ITS

Information Technology Services
Information Technology Services

Security Terminology

There are all kinds of interesting terms that have been coined to describe security threats and prevention.  This page is intended to gather those terms in a central location.

 

Term Description
Administrator Backdoor

A network administrator may intentionally create or install a backdoor program for troubleshooting or other official use. Unfortunately, if hackers find this backdoor, they can use it to install malicious files or software programs (malware), modify code or detect files and gain system and/or data access. Even backdoors installed by network administrators pose security risks because they provide a mechanism by which the system can be exploited, if discovered.

Baiting Baiting involves the use of physical media in order to infect an unsuspecting user's computer. In this type of attack, a malware-infected CD-ROM or USB flash drive is left in an area where it is likely someone will come across it. It may be labelled with something to pique curiosity such as "Employee Salaries" or "Confidential HR Files." Even if the person who finds it has good intentions to return it to the user, by picking up the disk or USB key and plugging it into their computer, the virus will begin to install the virus. This could infect the computer and/or any attached networks.
Botnet

A botnet is a group of internet-connected computers that contain software designed to forward transmissions to other computers on the internet. These transmissions could include, but are not limited to, spam and/or viruses. In many cases, the owners of these computers are unaware that their computer is part of a botnet. Their computers have been compromised by a small program that has been hidden within an innocent-looking email attachment or a free program, like a game or an app. Once on the device, the program can execute whatever task it was designed to carry out. The botnet could contain hundreds of thousands of computers.  

Each computer within the botnet is called a bot or zombie. The bot is controlled by a "bot-herder" or operator that could be located anywhere in the world.

Brute Force Attack In a brute force attack, the attacker systematically checks all possible passwords and passphrases until the correct one is found. The attack combines dictionary words with thousands of varying combinations.  A brute force attack can make 50 to 1000 attempts per minute.  Given the time, this attack will overcome any password.
Data Breach

A data breach is a security incident in which sensitive, protected, or confidential data has been copied, transmitted, viewed, stolen, or otherwise used by someone who was not authorized to do so. Credit card data breaches and medical data breaches are two of the more harmful and costly data breaches.

Drive-by Downloads

Drive-by downloads are programs that start to download to your computer as soon as you visit a web page or click on a link within the web page.

The download happens in the background, so you will not even be aware it is occurring. Drive-by downloads can be hidden on otherwise valid pages that you have been directed to by email, text message or social media. Beware of those “Check it out!” links. While you are reading the article or watching the video, the malicious content is being downloaded to your computer.

Drive-by downloads can even be a small program that takes only seconds to download but its task is to contact another computer to download the entire program. It may even wait until your device is idle before the full program download begins. 

Drive-by downloads are especially dangerous because they are stealthy. They are used by cyber-criminals to install viruses, ransomware and spyware on your devices by exploiting vulnerabilities, plug-ins and other components in web browsers. Drive-bys can be on websites set up to drive users to that site or it could be housed within a legitimate site that has been compromised.

IT Hijack

Malicious software designed to block access to a computer system until a sum of money is paid (ref: Oxford)

Phishing Phishing is a form of identity theft where victims are lured into giving away sensitive information, usually through email (although users can also be targeted by phone or text). Messages are designed to look like they are coming from trusted businesses, like banks, government agencies or even from within Queen's University. Often they are trying to steal your identity or login credentials to gain access to your accounts and use them to commit other crimes.
Ransomware

Ransomware is a program designed to entice you to pay a ransom in order gain back access to your computer or your files. Ransomware comes in a variety of forms with some being nothing more than a nuisance that requires lengthy removal steps with specialized software and knowledge. These types of ransomware will often warn the user of existing infections and if you pay a fee, the software promises to remove the identified problems. To the unsuspecting user, the warning will appear to be generated by the computer system, however it is simply a ploy for you to purchase a fake removal product that will often do nothing. 

The most destructive type of ransomware will encrypt your computer files so you cannot use them. When you attempt to open your files you will receive a ransom message telling you to pay a sum of money in exchange for the decryption key to unlock your files. The sum of money is usually several hundred dollars. When people are faced with the alternative of losing all their data, they often pay the ransom. This has been very lucrative for cyber criminals since the only solution is to either pay the ransom or restore your files from an existing backup. If you do not have your files backed up, this could result in the loss of important files and data.

Scareware Scareware is deception software. Its purpose is to frighten people into thinking their computer is being attacked and the solution is to download and install their software, which is actually a scam. Unless it is a message from your trusted anti-virus program, always be cautious of pop-ups and flashy messages claiming to be attacking your computer. This can also come in the form of calls from a well-known source such as Microsoft, that claims you have a virus on your system and they can help you for a fee payable immediately by credit card.
Social Engineering Social engineering is a modern con game.  The user is manipulated into divulging their password or other confidential information for the purpose of information gathering, fraud or system access. Techniques include phishing attacks, phone calls from a seemingly well-known or trusted source (such as a person masquerading as a bank representative or Canadian Revenue Agency representative) or by baiting a user by leaving a malware-infected CD or USB-drive in a high traffic area to catch a curious passerby who will pick it up and put it in their computer.
Tabnabbing

Tabnabbing is a phishing technique where a malicious web site changes its looks while the tab is inactive in order to trick the user into entering credentials.

Just when you thought you’d heard about every type of attack known to man, along comes another. This one is called “tabnabbing” and as you might guess, it’s a browser-based attack. It’s actually a variation of phishing, whereby the malicious site takes advantage of multi-taskers who have multiple tabs open to change the content in an open tag that has lost focus. The point is to get the user to click the tab and type in his or her logon information, which the attacker collects and uses. Interesting, Firefox is said to be most vulnerable to this. Read more here: http://searchbliss-webmaster.blogspot.com/2010/05/tabnabbing-new-phishin...

Just when you thought you’d heard about every type of attack known to man, along comes another. This one is called “tabnabbing” and as you might guess, it’s a browser-based attack. It’s actually a variation of phishing, whereby the malicious site takes advantage of multi-taskers who have multiple tabs open to change the content in an open tag that has lost focus. The point is to get the user to click the tab and type in his or her logon information, which the attacker collects and uses. Interesting, Firefox is said to be most vulnerable to this.

Read more here:

http://searchbliss-webmaster.blogspot.com/2010/05/tabnabbing-new-phishing-attack.html

Watering Hole attach The victim has to visit a website that contains this exploit code to be attached.