Explain Like I’m 10

Here are some definitions to help you understand commonly used terms in cyber security. (more terms will be added)

VIRUS – program or programming code that replicates by being copied or initiating its copying to another program, computer boot sector or document.

MALWARE – software that is intended to damage or disable computers and computer systems.

SPYWARE – Software that enables a malicious user to obtain secret information about another persons computer activities by transmitting data secretly from their hard drive.

ADWARE – software that automatically displays or downloads advertising material (often unwanted) when a user is online.

SPAM – irrelevant or inappropriate messages sent on the Internet to a large number of recipients.

PHISHINGa technique used to gain personal information for purposes of identity theft, using fraudulent e-mail messages that appear to come from legitimate businesses

ZERO-DAY – a new, unpatched vulnerability which is used to perform an attack. “zero-day” comes from the fact that no patch yet exists to fix the vulnerability being exploited in the software.

VULNERABILITY – a flaw in a system that can leave it open to attack.

ANTI-EXPLOIT software – protects you against the security vulnerabilities in the code, which make up your software programs.

ANTI-VIRUS software a program or set of programs that are designed to prevent, search for, detect, and remove software viruses, and other malicious software.

COOKIES – small files that are stored on your computer. Cookies contain the address of web sites and codes that your browser sends back to the Web site each time you visit a page there.

TWO FACTOR AUTHENTICATION – a security process in which the user provides two means of identification. one form of ID is typically a physical token, such as a card, and the other form of ID is typically something memorized, such as a security code.

ENCRYPTION –  the process of encoding messages or information in such a way that only authorized parties can read it.

DECRYPTION –  the process of converting encrypted data back into its original form, so it can be understood.

RANSOMEWARE – a type of malware that restricts access to the infected computer system in some way, and demands that the user pay a ransom to the malware operators to remove the restriction

MALVERTISING – or “malicious advertising”; is the use of online advertising to spread malware. These types of ads (video or static) can be seen on a vast majority of websites. These ads are now being used for malicious activity as well.

BREACH (Cyber Security) – type of attack that allows an attacker full access to both data and equipment illegally using various attacks to bypass an organizations security measures.