DDoS (Distributed Denial of Service)

A malicious attack attempting to disrupt normal traffic of an internet-connected service or system, such as a website, or online shop, by flooding the target with ‘traffic’. Such traffic can look like legitimate attempts to access the target system but, actually leverage a network of compromised computers and other internet-connected devices to generate the malicious […]

Botnet

A botnet (a contraction of ‘robot network’) is a network of computers, servers and mobile devices which have been compromised by malicious code. Malicious threat actors then remotely control compromised devices, known as ‘bots’, to perform malicious, usually criminal actions including: Disseminating spam email, malware, and ransomware Password cracking Denial-of-Service attacks Eavesdropping on network and voice communications traffic Botnets can be comprised of a few dozen computers up to many millions giving the attacker […]

Anti-Virus (AV)

A program that is designed to monitor and prevent, search for,  and remove software viruses and other malicious software such as remote access tools (RAT), trojans, worms and more. They tend to use signature-based detection. Anti-Virus is different from Advanced Endpoint Protection (AEP). Anti-Virus products generally do not use machine-learning or behavioural analysis which protect […]

Countermeasure

Controls put in-place, be they technological, procedural, or otherwise, designed to protect the vulnerability, confidentiality, and availability of organisational data and systems.

Compromise

The theft of, or otherwise unauthorised disclosure, modification, substitution, or use of sensitive data. Example: Your account / login credentials have been stolen, perhaps through phishing or malware, and used to gain unauthorised access to your data. Such access could then be used by the cybercriminal to exfiltrate (steal) your organisation’s data, before then triggering a Ransomware payload

Attack Surface

The attack surface is a collective term to describe all possible avenues (or ‘vectors’), a threat actor with malicious intent can ‘attack’ to gain unauthorised access to a system and therethrough, your data. The smaller the attack surface, the easier it is to protect.  Minimisation of your attack surface should be a feature of any conversation around adoption of […]

Attack Vector

Methods that malicious actors, cyber criminals, such as hackers, use to breach or infiltrate your network to deliver a malicious payload or hostile outcome. There are many different attack vectors, ranging from malware and ransomware, to man-in-the-middle attacks, compromised credentials, and phishing.