Nine Vectors of Cyberattack: Terms You Need to Know
Airgapping—Systems that hold very sensitive data or connect to vital systems that would be highly dangerous if compromised are not connected to the internet, leaving an "air gap" between them. Airgapping is generally thought to be the best way to secure a computer or network, but airgapped computers still are vulnerable to infection from malware passed on storage media, such as USB drives.
DDoS— "Distributed denial of service attacks" swamp a system with traffic from automated networks of compromised computers (botnets), preventing legitimate access to company servers, websites and client web portals. DDoS attacks often are accompanied by ransom demands.
ICS, SCADA— "Industrial control systems" and "supervisory control and data acquisition" programs are used to control industrial production and heavy equipment. Vulnerabilities in ICS can be exploited to destroy equipment, injure workers or trigger environmental threats if the ICS controls chemical or petroleum products.
Internet of Things, or IoT— This trend connects previously network-incompatible devices (elevators, door locks, thermostats, lighting and more) to the internet for remote control. In some cases, the control interface is insufficiently secured and accessible by anyone on the internet, allowing attackers as much control as the device's owner.
Malware, Virus, Worm— These broad terms refer to software designed with malicious intent. Viruses and worms have differing mechanisms for spreading through networks to find their targets.
Phishing, Spear Phishing— Emails crafted to trick users into clicking links, downloading files or replying with sensitive data. Used to steal money or compromise security. Often, phishing emails are sent as blasts. Spear-phishing targets individuals using stolen personal data to be more convincing.
Ransomware, Cryptolocker, Fessleak— Malware that encrypts files and demands a ransom for unlocking them. The FBI shut down the central servers of the most prolific, Cryptolocker, in July 2014, but ransomware is still pervasive, evolving into a file-less form known as Fessleak in January 2015.
Social Engineering— A technique of getting users to share sensitive data. Websites that look like social-media log-in pages harvest user names and passwords. Emails claiming to be from relatives stranded overseas ask for fund transfers. Social-engineering tricks are becoming increasingly sophisticated and generally can't be spotted by detection systems. The only defense is education.
Zero Day— Any previously unknown, undisclosed software vulnerability that can be used to compromise a computer's security. The name comes from the fact that security experts have had no advance notice to help them prevent the attack.