You’re busy running your business, making use of the latest information technology but you also want to stay up to date with the latest cybersecurity. However, do you know your Worms from your Trojans?
It can be difficult to do the right thing when so many confusing terms come your way. It’s easy to become overwhelmed by the technical details. What does it all mean? Let us help.
Here’s our quick guide to some of the most commonly-used terms in the cybersecurity for business world. It’s by no means comprehensive – there’s always so much more to learn – but it should enable you to get to know the basics:
Bot or botnet: A bot is a computer program that works automatically, especially one that searches and finds information on the internet. Many bots do run automatically, while others only execute commands when they receive specific input. A bot can be used to commit coordinated cyberattacks without their owner’s knowledge.
Cyber attacks: Cyber attacks and cyber terrorism are ways of attacking companies and organisations online. There are frequent cyber attacks on the government and businesses in the UK.
Data Breach: This is the accidental or intentional unlawful destruction, loss, alteration, disclosure of personal data which is stored, transmitted or otherwise processed. The description of data breaches can be quite technical because of laws covering data protection e.g. the GDPR 2018 (General Data Protection Regulation). A data breach must be reported to the Information Commissioners’ Office within 24 hours of having been identified.
Distributed Denial of Service (DDOS) or Denial of Service (DoS): A DoS is a cyberattack that disrupts an organisation’s network so that it is unavailable to its intended and legitimate users, usually by overloading the service using malware bots. This type of attack can be very harmful for businesses which trade via the internet because unsuspecting potential customers find it impossible to use the website.
Encryption: Encryption is used to protect data from being accessed by unauthorized users. It is a way of scrabbling information that protects it by making it unreadable by everyone except those with the key to decode it. There are a number of different encryption options available and organisations should consider encryption alongside other cybersecurity measures. In the case of data breaches where encryption software has not been used to protect the data, regulatory action may be pursued by the Information Commissioner.
Hacking: Hackers are criminals who attempt to break into networks to steal private information. These cybercriminals use a variety of way to do this.
Malware: Short for ‘malicious software’, it can take many forms. This is a collective term for many kinds of malicious digital software that enables attackers to monitor your activity and steal your details when you log in, all without your knowledge. Malware includes viruses, trojans, worms or any code or content that could have an adverse impact on businesses or individuals.
Phishing: This is mass, generally untargeted emails are sent to many people requesting sensitive information (e.g. bank details) or tricking them to visit a fake website.
Ransomware : This is a type of malware (see above) designed to block access to a computer system or data until a sum of money is paid to the attacker. Unfortunately ransomware attacks on SMEs are on the increase.
Smish: This is an SMS message on a mobile device which is attempting some ‘Phishing’ (see above). They are often mass text messages sent to users asking for sensitive information (eg bank details) or encouraging them to visit a fake website.
Spearing: Spearing is a more sophisticated form of ‘Phishing’; it’s targeted phishing where the email is designed to look like it is from a trusted source e.g. fake emails from your bank or a utility provider.
Trojan: Named after the ‘trojan horse’ of Greek legend, this is a type of malware that is often disguised as legitimate software but it provides a backdoor into a device or system for cyber criminals
Whaling: This is a more polished form of ‘Spearing’ which targets senior executives; fake emails masquerading as a legitimate ones try to tempt senior staff into clicking on malicious links or taking other actions to benefit criminals.
Worm: This is self-replicating mal-ware that duplicates itself rapidly to spread to uninfected computers
So now you know. Read our articles about business and the cyber world to understand why it’s so important for SMEs to be cybersecure. If you come across any more confusing terms, do let us know.
If you want to discuss the cybersecurity options for your business, talk to 360ict Ltd. We won’t bombard you with jargon but will keep things simple and efficient so that you can get on with your business.
360ict Ltd have been championing the cybersecurity of small businesses for years. We are an experienced and professional IT company which specialises in helping SMEs to manage their IT – we can provide IT advice and support, where and when it’s need most.