Glossary of cyber terms

Bitcoin

The first decentralized digital currency / cryptocurrency in which transactions can be performed without the need for a central bank.

Cryptocurrency

 A digital currency which is non-modifiable based on a block of transactions on a blockchain, designed as a medium of decentralized currency exchange using cryptography to secure the transactions.

Cyberattack

An attack conducted by a threat actor using a computer network or system with the intention to disrupt, disable, destroy, control, manipulate, or surveil a computing environment/infrastructure and/or data.

Cyberoperation

A commonly used term to describe actions by a nation state or state sponsored or affiliated group to penetrate a target’s computer or networks through the use of offensive cyber capabilities such as hacking, malware or other methods with the intention to damage, deny, disrupt, degrade, destroy, surveil, or manipulate targets to achieve political, military and/or strategic goals. Cyberoperations are a means or method of warfare when used in a situation of armed conflict.

Cyberpeace

Peace in cyberspace. Cyberpeace exists when human security, dignity and equity are ensured in digital ecosystems. People and their rights are at the centre of this story, not technology.

Cybersecurity

The application of technologies, processes and controls to protect computer systems, networks and data from unauthorised disclosure, theft or damage. The goal is also to reduce the risk of cyberattacks.
Security in cyberspace.

Cyberspace

Digital systems and the online world make up cyberspace, which covers everything accessible through computer networks and the internet. This includes everything from corporate networks and social media platforms, to bank accounts and cloud services. It also includes all connected appliances, such as video surveillance cameras, gaming consoles, TV sets or robot vacuum cleaners.

Darknet

A darknet is an overlay network within the Internet that can only be accessed with specific software, configurations, or authorization (e.g. TOR, Freenet, I2P or ZeroNet) intended to defend digital rights by providing security, anonymity, and censorship resistance. Though it is used for legitimate reasons, it has been heavily used by criminals and the term Darknet nowadays is generally associated with websites (also called onion sites) that are specifically used for criminal purposes.

NOTE: Darkweb term does not exist (it is either Darknet or Deep web)

Data breach

The exposure of confidential, sensitive or protected information to an unauthorised person. This could be accidental, such as a USB drive left on a train or an email attachment sent to the wrong person, but it can also be deliberate, as when malicious actors  access a network and exfiltrate (target, copy and transfer) data.

Data dump

Exfiltration of breached data (illegal) or transfer (legal) of data from one system, file or device to another. A data dump is most often associated with an illegal activity after a data breach.

Data Wiper

Specific type of malware which aims to corrupt or destroy data.  Additionally,  some wiper malware targets the MBR (Master Boot Record) to render the disk incapable of re-booting properly. A wiper does not necessarily erase or destroy all data, and sometimes the data can be recovered.

Decryption

Converting encrypted (see definition ‘Encryption’) data into its original form. It is a process to reverse encryption and put data back into a human-readable form.

Deep web

The deep web is the part of the regular Internet not indexed by search engines, and therefore not straightforward to access. This usually requires the user to authenticate to a service giving him/her additional access to information.  

NOTE: Darkweb term does not exist (it is either Darknet or Deep web).

Defacement

The illicit or unauthorized modification of the appearance and content of a target’s websites and/or web applications.

Disinformation

 False or misleading information spread – often covertly – with the intention to deceive.

Distributed Denial-of-Service (DDoS)

DDoS is an attack technique to flood a network, service or server with excessive traffic to cause it to cease functioning normally. It is said to be distributed when the source of the attack is composed of a multitude of devices or systems.

Double extortion

A type of ransomware attack whereby the attackers exfiltrate the target’s data and encrypt the target’s system. It is supplemented with the threat of making the target’s data publicly available.

Encryption

Reversible process of converting information or data into an encoded format using mathematical computation algorithms. It is commonly used to protect sensitive information at rest or in-transit so that only authorized parties can view it.

Infodemic

A rapid and far-reaching spread of accurate or inaccurate information making it challenging to distinguish the true from the false. A combination of the words information and epidemic.

Internet and World Wide Web

The internet is a series of technologies that allow computers and networks to communicate with each other. The World Wide Web, which we often think of as ‘the internet’, is actually a protocol that runs on the internet (also known as HTTP or HTTPS). Email is another application that runs on the internet.

Malspam

Malware that is delivered as a malicious attachment in spam email. It often, but not always, requires the recipient to open the file before it can do damage.

Malware

Malicious software. These are pieces of code designed to damage, destroy or subvert computer systems. It includes viruses that can replicate and stop systems working; ransomware, which blocks systems until a ransom is paid; and spyware, which is hidden on the target system and spies on the device users.

Offensive cyber capabilities (OCCs)

Combination of people, technologies, and organizational attributes that enable to damage, deny, disrupt, degrade, destroy, surveil, or manipulate digital services or networks.

Penetration Testing

Also referred to as Pentest, it is an authorized offensive audit using known cyberattack techniques on a computer system, digital devices or networks, performed to evaluate the security of the system or infrastructure. The activity consists of trying to find as many vulnerabilities or weaknesses as possible in a computer system and exploit them.

Quadruple extortion

A triple extortion attack supplemented by a distributed denial of service (DDoS) on the target’s infrastructure whilst the target is recovering and rebuilding the infrastructure.

Ransomware

A type of malware designed to extort money by encrypting / blocking access to files or the computer system until a ransom is paid.

Triple extortion

A double extortion attack where a threat actor goes on to directly threaten individuals whose personal data has been stolen. It diversifies the revenue of criminals by demanding a ransom to the victim(s) whose data is found in the exfiltrated data.

Wiping

Process consisting of the deletion of part of or all data stored on a digital medium in such a way that recovery of the data is impossible. For users, every time a sensitive digital medium is formally decommissioned, wiping of data should take place.