Glossar: IT-Sicherheit & Datenschutz

Hier finden Sie eine Sammlung wichtiger Begriffe aus dem Bereich IT-Sicherheit und Datenschutz – von A wie Adware bis Z wie Zwei-Faktor-Authentifizierung

    A computer virus is a classic type of malware – a harmful computer program that replicates itself. It cannot exist on its own as it depends on a host, e.g., a document or program, and can only spread through it. Viruses can cause damage to operating systems as well as to software and hardware and often lead to a loss of data on the affected device.

    The General Data Protection Regulation (GDPR) took effect in May 2018. It regulates how organizations should handle personal customer data. It applies for organizations based in the EU as well as organizations merely operating in the EU. The guidelines deal with the processing and storage of individual data and cover extensive duties of documentation. Organizations that do not follow the defined security standards must expect severe penalties.

    Adware (from “advertising” and “software”) is a collective term for programs that are financed via advertisements. It is designed to launch individual ads on the users’ computers and generate income from them. Some types of adware might also include malware or spyware – programs intent on intercepting personal data by redirecting search requests.

    An antivirus program (AVP) detects malware by comparing the files on your device with fingerprints and signatures of already familiar malware and protects your computer and smartphone from an infection with that virus. Your AVP should, therefore, always be up to date to be able to detect signatures of as many malicious programs as possible. Do not postpone your AVP’s updates – there is new malware every day. there is new malware every day. There are two different ways for your AVP to protect your devices: 1. Ad hoc review – When you download or use a file (e.g. a Word document), the program scans your device for signs of an infection while using a file. 2. Regular checks – The AVP scans all the files saved on your devices in regular intervals. Even if the AVP had its latest update, it cannot unerringly detect all malware: If the AVP’s provider has not had enough time to analyze newly released malware, the AVP does not ensure full protection. Cybercriminals can even manipulate computers and operating systems using so-called “rootkits” so that the AVP can no longer detect malware.

    In IT security, awareness (also known as security awareness or cyber security awareness) describes an individual’s correct and deliberate handling of IT security risks. This includes knowledge about different types of cyber threats and strategies on how to react in case of a real attack. Organizations use training measures (security awareness trainings) to strengthen employees’ security awareness and minimize IT security dangers.

    Baiting is a special type of social engineering in which criminals take advantage of their victim’s curiosity. They place digital or physical baits to install malware on the recipients’ systems and intercept sensitive data. Typical examples are infected download links in phishing mails advertising supposedly free offers and deals as well as USB flash drives which are placed in or close to the organization to install malware when connected to a device.

    A bot (from “robot”) describes a computer program that usually performs repetitive tasks on its own without depending on any interaction. A botnet is a group of computers that are networked together after they have been infected with malware. These networks, once connected to the internet, can respond to remote commands from cybercriminals. The network connection and local resources of affected computers are then used by cybercriminals for various purposes without the knowledge of the user. As a result, your own computer can be used unnoticed, to send spam, to carry out DDoS attacks or for phishing.

    Business email compromise is a cybercrime in which criminals impersonate an organization’s employee and send emails in his or her name. They often include personal data in these mails to manipulate receivers and prompt them to act a certain way. Typically, cybercriminals imitate executives (see CEO fraud) or the finance department so that employees transfer money to the criminals without the victims recognizing the fraud.

    A CEO fraud is a type of business email compromise in which cybercriminals impersonate executives and send emails in their name. The combination of deceptively real messages imitating executives and psychological tactics such as social engineering induces employees to act in the attackers’ favor, for instance by transferring large sums of money.

    In 2009, the Conficker virus spread in Germany and took control of hospitals, government departments, the German Bundeswehr, small and large organizations alike as well as hundreds of thousands of Internet users. The virus deactivated important security programs and downloaded malware among other things. Back then, Conficker was the largest botnet of all time. While the network did not cause huge damage to the computers themselves, it was responsible for massive economic damage and raised public awareness for trojans, viruses and botnets for the first time.

    Critical infrastructure are systems and organizations crucial for maintaining societal functions. Their disruption or breakdown would have considerable consequences on the community, e.g. bottlenecks in supply or threats of public security. Transport, energy, water, information technology, finance and the healthcare sector are examples for critical infrastructure in Germany.

    Cybercriminals attack computers or networks for financial as well as personal or political motives. Organized cybercriminals act highly professionally and cause considerable damage through their attacks.

    A Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt services by sending numerous requests to one server, one computer or other network components using large botnets. This can lead to a denial of active service if the computer under attack does not have enough resources to process all these incoming requests.

    Domain hijacking describes the illegal takeover of a domain, its content or user accounts. In the case of such an attack, cybercriminals, for example, change the registration data of the hijacked site to place malware on the original domain and intercept user data by faking login masks to use the information for further phishing attacks. In many cases, hackers use social engineering to collect data about the domain holder and have the domain changed by the registrar.

    E-learning (also known as electronic learning or online learning) describes a learning process using electronic technologies. In organizations, the term usually refers to trainings to be completed on the Internet or with the help of mobile applications. Employees can access the learning contents online and are able to complete the tasks autonomously and from any location.

    Emotet is a malware that spreads mainly via spam mails. It downloads additional malware on already infected systems in order to initiate further attacks. It was first discovered in 2014 and ever since new versions have caused considerable disruption. Emotet is especially known for crawling existing email attachments and using social engineering tactics. This makes the infected emails look even more realistic and thereby attack individuals more precisely.

    File sharing is the process of distributing files via the Internet. More specifically, the term often refers to the exchange of illegal copies of purchased software or media such as music and movies. Special programs such as so-called peer-to-peer or P2P networks are often used for this purpose.

    A firewall (also known as security gateway) is a security barrier set up between a computer system and a network. It monitors incoming and outgoing network traffic in both directions to prevent outsiders or malicious programs, from gaining access or causing damage. Based on this information and on individual settings, the firewall either grants access to the system and the network or restricts it. It thereby protects the system from cyber threats. Experts recommend a combination of antivirus programs and employee training for awareness building because a firewall alone does not guarantee comprehensive protection.

    Grayware refers to potentially risky software which can neither be categorized as pure malware nor as conventional software – this gray zone gives it its name. Most of the time, it does not cause any damage apart from displaying annoying and undesirable contents such as adverts or pop ups (adware) or spying on users’ online behavior (spyware). Grayware poses a security risk when it impedes the system’s efficiency.

    Hackers are computer experts with a high technical understanding and interest in creating and modifying programs. The term often refers to cybercriminals with bad intentions, so-called “black hats”. But it can also describe “white hats” or “ethical hackers” who use their knowledge to make networks and programs more secure.

    Hacktivists are a group of cybercriminals who attack computer systems for political or social reasons. They want to draw attention to social wrongs or controversial topics by disrupting services, e.g., disfiguring websites or publishing corporate information. Consequently, they often attack governments, as was the case with the attack on the German government, the so-called “Bundeshack”. Hacktivists also morally challenge the work of multinational corporations who they attack regularly.

    Identity theft is a special type of a cyberattack in which fraudsters act under false identities using somebody else’s name or a pseudonym and then create new accounts in the victim’s name.

    The Internet of Things (IoT) refers to systems of smart devices, i.e. “intelligent” objects that communicate with each other via the Internet. This enables the devices to be controlled by people via the internet without them needing physical access to the device. Smart devices can often also perform fully automated tasks without the need for additional instructions.

    The International Organization for Standardization’s norm, ISO/IEC 27001:2013 or just ISO 27001 provides recommendations on how IT security can and should be ensured in companies. Companies can be ISO 27001 certified if they comply with the corresponding security standards in relation to their information security management system. In doing so, they also comply with all required guidelines and laws, such as the EU-GDPR.

    JavaScript is a script language used in the dynamic development of websites to increase and enhance the design possibilities of HTML and CSS. It enables users to add interactive content such as buttons or animations. The web browser, not the server itself, interprets and processes the object-based programming language.

    The word malware is composed of the English “malicious” or Latin “malus” (meaning bad) and software. Malware is a collective term for a whole range of harmful software designed to perform unwanted and usually harmful actions. Prominent examples of malware are virus, worm and Trojan.

    The word phishing is derived from the English word “fishing”. It is an attempt to illegally “fish” for user’s personal data and use it for criminal purposes. Cyber criminals use fake emails, websites, or phone calls to obtain data. If the victim does not recognize the manipulation, access data, passwords and credit card numbers can unknowingly fall into unauthorized hands.

    In a phishing simulation (also known as a phishing test), emails that are very similar in structure and function to a real phishing email are sent to users. The aim is to train users on how to deal with real phishing emails in order to increase their awareness level and to be able to recognize them better in the future. Phishing simulations are generally harmless.

    Ransomware is a special type of malware that restricts systems partly or completely by encrypting stored data. Victims cannot access their systems unless they pay the required ransom.

    The term social engineering describes the emotional manipulation of people to induce certain behaviors. Social manipulation is often used to elicit confidential information, encourage the purchase of a particular product, or extort the release of funds. The tactic is increasingly used by cybercriminals for sophisticated attacks on users.

    Social hacking is a special type of social engineering. It involves manipulating, influencing, or deceiving people in such a way that cybercriminals gain control over users’ computer systems. The aim is to gain illegal access to users’ data or the organization they work for. In social hacking attacks, hackers usually contact their victims via email and private messages on social networks or call them.

    Spam or junk mails are mass emails that include commercial adverts or even harassment and which are sent without the receivers’ consent.

    In contrast to classic phishing where cybercriminals send emails to large numbers of inboxes, spear phishing focuses on and targets specific victims. In such cases, cyber criminals send deceptively real phishing mails, which include insider knowledge collected beforehand, with the view to obtaining confidential data or trigger certain behaviors.

    Trojans are a type of malware posing as a useful application while performing malicious activities on the users’ devices without their knowledge. Once installed, the trojan can infect the user’s computer with other malware and spy on sensitive data. The term trojan refers to the Trojan Horse from Greek mythology.

    With a two-factor authentication (2FA), users log in via two independent components (factors). In addition to the normal login via username and password, the entry of a code is required, which in many cases is generated on a smart phone. Only after entering this second code can access to the account be obtained. 2FA is a much more secure way of providing proof of identity.

    Voice over IP is a technology for voice transmission. In contrast to conventional telephony, the call is divided into data packets. The converted audio signal is transmitted via the Internet using IP which is also used to surf on the Internet.

    Vishing is the abbreviation for voice phishing and refers to a form of telephone fraud in which the victim is lured into giving out personal data over the phone. The aim is to trick the victim on the phone into giving out personal data. Often, the criminals catch the victim off guard by pretending to be an employee of a bank or software company, and persuade the victim to take ill-considered actions, such as transferring money.

    Virtual private network (VPN) software creates an encrypted “tunnel” for data into organizations’ networks.

    In information technology, a whitelist is a positive list or a list of exceptions. It might include trustworthy persons, organizations, applications, websites or other elements. An element included in the whitelist is approved to be used in other processes. Whitelisting is important for phishing simulations to circumvent mail filters and thus ensure the delivery of simulated phishing mails.

    Worms are a type of malware that spready via computer networks or removable devices such as USB flash drives. The term “worm” refers to real worms “crawling” into the farthest corners of the computer. Once the infected program is started, the worm replicates itself and spreads copies via all available communication channels.

    A zero-day exploit attack takes advantage of a software security vulnerability. The attack is usually carried out on the same day that the gap is discovered, i.e., before the software provider can fix the flaw. Zero-day exploits are often sold by hackers to cybercriminals who then implement them in new malware.

    Stage Hero

    Activate your human firewall!

    Our award-winning awareness platform offers your employees effective and engaging training
    on IT security topics with a lasting impact.

    More details

    Awareness Blog

    Information and tips all about cyber security

    Load More Posts
    Go to Top