Cyber Threats: Your Guide to Common Terms
Cyberattacks can be a lot to wrap your head around, and confusion is the last thing you want to deal with in a crisis. The more you understand the cyber threat landscape, the better poised you'll be to mitigate risks. This glossary of key terms will help you get a handle on what to watch out for, and be sure to check out our last post on Identity and Access Management for additional key terms you should know.
Attack surface and attack vector: An attack vector is a method or path a cyberattacker uses to enter your organization’s network or systems. Examples include malware, compromised logins, and phishing. The sum of all the possible entry points and vulnerabilities comprises the attack surface.
Backdoor: A method for bypassing built-in security mechanisms to gain access to a system. Backdoors may be authorized (for example, for troubleshooting purposes) or unauthorized (for example, created by a cybercriminal).
Breach: A cybersecurity incident that results in unauthorized access to data, applications, a network, or another protected IT system as a result of bypassed security protocols. A data breach, specifically, is a security incident that results in the confirmed disclosure of sensitive data—such as PII, logins, or intellectual property—to an unauthorized party.
Brute force attack: A series of trial-and-error attempts to crack a password by using an exhaustive number of character combinations, including common passwords, typically executed with automated tools.
Command and control (also known as C2 or C&C): A technique (or set of tools and infrastructure) threat actors use to establish communication with a compromised system, gain complete control, and execute malicious actions such as extracting data or launching an attack. For example, after a device is infected with malware, it will “call home” to the C2 to receive further instructions, such as controlling the system remotely.
Compromised: An account, password, or system that’s vulnerable due to unauthorized access or exposure. For example, a compromised account is an account that had its logins stolen or leaked on the dark web or has insecure access protocols such as a weak or default password and no 2FA.
Cyber threat: An adverse action, event, or circumstance that can impact your organization’s operations, people, and assets through unauthorized access to information systems, disclosure of sensitive information, disruption, and other impacts. Examples include malware, social engineering, unpatched software, and weak logins.
Cyberattack: An attempt to gain unauthorized access to computer systems through cyberspace for malicious purposes such as stealing sensitive information, controlling a computing environment, disabling systems, or compromising data or system integrity.
Want to take a closer look at the risk factors for a cyberattack and what your organization can do to be proactive against them? Grab our Business Guide to Data Breaches and Hacks.
Data leak: The unauthorized sharing of data from within your organization (either intentionally, such as through a disgruntled employee, or unintentionally, such as through accidental sharing or a misconfigured database); can also refer to cybercriminals sharing data on the dark web.
Hack: An intentional attack to gain unauthorized access to a device, server, or another protected IT resource. The purpose of a hack is to compromise the system’s availability, integrity, or confidentiality.
Keystroke logging (or keylogging): The recording of every keystroke users make on a device. This recording is done using tracking software or hardware. Keylogging can be malicious (such as bad actors trying to steal your organization’s data) or legitimate (such as you monitoring your employees for a specific company purpose).
Malware: Malicious, intrusive software designed to damage or interfere with a system’s normal functions, such as damaging a computer or stealing data. Viruses, spyware, and ransomware are some malware examples.
Phishing: A fake communication, such as an email or text message, that appears to come from a trustworthy sender in an attempt to lure you into revealing sensitive data or compromising a system.
Ransomware: A type of malware that encrypts files on a device, blocking access to the data and related systems. In the past couple of years, ransomware operators have been using so-called double-extortion schemes, stealing the data before encrypting it and threatening to leak it if the victim doesn’t pay the ransom.
Social engineering: Manipulation techniques exploiting human behaviors and weaknesses in an attempt to coerce individuals to take a specific action, such as divulging sensitive information, sending money, or circumventing security protocols.
While cyberattacks are never 100% preventable, if you keep up with the latest trends and stay educated and aware, it’s possible to reduce your risk and put plans in place to mitigate damage. Dashlane is here to help you stay up to date and learn how to best secure your data.