Cyber Security Jargon Explained

Ransomware is a sophisticated security hack that locks users out of devices, systems or files, demanding a ransom before access is returned. Often the ransom is requested in a crypto currency like Bitcoin for the anonymity it provides.

Malware is a general classification for malicious software developed to intentionally damage or interrupt computers, servers or networks. They include programs known as viruses, worms and trojan horse among others.

Phishing refers to fraudulent attempts to attain personal or sensitive information such as usernames, passwords and payment details. This is often done by fraudsters pretending to be a trusted entity and can be highly sophisticated. Often it is initiated with an official looking email or instant message that links through to a credible landing page.

Cross Site Scripting (XSS) impacts website owners and users. Attackers exploit vulnerabilities in webpages to inject their own code and potentially steal site user data including session cookies.

SQL Injection is where an attacker injects their own code or 'SQL statements' into data-driven websites or applications. Not all websites are data-driven but the vast majority will have databases and are therefore vulnerable. These malicious code injections can change or tamper with actions on the site to either extract data or change outcomes.

Denial of Service (DoS) or Distributed Denial of Service (DDoS) attack is an attempt to disrupt a server, website, network or computer either permanently or temporarily by overloading the system with dummy requests. These attacks usually target high-profile websites and services such as the attack on the BBC in 2016.

A Man in the Middle Attack intercepts communications between two parties. Insecure WiFi networks and routers can be a key vulnerability exploited by Man in the Middle attackers. Through a compromised router they can intercept communications and inject malware.

Data Breach is the exposure of secure or confidential information to a non authorised source. It can often be the result of a successful cyber attack, resulting in private data being released or extracted by an attacker.

Software Subversion is another broad term that covers using software to perform unintended actions.