Cybersecurity as a Topic

The Army defines cybersecurity as the “Prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communications, and electronic communications, including information contained therein, to ensure their availability, integrity, authentication, confidentiality, and non-repudiation”^[1].

Wikipedia defines it as:

  Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from information disclosure, theft of, or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide[2].

Cybersecurity helps defend against cyber attacks while improving privacy. It primarily helps defend against influence and marketing campaigns.

Cybersecurity tools, policies, and articles are often shared on the Irregular Chat at the unclassified level and derived from open source mediums.

1. Irregular Chat Cybersecurity

• Cybersecurity Resources
• Wireshark Guide
• Zed and Zuri analyzing packets. Faster than Wireshark
• Cybersecurity Education

Cybersecurity Terms

Below are standard cybersecurity terms that may be used during conversation and recognized by industry and the government:

• Adware: Free software supported by advertisements that include features such as enhanced search tools or programs such as games or utilities. The programs are free to use but require the user to watch advertisements as long as the programs are open.
• Antivirus Software: Uses virus definitions to determine whether a file contains a virus and must be updated regularly to protect systems and networks against new attack signatures.
• Attack: An intrusion against an information system (computer) resulting in the degradation, denial, or destruction of the information or information system (computer).
• Authentication Factor: Data used to identify an individual for access to an information system. Authentication factors can be something you know (usernames, passwords, secret questions), something you have (USB token, smart card, PKI certificate), something you are (fingerprint, DNA, retina pattern), something you do (annotating text from an image, clicking only images of storefronts), or somewhere you are (GPS location).
• Backdoor: Refers to any method that allows an authorized or unauthorized user to bypass some or all security measures to gain access to a computer system, network, or software application. Not all backdoors are nefarious—they can be used to assist users who become locked out of their system.
• Baiting: Leaving a piece of portable electronic storage media such as a CD, laptop, or USB drive near a target’s workplace to tempt the curious victim into seeing what’s on it. When the victim attempts to use the media a malware program releases a virus or exposes personal and financial information to hackers.
• Beacon: A type of malware that systematically calls out to a specified IP address or URL from a victimized system. A waiting threat agent can answer this beacon, establishing a connection that provides partial or even full remote access to the victimized system.
• Black Hat: A hacker that breaks into a network or device without consent to conduct malicious activities that can be used to harm the owner/users.
• Bot/Botnet: A software application or tool that performs tasks on command, allowing an attacker to control an affected computer remotely—a collection of infected computers is a botnet.
• Brute Force Attack: A programming style that does not include any shortcuts to improve performance but relies on sheer computing power to try all possibilities until the solution to a problem is found.
• Cache: Contains copies of web pages saved by the browser that was used to view them. These files are used to increase web browsing speed and are sometimes called temporary internet files.
• Ciphertext: The unreadable, unintelligible group of alphanumeric characters produced from a cipher (an algorithm for performing encryption or decryption) or the input to an inverse cipher.
• Clickjacking: An attack that tricks victims into clicking on a disguised link, potentially causing the victim to reveal confidential information or allowing others access to the victim’s system.
• Client: A host seeking to use a server’s resources.
• Client/Server Network: In this network, individual workstations send requests to a central server, and the server provides all resources.
• Cloud: A collection of computers with large storage capabilities that remotely serve requests, allowing you to access files and services online from anywhere in the world.
• Computer Network Exploitation (CNE): Consists of techniques and processes that use computers or computer networks to gather data on targeted systems and networks.
• Cookie: An information packet sent from a website to a web browser that records a user’s activity on that website. The information packet is stored on the user’s computer and used to provide more personalized services for each subsequent visit to the website.
• Cracking: When an attacker generates a set of values representing possible legitimate authentication factors and then tests those values against the authentication system to see which is correct.
• Cross-site Scripting (XSS): Occurs when an attacker sends a script that is executed by a victim system’s web browser or in another browser window accessing a different site.
• Cryptocurrency: Any digital currency that uses an online ledger and cryptography to secure transactions.
• Cryptography: The discipline that embodies the principles, means, and methods for the transformation of data to hide their semantic content, prevent their unauthorized use, or prevent their undetected modification.
• Dark Web: A subset of the deep web. Its content is not indexed and consists of overlaying networks that use the public internet but require unique software, configuration, or authorization to access; designed to hide the identity of the user. Commonly contains anonymous journalism and marketplaces for illegal goods and services, and is regularly used by threat actors.
• Decryption: The process of transforming ciphertext into plain text.
• Deepfake: An audio or video clip edited and manipulated to seem real.
• Deep Web: Online content that is not indexed by traditional search engines. The content is available to the general public but is harder to find unless you have the exact URL. Legitimate uses of the deep web include online banking, web mail, cloud storage, and legal documents.
• Denial of Service (DoS): An attack that inhibits a computer resource from communicating on a network, preventing it from being available to fulfill its purpose either temporarily or permanently.
• Directory: A centralized listing of resources such as users, groups, files, and applications. Directories are also known as folders.
• Distributed Denial of Service (DDoS): A DoS attack that is sourced/distributed from many different host systems. It involves using computers to flood a single target simultaneously, causing a denial-of-service condition.
• DNS: Domain Name System is a hierarchical naming system built on a distributed database. This system transforms domain names to IP addresses and makes it possible to assign domain names to groups of Internet resources and users, regardless of the entities’ physical location.
• DNS Hijacking: A malicious exploit in which a hacker or other party redirects users through a rogue DNS server or other strategy that changes the IP address to which an Internet user is directed.
• Domain Name: A text-based translation of the numerical IP address assigned to an internet resource. Domain names are also referred to as internet addresses.
• Doxxing: The process of gathering information about a person or business using online public sources such as social media profiles, reverse phone lookup, and search engines. Doxxing typically leads to an anonymous person’s identity being revealed.
• Encryption: The conversion of plain text to ciphertext through the use of a cryptographic algorithm. Encryption is commonly used to ensure the confidentiality and integrity of electronic communications and is a direct application of cryptography.
• Exploit: A malicious application/tool used to take advantage of a system’s vulnerabilities.
• Firewall: An access control device (can be software or hardware) that performs specific security activities such as detecting failed attempts at access.
• Hacker: An unauthorized user who attempts to or gains access to an information system, the act of which is known as hacking.
• Hacktivist: Formed by combining “hack” with “activism,” hacktivism is the act of hacking into a website or computer system to communicate a politically or socially motivated message. For the hacktivist, it is more about making a statement than causing harm.
• Identity Theft: A crime in which an attacker uses the stolen identity of another individual to gain access to financial resources and/or other privileges.
• Intrusion Detection System (IDS): A system that monitors network and/or system activities for malicious activities or policy violations and produces reports to a management station. An IDS can identify both internal and external threats and is used to detect and mitigate potential security breaches.
• Intrusion Prevention System (IPS): A network security device that inspects traffic and performs actions to block or prevent malicious traffic from reaching its intended destination.
• Malware: Malicious software, including viruses, worms, trojans, and other programs designed to damage or disrupt systems or information. Malware often spreads without the knowledge or consent of the victim.
• Password: A string of characters used to authenticate a user. To be effective, passwords should be long and contain a mix of letters, numbers, and symbols.
• Penetration Testing (Pentest): The process of simulating an attack on an information system to identify and exploit vulnerabilities, typically used to assess the security posture of the system.
• Phishing: A social engineering attack that attempts to trick victims into divulging personal information such as usernames, passwords, or financial information by pretending to be a legitimate entity or individual.
• Public Key Infrastructure (PKI): A framework for managing digital certificates and encryption keys to secure communications and verify identities in a networked environment.
• Ransomware: A type of malware that encrypts a victim’s files or locks them out of their system until a ransom is paid to the attacker.
• Social Engineering: The manipulation of individuals into revealing confidential or personal information that can be used for fraudulent purposes.
• Spyware: Software designed to gather information about a user or system without their knowledge or consent and transmit that information to a third party.
• Virus: A type of malicious software that replicates by inserting copies of itself into other programs or files. It can spread to other systems and may cause damage to the affected systems.
• Vulnerability: A weakness in a system or network that can be exploited by a threat actor to gain unauthorized access or cause harm.
• Zero-Day Exploit: An attack that takes advantage of a previously unknown vulnerability in software or hardware, before the vendor has issued a fix or patch for the vulnerability.

Categories