Cybersecurity: Difference between revisions

From Irregularpedia
Jump to navigation Jump to search
Initial
 
formatting
Tag: wikieditor
Line 2: Line 2:
= Cybersecurity as a Topic =
= Cybersecurity as a Topic =


The Army defines cybersecurity as the “Prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communications, and electronic communications, including information contained therein, to ensure their availability, integrity, authentication, confidentiality, and non-repudiation”.[1][2]
The Army defines cybersecurity as the “Prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communications, and electronic communications, including information contained therein, to ensure their availability, integrity, authentication, confidentiality, and non-repudiation”<ref>[1] U.S. Army Cyber Command, "What is Cybersecurity?" (2023). Retrieved from [Army Cyber Command Website](https://www.arcyber.army.mil/).</ref>.


Wikipedia defines it as &gt;Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from information disclosure, theft of, or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide [2][3]
Wikipedia defines it as:


Cybersecurity helps defend against cyber attacks while improving privacy primarily helps defend against influence and marketing campaigns.
  Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from information disclosure, theft of, or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide<ref>[2] Wikipedia, "Computer Security," (2023). Retrieved from [Wikipedia](https://en.wikipedia.org/wiki/Computer_security).</ref>.


Cybersecurity tools, policies, and articles are often shared on the irregular chat at the unclassified level and derived from open source mediums. # Irregular Chat Cybersecurity - [https://wiki.irregularchat.com/t/cybersecurity All Pages Tagged With “Cybersecurity”] - [[cybersecurity|Cybersecurity Resources]] - [[guides|Cybersecurity Guides]] - [https://m.youtube.com/playlist?list=PLBNtagSCmDWyUcCsdq7m5ljKYDYTNG9R1 Wireshark Guide] - [https://www.brimdata.io/ Zed and Zuri] analyzing packets. Faster than Wireshark - [[cybersecurity-university-courses.md|Cybersecurity Education]]
Cybersecurity helps defend against cyber attacks while improving privacy. It primarily helps defend against influence and marketing campaigns.
 
Cybersecurity tools, policies, and articles are often shared on the Irregular Chat at the unclassified level and derived from open source mediums.
 
# Irregular Chat Cybersecurity
* [https://wiki.irregularchat.com/t/cybersecurity All Pages Tagged With “Cybersecurity”]
* [[cybersecurity|Cybersecurity Resources]]
* [[guides|Cybersecurity Guides]]
* [https://m.youtube.com/playlist?list=PLBNtagSCmDWyUcCsdq7m5ljKYDYTNG9R1 Wireshark Guide]
* [https://www.brimdata.io/ Zed and Zuri] analyzing packets. Faster than Wireshark
* [[cybersecurity-university-courses.md|Cybersecurity Education]]


<span id="cybersecurity-terms"></span>
<span id="cybersecurity-terms"></span>
= Cybersecurity Terms =
= Cybersecurity Terms =


Below are standard cybersecurity terms that may be used during conversation and recognized by industry and the government. - '''Adware''': Free software supported by advertisements that include features such as enhanced search tools or programs such as games or utilities. The programs are free to use but require the user to watch advertisements as long as the programs are open. - '''Antivirus Software''' uses virus definitions to determine whether a file contains a virus and must be updated regularly to protect systems and networks against new attack signatures. - '''Attack''': an intrusion against an information system (computer) resulting in the degradation, denial, or destruction of the information or information system (computer). - '''Authentication Factor''': Data used to identify an individual for access to an information system. Authentication factors can be something you know (usernames, passwords, secret questions), something you have (USB token, smart card, PKI certificate), something you are (fingerprint, DNA, retina pattern), something you do (annotating text from an image, clicking only images of storefronts), or somewhere you are (GPS location). - '''Backdoor''': Refers to any method that allows an authorized or unauthorized user to bypass some or all security measures to gain access to a computer system, network, or software application. Not all backdoors are nefarious—they can be used to assist users who become locked out of their system. - '''Baiting''': Leaving a piece of portable electronic storage media such as a CD, laptop, or USB drive near a target’s workplace to tempt the curious victim into seeing what’s on it. When the victim attempts to use the media a malware program releases a virus or exposes personal and financial information to hackers. - '''Beacon''': A type of malware that systematically calls out to a specified IP address or URL from a victimized system. A waiting threat agent can answer this beacon, establishing a connection that provides partial or even full remote access to the victimized system. - '''Black Hat''': A hacker that breaks into a network or device without consent to conduct malicious activities that can be used to harm the owner/users. - '''Bot/Botnet''': a software application or tool that performs tasks on command, allowing an attacker to control an affected computer remotely—a collection of infected computers is a botnet. - '''Brute Force Attack''': A programming style that does not include any shortcuts to improve performance but relies on sheer computing power to try all possibilities until the solution to a problem is found - '''Cache''': contains copies of web pages saved by the browser that was used to view them. These files are used to increase web browsing speed and are sometimes called temporary internet files. - '''Ciphertext''': The unreadable, unintelligible group of alphanumeric characters produced from a cipher (an algorithm for performing encryption or decryption) or the input to an inverse cipher. - '''Clickjacking''': An attack that tricks victims into clicking on a disguised link, potentially causing the victim to reveal confidential information or allowing others access to the victim’s system. - '''Client''': A host seeking to use a server’s resources. Client/Server Network''': In this network, individual workstations send requests to a central server, and the server provides all resources. - '''Client/Server Network''': A network in which individual workstations send requests to a central server, and the server provides all resources. - '''Cloud''': a collection of computers with large storage capabilities that remotely serve requests, allowing you to access files and services online from anywhere in the world. - '''Computer Network Exploitation (CNE)''': Consists of techniques and processes that use computers or computer networks to gather data on targeted systems and networks. - '''Cookie''': an information packet sent from a website to a web browser that records a user’s activity on that website. The information packet is stored on the user’s computer and used to provide more personalized services for each subsequent visit to the website. - '''Cracking''': When an attacker generates a set of values representing possible legitimate authentication factors and then tests those values against the authentication system to see which is correct. - '''Cross-site Scripting (XSS)''': Occurs when an attacker sends a script that is executed by a victim system’s web browser or in another browser window accessing a different site. - '''Cryptocurrency''': Cryptocurrency is any digital currency that uses an online ledger and cryptography to secure transactions. - '''Cryptography''': The discipline that embodies the principles, means and methods for the transformation of data to hide their semantic content, prevent their unauthorized use, or prevent their undetected modification. - '''Dark Web''': Is a subset of the deep web. Its content is not indexed and consists of overlaying networks that use the public internet but require unique software, configuration, or authorization to access; designed to hide the identity of the user. Commonly contains anonymous journalism and marketplaces for illegal goods and services, and is regularly used by threat actors. - '''Decryption''': The process of transforming ciphertext into plain text. - '''Deepfake''': An audio or video clip edited and manipulated to seem real or (make two lines believable. - '''Deep Web''': Online content that is not indexed by traditional search engines. The content is available to the general public but is harder to find unless you have the exact URL. Legitimate uses of the deep web include online banking, web mail, cloud storage, and legal documents. - '''Denial of Service (DoS)''': Is an attack that inhibits a computer resource from communicating on a network, preventing it from being available to fulfill its purpose either temporarily or permanently. - '''Directory''': Is a centralized listing of resources such as users, groups, files and applications. Directories are also known as folders. - '''Distributed Denial of Service (DDoS)''': Is a DoS attack that is sourced/distributed from many different host systems. In other words, it is an attack involving using computers to flood a single target simultaneously, causing a denial-of-service condition. The acronym D/DoS is a common method for referring to both DoS and DDoS attacks. - '''DNS''': Domain Name System is a hierarchical naming system built on a distributed database. This system transforms domain names to IP addresses and makes it possible to assign domain names to groups of Internet resources and users, regardless of the entities’ physical location. - '''DNS Hijacking''': A malicious exploit in which a hacker or other party redirects users through a rogue DNS server or other strategy that changes the IP address to which an Internet user is directed. - '''Domain Name''': a text-based translation of the numerical IP address assigned to an internet resource. Most networks and websites have text-based domain names that people can remember, such as &lt;www.irreguarchat.com&gt;. Domain names are also referred to as internet addresses. - '''Doxxing''': The process of gathering information about a person or business using online public sources such as social media profiles, reverse phone lookup and search engines. Doxxing typically leads to an anonymous person’s identity being revealed. - '''Encryption''': The conversion of plain text to ciphertext through the use of a cryptographic algorithm. Encryption is commonly used to ensure the confidentiality and integrity of electronic communications and is a direct application of cryptography. - '''Exploit''': a malicious application/tool used to take advantage of a system’s vulnerabilities. - '''Firewall''': an access control device (can be software or hardware) that performs specific security activities such as detecting failed attempts at access. - '''Hacker''': an unauthorized user who attempts to or gains access to an information system, the act of which is known as hacking. - '''Hacktivist''': Formed by combining “hack” with “activism,” hacktivism is the act of hacking into a website or computer system to communicate a politically or socially motivated message. For the hacktivist, it is an Internet-enabled way to practice civil disobedience and protest. - '''Hardware''': the physical components of a computer. Host''': Any device, such as a computer, that connects to a network. - '''Host''': Any device, such as a computer, that connects to a network. - '''Information System''': a complementary network of hardware and software that are used to collect, process, create, store, and disseminate data. - '''Internet Protocol (IP) address''': a unique identifier for each machine or device on a network for the purpose of routing data. An example of an IP address is 131.107.10.7. - '''Internet Service Provider (ISP)''': a company that offers access to the internet. - '''Intrusion''': the unauthorized act of bypassing the security mechanisms of an information system. Unauthorized access to a computer. - '''IPv4''': Or IP version 4, is a 32-bit numeric address written as four sets of numbers, called octets, separated by periods (e.g., 131.107.10.7). - '''IPv6''': Or IP version 6, is a new method for IP addressing being implemented on newer computers and networking equipment that provides a larger address space than the IPv4. It is written as eight groups of hexadecimal digits separated by colons (e.g., 2001''':0db8''':85a3''':08d3''':1319''':8a2e''':0370''':7334). - '''Malware''': malicious software that attacks a computer. Malware has three categories''': viruses; Trojans; and worms. Malware is commonly used to commit fraud and intrusions. - '''Metadata''': Structured information that describes, explains, locates, or otherwise makes it easier to retrieve, use, or manage an information resource. Or more simply, metadata is data about data. - '''Network''': two or more devices that are connected (via wires or wirelessly) and communicate with each other. - '''Network Intrusion''': the compromise of one or more devices on a network or networks, and at least partial access to the resources within. - '''Packet''': A small amount of computer data sent over a network. Each packet contains the address of its origin and destination and information that connects it to the related packets being sent. - '''Packet Sniffers''': Tools commonly used by network technicians to diagnose network-related problems. Packet sniffers can also be used by hackers for spying on network user traffic and collecting passwords. - '''Personally Identifiable Information (PII)''': A type of data that identifies the unique identity of an individual. It includes basic personal information such as name, gender, address, telephone number email address, or basic biometric data information that is electronically stored in a device or application. - '''Phishing''': sending emails purporting to be from reputable companies to induce individuals to reveal personal information, such as passwords or credit card numbers. - '''Ransomware''': A form of malware that either deliberately prevents the victim from accessing computer files—holding data hostage until a ransom is paid—or threatens to release the victim’s data unless a ransom is paid. - '''Rootkit''': A set of programs placed by an intruder in the system root (the directory where operating systems files are stored) to manipulate the system and make it easier to hide his or her presence. - '''Script''': A list of commands that are executed by a program. - '''Script Kiddie''': A person, normally someone who is not technologically sophisticated, who randomly seeks out a specific weakness over the Internet to gain root access to a system. - '''Secure Socket Layer (SSL)''': A networking protocol that manages server authentication, client authentication, and encrypted communication between servers and clients. - '''Server''': A piece of hardware or software that provides services to other devices or programs in a network. In other words, a host receives requests to use its resources. - '''Shoulder Surfing''': The act of obtaining personal or sensitive information through direct observation. Shoulder surfing involves looking over a person’s shoulder while the victim is preoccupied with using a device. This is especially effective in crowded places where a person uses a computer, smartphone, or ATM. Binoculars, video cameras, and vision-enhancing devices also are used. - '''Smishing''': a form of phishing in which an attacker uses text messaging to trick targeted recipients into clicking a link and sending the attacker private information or downloading malicious programs to a smartphone. - '''Social Engineering''': a technique used to manipulate and deceive a person in order to gain sensitive and private information or access. Social engineering makes use of previously attained information usually garnered from social media. - '''Software''': a set of programs that can be installed and used to tell a computer to perform a task. Spam''': unsolicited advertising or other information sent out via email or other messaging services. - '''Spam''': Unsolicited advertising or other information sent out via email or other messaging services - '''Spear phishing''': an email or electronic communications targeted at a specific individual, organization, or business, intended to steal data for malicious purposes or install malware on the targeted user’s computer. - '''Spoofing''': Deceptive behavior on computer systems or on other computer users. This is typically done by hiding one’s identity or faking the identity of another user. Spoofing can take the form of false emails, IP addresses, and online identities. - '''Structured Query Language (SQL) Injection''': An attack in which unauthorized SQL commands (or simply database commands) are used to trick a server into processing data input as a regular database query. SQL injections allow hackers to exploit the security vulnerabilities of the software that runs a website. - '''Surface Web''': Contains content for the general public that is indexed by traditional search engines and readily available by use of any internet browser. Examples include websites for news, social networking, and even the U.S. Army’s website. - '''Threat''': The potential source of an adverse event. - '''Threat Agent (or Threat Actor)''': Or threat actor, is a specific person or event that executes unauthorized actions against a system. - '''Trojan Horse''': a computer program that appears to have a useful function but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system. - '''Two Factor Authentication (also known as strong authentication)''': A security mechanism that requires two types of credentials for authentication, that is designed to minimize security breaches by providing an additional layer of validation. - '''Unauthorized Access''': gaining access to any computer resource without permission. - '''URL''': short for Uniform Resource Locator, is a standardized address used to make website connections. Also known as a web address, an example URL is https'''://www.cid.army.mil. - '''Virtual Private Network (VPN)''': a tool that creates a private network connection across a public network connection, providing privacy, anonymity, and security while on the internet. - '''Virus''': a computer program that can copy itself and infect a computer without permission or knowledge of the user. A virus might corrupt or delete data on a computer, use email programs to spread itself to other computers, or even erase everything on a device. - '''Vishing''': a combination of “voice” and “phishing”, it is the phone version of email phishing, using automated voice messages to trick individuals into sharing their confidential information via a phone call. - '''Vulnerability''': a weakness in an information system, system security procedures, or internal controls that could be exploited to gain unauthorized access. - '''Web Browser''': also simply browser, is an application which allows users to browse/access the internet. Commonly used browsers include Internet Explorer, Google Chrome, Safari, Opera, and Mozilla Firefox. - '''Web Crawler''': Also known as a robot; spider; or simply crawler, is a program that can be used to automatically browse a site and follow and save all available links. Search engines use crawlers to browse the internet and build an index of available sites to provide their users with efficient search results. - '''Whaling''': masquerading as a senior member of an organization to directly target senior or other important individuals at an organization to steal money or sensitive information or gain access to computer systems for criminal purposes. - '''White Hat''': A hacker that breaches a network to gain sensitive information with the owner’s consent; usually employed to test infrastructure vulnerabilities. - '''Wireless Hotspot''': used to refer to a location or device which allows individuals to connect to the internet wirelessly. Cellphones can be used as mobile hotspots, sharing their cellular data connection with another device wirelessly. - '''Worm''': a self-replicating, self-spreading, self-contained program that uses networking tools to spread itself. Or more simply, a worm is a computer program that replicates itself across network connections to other systems. - '''Worms vs. Viruses''': viruses cannot be executed (carried out) unless the infected file is opened while worms are immediately executable. Viruses will not spread to other computers on a network unless a user sends the virus to another computer and a user on that second computer opens the infected file. However, worms send themselves to other computers and sometimes run exploits against other computers, infecting them automatically. - '''Zero Day''': A previously unknown vulnerability that leaves users with no time to mitigate it before potential or actual exploitation. [5]
Below are standard cybersecurity terms that may be used during conversation and recognized by industry and the government:
 
* '''Adware''': Free software supported by advertisements that include features such as enhanced search tools or programs such as games or utilities. The programs are free to use but require the user to watch advertisements as long as the programs are open.
* '''Antivirus Software''': Uses virus definitions to determine whether a file contains a virus and must be updated regularly to protect systems and networks against new attack signatures.
* '''Attack''': An intrusion against an information system (computer) resulting in the degradation, denial, or destruction of the information or information system (computer).
* '''Authentication Factor''': Data used to identify an individual for access to an information system. Authentication factors can be something you know (usernames, passwords, secret questions), something you have (USB token, smart card, PKI certificate), something you are (fingerprint, DNA, retina pattern), something you do (annotating text from an image, clicking only images of storefronts), or somewhere you are (GPS location).
* '''Backdoor''': Refers to any method that allows an authorized or unauthorized user to bypass some or all security measures to gain access to a computer system, network, or software application. Not all backdoors are nefarious—they can be used to assist users who become locked out of their system.
* '''Baiting''': Leaving a piece of portable electronic storage media such as a CD, laptop, or USB drive near a target’s workplace to tempt the curious victim into seeing what’s on it. When the victim attempts to use the media a malware program releases a virus or exposes personal and financial information to hackers.
* '''Beacon''': A type of malware that systematically calls out to a specified IP address or URL from a victimized system. A waiting threat agent can answer this beacon, establishing a connection that provides partial or even full remote access to the victimized system.
* '''Black Hat''': A hacker that breaks into a network or device without consent to conduct malicious activities that can be used to harm the owner/users.
* '''Bot/Botnet''': A software application or tool that performs tasks on command, allowing an attacker to control an affected computer remotely—a collection of infected computers is a botnet.
* '''Brute Force Attack''': A programming style that does not include any shortcuts to improve performance but relies on sheer computing power to try all possibilities until the solution to a problem is found.
* '''Cache''': Contains copies of web pages saved by the browser that was used to view them. These files are used to increase web browsing speed and are sometimes called temporary internet files.
* '''Ciphertext''': The unreadable, unintelligible group of alphanumeric characters produced from a cipher (an algorithm for performing encryption or decryption) or the input to an inverse cipher.
* '''Clickjacking''': An attack that tricks victims into clicking on a disguised link, potentially causing the victim to reveal confidential information or allowing others access to the victim’s system.
* '''Client''': A host seeking to use a server’s resources.
* '''Client/Server Network''': In this network, individual workstations send requests to a central server, and the server provides all resources.
* '''Cloud''': A collection of computers with large storage capabilities that remotely serve requests, allowing you to access files and services online from anywhere in the world.
* '''Computer Network Exploitation (CNE)''': Consists of techniques and processes that use computers or computer networks to gather data on targeted systems and networks.
* '''Cookie''': An information packet sent from a website to a web browser that records a user’s activity on that website. The information packet is stored on the user’s computer and used to provide more personalized services for each subsequent visit to the website.
* '''Cracking''': When an attacker generates a set of values representing possible legitimate authentication factors and then tests those values against the authentication system to see which is correct.
* '''Cross-site Scripting (XSS)''': Occurs when an attacker sends a script that is executed by a victim system’s web browser or in another browser window accessing a different site.
* '''Cryptocurrency''': Any digital currency that uses an online ledger and cryptography to secure transactions.
* '''Cryptography''': The discipline that embodies the principles, means, and methods for the transformation of data to hide their semantic content, prevent their unauthorized use, or prevent their undetected modification.
* '''Dark Web''': A subset of the deep web. Its content is not indexed and consists of overlaying networks that use the public internet but require unique software, configuration, or authorization to access; designed to hide the identity of the user. Commonly contains anonymous journalism and marketplaces for illegal goods and services, and is regularly used by threat actors.
* '''Decryption''': The process of transforming ciphertext into plain text.
* '''Deepfake''': An audio or video clip edited and manipulated to seem real.
* '''Deep Web''': Online content that is not indexed by traditional search engines. The content is available to the general public but is harder to find unless you have the exact URL. Legitimate uses of the deep web include online banking, web mail, cloud storage, and legal documents.
* '''Denial of Service (DoS)''': An attack that inhibits a computer resource from communicating on a network, preventing it from being available to fulfill its purpose either temporarily or permanently.
* '''Directory''': A centralized listing of resources such as users, groups, files, and applications. Directories are also known as folders.
* '''Distributed Denial of Service (DDoS)''': A DoS attack that is sourced/distributed from many different host systems. It involves using computers to flood a single target simultaneously, causing a denial-of-service condition.
* '''DNS''': Domain Name System is a hierarchical naming system built on a distributed database. This system transforms domain names to IP addresses and makes it possible to assign domain names to groups of Internet resources and users, regardless of the entities’ physical location.
* '''DNS Hijacking''': A malicious exploit in which a hacker or other party redirects users through a rogue DNS server or other strategy that changes the IP address to which an Internet user is directed.
* '''Domain Name''': A text-based translation of the numerical IP address assigned to an internet resource. Domain names are also referred to as internet addresses.
* '''Doxxing''': The process of gathering information about a person or business using online public sources such as social media profiles, reverse phone lookup, and search engines. Doxxing typically leads to an anonymous person’s identity being revealed.
* '''Encryption''': The conversion of plain text to ciphertext through the use of a cryptographic algorithm. Encryption is commonly used to ensure the confidentiality and integrity of electronic communications and is a direct application of cryptography.
* '''Exploit''': A malicious application/tool used to take advantage of a system’s vulnerabilities.
* '''Firewall''': An access control device (can be software or hardware) that performs specific security activities such as detecting failed attempts at access.
* '''Hacker''': An unauthorized user who attempts to or gains access to an information system, the act of which is known as hacking.
* '''Hacktivist''': Formed by combining “hack” with “activism,” hacktivism is the act of hacking into a website or computer system to communicate a politically or socially motivated message. For the hacktivist, it is more about making a statement than causing harm.
* '''Identity Theft''': A crime in which an attacker uses the stolen identity of another individual to gain access to financial resources and/or other privileges.
* '''Intrusion Detection System (IDS)''': A system that monitors network and/or system activities for malicious activities or policy violations and produces reports to a management station. An IDS can identify both internal and external threats and is used to detect and mitigate potential security breaches.
* '''Intrusion Prevention System (IPS)''': A network security device that inspects traffic and performs actions to block or prevent malicious traffic from reaching its intended destination.
* '''Malware''': Malicious software, including viruses, worms, trojans, and other programs designed to damage or disrupt systems or information. Malware often spreads without the knowledge or consent of the victim.
* '''Password''': A string of characters used to authenticate a user. To be effective, passwords should be long and contain a mix of letters, numbers, and symbols.
* '''Penetration Testing (Pentest)''': The process of simulating an attack on an information system to identify and exploit vulnerabilities, typically used to assess the security posture of the system.
* '''Phishing''': A social engineering attack that attempts to trick victims into divulging personal information such as usernames, passwords, or financial information by pretending to be a legitimate entity or individual.
* '''Public Key Infrastructure (PKI)''': A framework for managing digital certificates and encryption keys to secure communications and verify identities in a networked environment.
* '''Ransomware''': A type of malware that encrypts a victim’s files or locks them out of their system until a ransom is paid to the attacker.
* '''Social Engineering''': The manipulation of individuals into revealing confidential or personal information that can be used for fraudulent purposes.
* '''Spyware''': Software designed to gather information about a user or system without their knowledge or consent and transmit that information to a third party.
* '''Virus''': A type of malicious software that replicates by inserting copies of itself into other programs or files. It can spread to other systems and may cause damage to the affected systems.
* '''Vulnerability''': A weakness in a system or network that can be exploited by a threat actor to gain unauthorized access or cause harm.
* '''Zero-Day Exploit''': An attack that takes advantage of a previously unknown vulnerability in software or hardware, before the vendor has issued a fix or patch for the vulnerability.
 
 
 


= [https://irp.fas.org/offdocs/nspd/nspd-54.pdf National Security Presidential Directive-54] =
= Categories =
= [https://irp.fas.org/offdocs/nspd/nspd-23.htm Homeland Security Presidential Directive-23]. =
[[Category:Cybersecurity]]
= https://www.britannica.com/technology/computer-security =
[[Category:Technology]]
= https://www.theaustralian.com.au/technology/opinion/reliance-spells-end-of-road-for-ict-amateurs/story-e6frgb0o-1226636267865 =
[[Category:Terms]]
= https://www.cid.army.mil/assets/docs/lookout/CyberTermsPT2.pdf =
[[Category:Educational Resources]]

Revision as of 01:35, 10 September 2024

Cybersecurity as a Topic

The Army defines cybersecurity as the “Prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communications, and electronic communications, including information contained therein, to ensure their availability, integrity, authentication, confidentiality, and non-repudiation”[1].

Wikipedia defines it as:

  Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from information disclosure, theft of, or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide[2].

Cybersecurity helps defend against cyber attacks while improving privacy. It primarily helps defend against influence and marketing campaigns.

Cybersecurity tools, policies, and articles are often shared on the Irregular Chat at the unclassified level and derived from open source mediums.

  1. Irregular Chat Cybersecurity

Cybersecurity Terms

Below are standard cybersecurity terms that may be used during conversation and recognized by industry and the government:

  • Adware: Free software supported by advertisements that include features such as enhanced search tools or programs such as games or utilities. The programs are free to use but require the user to watch advertisements as long as the programs are open.
  • Antivirus Software: Uses virus definitions to determine whether a file contains a virus and must be updated regularly to protect systems and networks against new attack signatures.
  • Attack: An intrusion against an information system (computer) resulting in the degradation, denial, or destruction of the information or information system (computer).
  • Authentication Factor: Data used to identify an individual for access to an information system. Authentication factors can be something you know (usernames, passwords, secret questions), something you have (USB token, smart card, PKI certificate), something you are (fingerprint, DNA, retina pattern), something you do (annotating text from an image, clicking only images of storefronts), or somewhere you are (GPS location).
  • Backdoor: Refers to any method that allows an authorized or unauthorized user to bypass some or all security measures to gain access to a computer system, network, or software application. Not all backdoors are nefarious—they can be used to assist users who become locked out of their system.
  • Baiting: Leaving a piece of portable electronic storage media such as a CD, laptop, or USB drive near a target’s workplace to tempt the curious victim into seeing what’s on it. When the victim attempts to use the media a malware program releases a virus or exposes personal and financial information to hackers.
  • Beacon: A type of malware that systematically calls out to a specified IP address or URL from a victimized system. A waiting threat agent can answer this beacon, establishing a connection that provides partial or even full remote access to the victimized system.
  • Black Hat: A hacker that breaks into a network or device without consent to conduct malicious activities that can be used to harm the owner/users.
  • Bot/Botnet: A software application or tool that performs tasks on command, allowing an attacker to control an affected computer remotely—a collection of infected computers is a botnet.
  • Brute Force Attack: A programming style that does not include any shortcuts to improve performance but relies on sheer computing power to try all possibilities until the solution to a problem is found.
  • Cache: Contains copies of web pages saved by the browser that was used to view them. These files are used to increase web browsing speed and are sometimes called temporary internet files.
  • Ciphertext: The unreadable, unintelligible group of alphanumeric characters produced from a cipher (an algorithm for performing encryption or decryption) or the input to an inverse cipher.
  • Clickjacking: An attack that tricks victims into clicking on a disguised link, potentially causing the victim to reveal confidential information or allowing others access to the victim’s system.
  • Client: A host seeking to use a server’s resources.
  • Client/Server Network: In this network, individual workstations send requests to a central server, and the server provides all resources.
  • Cloud: A collection of computers with large storage capabilities that remotely serve requests, allowing you to access files and services online from anywhere in the world.
  • Computer Network Exploitation (CNE): Consists of techniques and processes that use computers or computer networks to gather data on targeted systems and networks.
  • Cookie: An information packet sent from a website to a web browser that records a user’s activity on that website. The information packet is stored on the user’s computer and used to provide more personalized services for each subsequent visit to the website.
  • Cracking: When an attacker generates a set of values representing possible legitimate authentication factors and then tests those values against the authentication system to see which is correct.
  • Cross-site Scripting (XSS): Occurs when an attacker sends a script that is executed by a victim system’s web browser or in another browser window accessing a different site.
  • Cryptocurrency: Any digital currency that uses an online ledger and cryptography to secure transactions.
  • Cryptography: The discipline that embodies the principles, means, and methods for the transformation of data to hide their semantic content, prevent their unauthorized use, or prevent their undetected modification.
  • Dark Web: A subset of the deep web. Its content is not indexed and consists of overlaying networks that use the public internet but require unique software, configuration, or authorization to access; designed to hide the identity of the user. Commonly contains anonymous journalism and marketplaces for illegal goods and services, and is regularly used by threat actors.
  • Decryption: The process of transforming ciphertext into plain text.
  • Deepfake: An audio or video clip edited and manipulated to seem real.
  • Deep Web: Online content that is not indexed by traditional search engines. The content is available to the general public but is harder to find unless you have the exact URL. Legitimate uses of the deep web include online banking, web mail, cloud storage, and legal documents.
  • Denial of Service (DoS): An attack that inhibits a computer resource from communicating on a network, preventing it from being available to fulfill its purpose either temporarily or permanently.
  • Directory: A centralized listing of resources such as users, groups, files, and applications. Directories are also known as folders.
  • Distributed Denial of Service (DDoS): A DoS attack that is sourced/distributed from many different host systems. It involves using computers to flood a single target simultaneously, causing a denial-of-service condition.
  • DNS: Domain Name System is a hierarchical naming system built on a distributed database. This system transforms domain names to IP addresses and makes it possible to assign domain names to groups of Internet resources and users, regardless of the entities’ physical location.
  • DNS Hijacking: A malicious exploit in which a hacker or other party redirects users through a rogue DNS server or other strategy that changes the IP address to which an Internet user is directed.
  • Domain Name: A text-based translation of the numerical IP address assigned to an internet resource. Domain names are also referred to as internet addresses.
  • Doxxing: The process of gathering information about a person or business using online public sources such as social media profiles, reverse phone lookup, and search engines. Doxxing typically leads to an anonymous person’s identity being revealed.
  • Encryption: The conversion of plain text to ciphertext through the use of a cryptographic algorithm. Encryption is commonly used to ensure the confidentiality and integrity of electronic communications and is a direct application of cryptography.
  • Exploit: A malicious application/tool used to take advantage of a system’s vulnerabilities.
  • Firewall: An access control device (can be software or hardware) that performs specific security activities such as detecting failed attempts at access.
  • Hacker: An unauthorized user who attempts to or gains access to an information system, the act of which is known as hacking.
  • Hacktivist: Formed by combining “hack” with “activism,” hacktivism is the act of hacking into a website or computer system to communicate a politically or socially motivated message. For the hacktivist, it is more about making a statement than causing harm.
  • Identity Theft: A crime in which an attacker uses the stolen identity of another individual to gain access to financial resources and/or other privileges.
  • Intrusion Detection System (IDS): A system that monitors network and/or system activities for malicious activities or policy violations and produces reports to a management station. An IDS can identify both internal and external threats and is used to detect and mitigate potential security breaches.
  • Intrusion Prevention System (IPS): A network security device that inspects traffic and performs actions to block or prevent malicious traffic from reaching its intended destination.
  • Malware: Malicious software, including viruses, worms, trojans, and other programs designed to damage or disrupt systems or information. Malware often spreads without the knowledge or consent of the victim.
  • Password: A string of characters used to authenticate a user. To be effective, passwords should be long and contain a mix of letters, numbers, and symbols.
  • Penetration Testing (Pentest): The process of simulating an attack on an information system to identify and exploit vulnerabilities, typically used to assess the security posture of the system.
  • Phishing: A social engineering attack that attempts to trick victims into divulging personal information such as usernames, passwords, or financial information by pretending to be a legitimate entity or individual.
  • Public Key Infrastructure (PKI): A framework for managing digital certificates and encryption keys to secure communications and verify identities in a networked environment.
  • Ransomware: A type of malware that encrypts a victim’s files or locks them out of their system until a ransom is paid to the attacker.
  • Social Engineering: The manipulation of individuals into revealing confidential or personal information that can be used for fraudulent purposes.
  • Spyware: Software designed to gather information about a user or system without their knowledge or consent and transmit that information to a third party.
  • Virus: A type of malicious software that replicates by inserting copies of itself into other programs or files. It can spread to other systems and may cause damage to the affected systems.
  • Vulnerability: A weakness in a system or network that can be exploited by a threat actor to gain unauthorized access or cause harm.
  • Zero-Day Exploit: An attack that takes advantage of a previously unknown vulnerability in software or hardware, before the vendor has issued a fix or patch for the vulnerability.



Categories

  1. [1] U.S. Army Cyber Command, "What is Cybersecurity?" (2023). Retrieved from [Army Cyber Command Website](https://www.arcyber.army.mil/).
  2. [2] Wikipedia, "Computer Security," (2023). Retrieved from [Wikipedia](https://en.wikipedia.org/wiki/Computer_security).