SME Business Cyber Security Definitions D to N
This is an abridged version of the handbook
ACSC Australian Cyber Security Centre
Australia’s leading Government body in improving cyber security in Australia. Their role is to help make Australia the most secure place to connect online. This role includes monitoring cyber threats 24 hours a day seven days a week, so that they can alert Australians and Australian businesses on what to do, including the provision of information and advice on how to protect yourself and business online. www.cyber.gv.au
This is the process of making data unreadable by others by using ciphertext algorithms. Encryption protects the confidentially of data at rest and in transit.
End to End Encryption
A method sued to secure communication between point A and Point B. Means that only the communicating users can read data transferred from one end-system or device to the other.
Protecting your devices (Desktops, laptops, Tablets, Phones or other Wireless devices) when connected to a network or the internet through software such as Anti-virus software. Each device with a remote connection to a network creates a potential entry point for security threats.
Involves implementing a range of software to protect email accounts and communications from unauthorized access, loss, or compromise. The aim is to have a defence structure that creates a strong email security posture by having policies and tools that protect against malicious threats such as malware, spam, phishing attacks, and loss of email’s due to human error of deletion.
In the context of system logs, an event constitutes an evident change to the normal behaviour of a network, system or user.
A computer exploit is a type of malware that takes advantage of bugs or vulnerabilities, which cybercriminals use to gain illicit access to a system. These vulnerabilities are hidden in the code of the operating system and its applications just waiting to be discovered and put to use by cybercriminals. That why software developers are always updating their software through patches. You must always check you have the latest version, that’s what your IT provider can monitor and ensure all users are protected by ensuring all devices are using the latest version of software.
A filter that examines content to assess conformance against a security policy. A filter is used to specify which packets will or will not be used. It can be used in sniffers to determine which packets get displayed, or by firewalls to determine which packets get blocked.
A network device that filters incoming and outgoing network data based on a series of rules.
Is intended to be memory resident only enabling it to leave no trace after execution. The malicious payload exists in the computer’s memory, meaning nothing is ever written directly to the hard drive. It overcomes traditional detection methods as there is no file for antivirus software to detect, and heir is no trace on the hardware for forensics to trace. Research shows that fileless attacks were ten times more likely to succeed, Detection is achieved by using anti-malware software that uses behavioural analysis, ideally supported by an Artificial Intelligence (AI) component. Support this with a Security Information Event Management (SIEM) system to tie all the alerts and detections together.
Hacking refers to activities that aim to compromise digital devices, such as computers, smartphones, tablets, and computer networks. References to hacking, and hackers, characterise it/them as unlawful activity by cybercriminals—motivated by financial gain, protest, information gathering (spying), and even just for the “fun” of the challenge.
Have I been Pwned
A website that allows internet users to check whether their personal data has been compromised or is part of a breach where data has been leaked. Check for whether your data was part of the breaches related to Optus, Medibank etc.
Is when a cyber-criminal obtains or uses personal information, e.g., name, login user details, medicare, Car licence or passport number, date of birth, address etc., of someone else to assume their identity or access their accounts for the purpose of committing fraud, receiving benefits, or gaining financially in some way. All businesses, no matter what size have valuable data that cyber-criminals want.
IP is short for Internet Protocol and is part of TCP/IP which is the networking software that makes it possible for your device to interact with other devices on a computer network, including the Internet. IP addresses allow computer to communicate anywhere in the world.
An insidious pieced of software known as spyware that records and steal consecutive keystrokes (and much more) that the user enters on a device. Simply logs what you type on your keyboard. However, keyloggers can enable cybercriminals to eavesdrop on you, watch you on your system camera, or listen over your smartphone’s microphone. Usually delivered through email with an attachment or sometimes by visiting an infected website that has the spyware on the site and is downloaded to your device without your knowledge. Detection is achieved by scanning your system regularly, the frequency should be determined by your IT security policy and your IT support provider should be monitoring the results of the scans.
A virus that’s written in macro, a programming language rooted inside software applications like Microsoft Office. The programming language allows users to automate tasks into a few keystrokes and enhance workflow. Unfortunately, the language is vulnerable to the macro virus. Easy protection step is to turn the macro capability off. Recommended in the Essential 8 released by the Australian Cyber Security Centre.
A collection of digital devices such as laptops, desktops, servers, phones and peripherals that are connected to each other allowing for data to be shared between devices.
What to do next?
Next months: SME Business Cyber Security Definitions Handbook will cover more terms, however if any of these terms ae making you think about security and you want to have a friendly chat about your security posture or resilience then please contact your local Computer Troubleshooter on 1300 28 28 78