Unlocking Cybersecurity

It seems like data breaches are becoming more and more common in the news these days. Just recently, the San Francisco based food delivery service, Door Dash, had a cybersecurity breach that leaked potentially 5 million users` personal information. Seeing large companies fall victim to cyber-attacks might make it feel like an impossible task for small businesses, but it`s not. It takes proactive planning and diligence to secure your businesses’ and customer`s data.

Part of that proactive planning is understanding common industry terms before they pop up:

Denial-of-Service (DoS) — An attack that prevents users from accessing a machine or network resource through its internet-connected host.

Data Breach — Unauthorized access to sensitive, protected, confidential or secret data, regardless of what is done with the information. Recent examples of well-publicized data breaches occurred at Target, Equifax and Delta Airlines.

Security Incident — A violation of, or threat to, policies governing computer security, acceptable use, or physical security. Security incidents would include outside intrusion into a system, accidental loss of equipment or information, or a DoS attack.

Malware — Also known as “malicious software,” this refers to any piece of code that is intended to damage, disable or steal information from computers and networks.

Ransomware — A malware designed to hold hostage files on a computer or network that can only be unencrypted using the password provided by the attacker after the ransom has been paid.

Virus — A computer virus is a small piece of code or software that can copy itself and damage its host, either by corrupting other software or by destroying data.

Spyware — Malware designed to collect information without the system owners’ or users’ knowledge, then send it to an unauthorized person or organization.

Man-in-the-Middle (MITM) Attack — This kind of attack intercepts communications that the sender and receiver believe are private. MITM attacks can target not just email, but also social media messages, search requests and wireless router traffic. Intercepted information may also be altered invisibly, then sent to its original destination.

Phishing — Phony emails that attempt to trick individuals into revealing passwords, credit card numbers or other personal information. Over the years they have come to look very legitimate, so careful examination of the linked URL, sender`s email and grammar is important. The safest action is to avoid sending this type of info through email.

Vishing — From “voice over IP phishing,” this technique commonly uses phone or text messages that appear to be from a trusted entity, asking customers to call a phone number and provide account access information. The attackers then collect this data and either sell it or use it for direct fraud.

Remote Access Tool — Software used to access or control a computer remotely, whether used maliciously or for legitimate purposes.

Backdoor — Code embedded in a system that allows someone to bypass authentication or encryption processes. Backdoors can be built in by the software author or installed later by malware. Because the code can look innocuous, backdoors can go undetected for months or even years.

Trojan Horse Virus — A virus that creates a backdoor to allow later unauthorized access. Common examples are seemingly harmless documents (PDF or Word files) that execute malicious code when opened.

Worm — A type of virus, this self-replicating program spreads throughout a network without assistance. Worms can go undetected for long periods.

SQL Injection Attack — A technique that uses SQL code to attack data-driven applications. Malicious users can enter particular strings into a field to return information about the database structure and coding to facilitate an attack.

Brute Force Attack — As the name indicates, this attack uses software to try every possible character combination in order to obtain a user password or personal identification number (PIN). The most common defense is to lock out an account after a certain number of attempts.

Cryptography — Creating techniques to secure communications against adversaries. Modern cryptography relies heavily on computerized algorithms to encrypt data transmission and storage.

Two-Factor Authentication (2FA) — This security method requires two separate forms of authentication from the user. Most require something you know (a password) along with something you have (e.g., a phone) or a biometric measurement.

Privileged user management (PUM) — PUM is a way of managing user accounts on critical devices and applications. Privileged users have access to more critical pieces of IT resources than general users do.

Defense in Depth — Like a castle with walls and a moat, defense in depth protects a computer network with a series of mechanisms designed so that if one fails, another will already be in place to stop an attack.

Encryption — Encoding information so that only authorized parties can access it. Modern techniques commonly use either “symmetric key” (aka “private key”) encryption, in which both sender and receiver must have the secret key, or “asymmetric key” encryption, which uses one public key to encrypt the message and a private key to unencrypt it.