As the world changes in unexpected ways, cybersecurity threats evolve and become more sophisticated. Cyberattackers have used the global pandemic to take advantage of individual and system vulnerabilities, giving rise to a dramatic increase in socially engineered phishing scams and ransomware. The FBI recently reported that the number of complaints about cyberattacks to their Cyber Division is up to as many as 4,000 per day, representing a 400 percent increase from pre-coronavirus. Interpol also reported seeing an alarming rate of cyberattacks aimed at major corporations, governments, and other critical infrastructure.
In striving to mitigate our risks and in recognition of Cybersecurity Awareness Month, below are some A-Z cybersecurity terms with which to become familiar so that we can continue our dialogue and improve our collective response to these risks.
A: Awareness — Awareness and training of all employees is one of the most effective ways to mitigate against Cybersecurity risk.
B: Business Email Compromise (BEC) — A BEC is a cyber incident that begins with an email that appears to be from a person you regularly communicate with in your business. The email is a spoofed email that generally provides new wiring instructions for payment or requests sensitive files. BECs have become increasingly popular, and email scams relating to COVID-19 rose 667 percent in March 2020 alone.
C: Cryptocurrency — is the digital currency in which ransomware demands are most typically paid.
D: Denial of Service — an attack that prevents or impairs the authorized use of system resources or services.
E: Exfiltration — unauthorized transfer of information out of or from an information system.
F: Forensics — the process and techniques for gathering, reviewing, and analyzing system related data and evidence relating to a cyber investigation.
G: GDPR — the European Union’s General Data Protection Regulation, which contains, among other things, certain requirements to report security breaches to Supervisory Authorities and affected individuals.
H: Hardening — the reduction of vulnerability in a system through the use of tools, techniques and best practices.
I: Insurance — cyber insurance protects an organization in the event of a security incident by providing coverage and resources for responding to a s data breach.
J: Jailbreak — is the use of certain exploits to remove manufacturer or carrier restrictions from a device, including security features. This term is used when an owner of a device voluntarily removes these restrictions from his/her own device.
K: Keylogger — software or hardware that surreptitiously tracks keystrokes and keyboard events to monitor actions by the user of a device or system.
L: Log files — the automatically generated and time-stamped documentation of events relating to a particular system.
M: Malware — software that compromises a system by performing unauthorized functions or processes.
N: Notification — notices that must be sent to regulatory authorities and/or impacted individuals as a result of a data breach.
O: OFAC — the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC). OFAC designates a list of malicious actors on its Specially Designated Nationals and Blocked Persons List (SDN List) with whom U.S. persons are prohibited from entering into transactions. OFAC impose sanctions on anyone who enters into a transaction with a person on the SDN List, including the payment of monies in connection with a ransomware event.
P: Privilege — Attorney-client privilege refers to a legal privilege that works to keep confidential communications between an attorney and his or her client secret. The privilege is asserted in the face of a legal demand for the communications, such as a discovery request or a demand that the lawyer testify under oath. To the greatest extent possible, companies seek to protect attorney-client privilege in an actual or suspected data breach situation through engagement of external legal counsel and the implementation of appropriate processes for document creation, communication flows, and the engagement of third party vendors.
Q: Quick — An organization should be quick in its response to a security incident, much of which depends on its preparedness, awareness, and training relating to a potential incident.
R: Ransomware — is a form of malware that encrypts or prevents access to systems or files where the threat actor demands payment to restore access or to prevent the public release of certain files.
S: Secure Sockets Layer (SSL) is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser, or a mail server and a mail client (e.g., Outlook).
T: Trojan Horse — a computer program that may appear to have a valid and useful function, but also has a hidden and potentially malicious function that evades security mechanisms.
U: Unauthorized Access — access by an actor who is not authorized to view or access a system or information. Even access by an actor without malicious intentions who does not have authority to access or view certain systems or information can qualify as unauthorized access.
V: Vulnerability — A weakness, flaw, or error found within a security system that has the potential to be leveraged by a threat agent in order to compromise a secure network. For example, the failure to timely patch software has frequently led to a data breach.
W: Worm — a self-replicating, self-propagating, self-contained program that uses networking mechanisms to spread itself.
X: XML Encryption — eXtensible Markup Language (XML) encryption is method of transmitting a document with guaranteed end-to-end security.
Y: Yara — a tool used to research and identify malware.
Z: Zero Day — is generally a vulnerability that has not yet been patched or an exploit that occurs before a security flaw has been discovered.