Glossary of cyber terms

(Data) Wiper

Specific type of malware which aims to corrupt or destroy data.  Additionally,  some wiper malware targets the MBR (Master Boot Record) to render the disk incapable of re-booting properly. A wiper does not necessarily erase or destroy all data, and sometimes the data can be recovered.

Cyber offensive tools

Arsenal of software used to cover  any of the full Cyber Kill Chain such as :

  • Reconnaissance – Harvesting email addresses, personal information on target, credentials, etc…
  • Weaponization – Coupling an exploit with a backdoor into a deliverable payload
  • Delivery – Delivering weaponized bundles to the victim via email, web, USB, etc…
  • Exploitation – Exploiting a vulnerability to execute code on a victim’s system
  • Installation – Installing malware on the asset
  • Command & Control (C2): Command channel for remote manipulation of the victim
  • Actions on objectives: Eavesdropping on target, data manipulation or destructive actions

Cyber operation

A commonly used term to describe actions by a nation state or state sponsored or affiliated group to penetrate a target’s computer or networks through the use of offensive cyber capabilities such as hacking, malware or other methods with the intention to damage, deny, disrupt, degrade, destroy, surveil, or manipulate targets to achieve political, military and/or strategic goals. Cyber operations are a means or method of warfare when used in a situation of armed conflict.

Cyberattack

An attack conducted by a threat actor using a computer network or system with the intention to disrupt, disable, destroy, control, manipulate, or surveil a computing environment/infrastructure and/or data.

Cyberpeace

Peace in cyberspace. Cyberpeace exists when human security, dignity and equity are ensured in digital ecosystems. People and their rights are at the centre of this story, not technology.

Cybersecurity

The application of technologies, processes and controls to protect computer systems, networks and data from unauthorised disclosure, theft or damage. The goal is also to reduce the risk of cyberattacks.
Security in cyberspace.

Cyberspace

Digital systems and the online world make up cyberspace, which covers everything accessible through computer networks and the internet. This includes everything from corporate networks and social media platforms, to bank accounts and cloud services. It also includes all connected appliances, such as video surveillance cameras, gaming consoles, TV sets or robot vacuum cleaners.

Darknet and deep web

A darknet is an overlay network within the Internet that can only be accessed with specific software, configurations, or authorization (e.g. TOR, Freenet, I2P or ZeroNet) intended to defend digital rights by providing security, anonymity, or censorship resistance. Though it is used for legitimate reasons, it has been heavily used by criminals and the term Darknet nowadays is generally associated with websites (also called onion sites) that are specifically used for criminal purposes. 

The deep web is the part of the regular Internet not indexed by search engines, and therefore not straightforward to access. This usually requires the user to authenticate to a service giving him/her additional access to information.  

NOTE: Darkweb term do not exist (it is either Darknet or Deep web)

Data breach

The exposure of confidential, sensitive or protected information to an unauthorised person. This could be accidental, such as a USB drive left on a train or an email attachment sent to the wrong person, but it can also be deliberate, as when malicious actors  access a network and exfiltrate (target, copy and transfer) data.

Defacement

The illicit or unauthorized modification of the appearance and content of a target’s websites and/or web applications.

Distributed Denial-of-Service (DDoS)

DDoS is an attack technique to flood a network, service or server with excessive traffic to cause it to cease functioning normally. It is said to be distributed when the source of the attack is composed of a multitude of devices or systems.

Double extortion

A type of ransomware activity where the victim’s data is stolen and encrypted. Even if the victim pays the ransom, or recovers from the attack some other way, the attacker can threaten to make the stolen data public unless they receive further payment.

Internet and World Wide Web

The internet is a series of technologies that allow computers and networks to communicate with each other. The World Wide Web, which we often think of as ‘the internet’, is actually a protocol that runs on the internet (also known as HTTP or HTTPS). Email is another application that runs on the internet.

Malspam

Malware that is delivered as a malicious attachment in spam email. It often, but not always, requires the recipient to open the file before it can do damage.

Malware

Malicious software. These are pieces of code designed to damage, destroy or subvert computer systems. It includes viruses that can replicate and stop systems working; ransomware, which blocks systems until a ransom is paid; and spyware, which is hidden on the target system and spies on the device users.

Offensive cyber capabilities

Combination of people, technologies (cyber offensive tools), and organizational attributes that enable to damage, deny, disrupt, degrade, destroy, surveil, or manipulate digital services or networks

Ransomware

A type of malware designed to extort money by encrypting / blocking access to files or the computer system until a ransom is paid.

Wiping

Process consisting of the erasure of part of or all data stored on a digital medium in such a way that recovery of the data is impossible. For users, every time a sensitive digital medium is formally decommissioned, wiping of data should take place.