Natwest recently published a really useful article setting out the definitions of the new terminology SME Owners are having to get to grips with, and it would have been rude of us not to share it with you!
1. Hacker: black hats and white hats
“This is an often misused term,” says cyber-security adviser Vince Warrington. “Hackers are people who have the skills to gain unauthorised access into a computer system or to find flaws in software. But they’re not necessarily bad guys. There are huge numbers of ethical hackers out there – known as ‘white hats’ – who work to keep systems and data safe from attack and compromise.”
Warrington says that the people to be worried about are ‘black hats’. “These are the hackers who are out to cause mischief,” he says.
2. Phishing
Dr Guy Bunker, at data security company Clearswift, says: “Phishing is about sending fraudulent emails or links in social media to people with a view to getting the individual to reveal sensitive information.” He explains that there are different variants of phishing attacks that go after specific people within an organisation.
“Spear phishing targets a specific individual, often using information gained from social media to help raise trust of the sender to fool them into opening an email containing malware (see below).
“There’s also whaling, a method of going after the CEO of a company specifically; and minnowing, which goes after the people lower down in the organisation but who have legitimate access to confidential information.”
3. Malware
“This is a portmanteau term that covers a wide range of malicious software, from computer viruses that destroy data to software that locks up your computer and prevents you from using it,” Warrington says. “The sole purpose of malware is to compromise the integrity, availability or confidentiality of your data. Some malware, such as traditional computer viruses, are only designed to cause chaos, while others are used by attackers to glean data or funds from your business – such as ransomware (see below).”
4. Botnet
“A botnet is a network of private computers that have been compromised with malware and then used by cyber-criminals for their own nefarious purposes,” Bunker says. “If your computers become part of a botnet and host malware, then they can be effectively blacklisted by the internet and you won’t be able to send a legitimate email, for example.”
5. Ransomware
Warrington says: “This is a specific type of malware designed to lock your computer and data until you pay a ransom to release it, usually via a cryptocurrency like bitcoin. Your only hope of recovering your data,” says Warrington, “is to restore from a backup – you are backing up your data, aren’t you? – or pay the criminals.”
He adds: “To help prevent a ransomware attack, it’s vital that your business uses good detection software and you educate your staff on the dangers of opening attachments or clicking links in emails.”
6. Patching
“Cyber attackers look for known vulnerabilities in both operating systems (OS) and applications, including the browser and browser plug-ins,” says Bunker. “As soon as a vulnerability is known about, software vendors release a patch to fix it, but the threat lies with organisations delaying the patching – that is, downloading an update to fix the problem – that ensures they’re no longer vulnerable.
“Organisations need to keep up to speed with published vulnerabilities and apply patches as soon as possible to minimise this window of opportunity.”
7. Shadow IT
“This refers to employees using devices or web services that the company’s IT department doesn’t know about,” says Bunker. “In the past, it used to be about unauthorised Wi-Fi access points, but today it’s far more likely to be cloud services.
“This creates business risk as unauthorised data sharing may occur, and on an insecure platform. Organisations need to monitor for shadow IT usage and rather than block it outright, come up with secure alternatives.”
8. Social engineer
“This is a fraudster who uses deception and psychological manipulation to get what they want,” Warrington says. “In the world of cybercrime, these individuals are adept at crafting phishing emails to gain the trust of the unwary. They will scour social media profiles to build up a picture of who you are and who you trust so they can compromise you.”
9. Pen test
Warrington says: “Short for ‘penetration test’, this is the process of employing ethical hackers to test your defences, so you can fix any holes before an attacker can exploit them.
“Pen tests use a variety of tools depending on what you want to assess, from simple scanning for vulnerabilities on your website to full-blown in-depth tests that use real-world threat intelligence, white hats and social engineers to probe deep into your company.”
10. Insider threat
This refers to a person within your business who’s using your computer systems for fraudulent or criminal ends, Warrington says. “These are usually disgruntled employees who want to take revenge on the business by causing chaos, people who are moving to a competitor and want to take some of your data with them, or staff who simply see the opportunity to manipulate your systems to carry out fraud.”
He adds: “The insider threat can go unnoticed for some time as most businesses are not good at understanding what abnormal staff behaviour looks like.”