You don’t have to be an IT professional to be concerned about the safety of your personal and corporate data. But sometimes cybersecurity articles are written in professional jargon that can make it hard for those who aren’t programmers or IT pros to understand.
Here is some cybersecurity terminology you should be familiar with:
- Internet of things (IoT) – common products, such as automobiles and appliances, that are enabled with internet access to gather and distribute data; important because these products are often not developed with a high level of security in mind and can therefore expose data to hackers
- Credential-harvesting – the practice of stealing access credentials such as login details and account numbers
- Nation-state/cyberespionage – hackers backed by a government seeking information to give themselves an economic, military, and/or political advantage over other countries; usually very well-funded and efficient
- Cyber-criminals – hackers targeting person and financial information that they hope to sell or exploit in some way; these organisations are often sophisticated and well-funded and operate much like a normal corporation
- Hacktivists – activist hackers who seek to hack into systems to gather information to influence political or social groups, with the aim of getting businesses and governments to change their practices; Anonymous is the best know hacktivist group
- Malicious insiders – employees or partners who have inside access to systems and use their knowledge to steal or facilitate the theft of data
- RaaS (Ransomware as a Service) – this malevolent version of SaaS provides anyone willing to pay entry to the lucrative business of ransomware; a developer builds the ransomware and then sells it for a relatively low price to “affiliates” who in turn use the software to hijack victims’ devices; concerning largely because the affiliates do not need much technological expertise
- Social engineering – using social media and email to bypass security measures and attempt to gather data directly from victims in phishing attacks; can also be used to influence public opinion
- Router scanning – automated scanning is used to identify vulnerable routers, and then the configuration files of the routers is extracted to facilitate further hacking and data theft
- DDoS (Distributed Denial of Service) – interrupts users ability to log into their services, often targets large scale providers of access to multiple applications; an example is the Dyn outage that made many apps such as Twitter, Reddit and email services, unavailable to many users
- Money-muling – the process of “cashing out” and transferring illicit funds gathered in Australia to overseas locations
The Australian Cyber Security Centre noted in their 2017 report that “Advanced malicious cyber activity against Australia’s national and economic interests is increasing in frequency, scale, sophistication and severity. The reach and diversity of cyber adversaries are expanding, and their operations against both government and private networks are constantly evolving.” Blutone Technologies is ready to keep your systems safe – from your personal computer to your small business to your large enterprise. Get in touch and let’s make sure your devices are secure.
