware, Trojans and ransomware. Each of these malware threats steal or destroy data in their own unique way and are often introduced to a system through email links or attachments, software downloads and system vulnerabilities.


  • Malvertising

Malvertising is the use of online advertising to compromise computers with malicious code that is downloaded to a system when an infected ad is clicked. Cyber-criminals upload and distribute these infected adverts to various sites that match particular search criteria and keywords. When a user clicks on one of these ads, malware is then unknowingly downloaded.


  • MITM attack

A Man-in-the-Middle attack is where a criminal impersonates someone in an online information exchange. This usually involves altering the communication between two unaware parties, who believe they are directly communicating with each other. An example of this would be emails involving financial information, where the attacker would alter bank details for their own means.


  • Password attack

An attempt by a hacker to gain access to a system by cracking the user’s password. This doesn’t usually require the use of malicious code but may entail the attackers using their own software. There are various techniques that cyber criminals use, including brute force attacks designed to guess passwords.


  • Phishing

An attempt to obtain sensitive information by masquerading as a trustworthy source via email. Phishing attacks are some of the most common cyber security incidents faced, as they have become more sophisticated in recent years. This development makes it difficult for some people to discern a legitimate request for information from a false one.


  • Ransomware

Malicious code used by cyber-criminals to launch data theft and lock screen attacks. Once a computer is infected, the user is unable to access their computer or any files. The victim is usually notified that an exploit has occurred via an onscreen message and is given instructions on how their data can be recovered, often in return for payment. Ransomware can be spread through malicious e-mails, infected software apps, infected external storage devices and compromised websites.


  • Rogue software

Masquerades as legitimate and necessary computer security software that will keep your system safe. These appear as genuine looking pop-up windows and alerts, which advise users to download this security software. If these windows are clicked then the rogue software is downloaded, infecting the computer.


  • Spyware

A type of malware that secretly transmits information about a computer user’s activities from their hard drive to an external party. Its aim is usually to capture passwords, bank and credit card details, sending them via the internet to fraudsters.


  • Virus

Malware that is loaded onto a computer and then run without the user’s knowledge or knowledge of its full effects.


  • Website vulnerabilities

Symantec reports that there were over one million web attacks each day in 2015. Cyber criminals continue to take advantage of vulnerabilities in legitimate websites to infect users, as web administrators fail to secure their websites. Nearly 75% of all legitimate websites have unpatched vulnerabilities.


  • Worm

A standalone malware computer program that replicates itself in order to spread and infiltrate other computers. It often spreads by relying on network security failures on the targeted computer.


 


Call CYFOR today on
0207 438 2045

or click here to contact us
and speak with a forensic specialist.

Sign Up to Our Newsletter

 

 

X

Request a call back

captcha

Don't show again