A beginner's guide to cyber security terms

Encryption - One of the most effective ways to mitigate the risk of a data breach is to ensure that all confidential data that your charity stores is encrypted using a proven encryption method. That means that even if a hacker gains access to your data, they will be unable to use it without a decryption key.  

Endpoint security system - Traditional anti-virus software installed on charity staff computers has evolved into software that provides protection against many different types of cyber security threats including ransomware and hacker attacks. This type of software is now known as endpoint security software but many people still call it anti-virus or AV software. 

Exploit - In the cyber security world, an exploit is a specific technique that hackers develop to get unauthorised access to a computer system. In order to develop an exploit, hackers first need to discover a programming error or some other form of vulnerability in a piece of software (or occasionally hardware). The exploit is so-called because it exploits a particular weakness or vulnerability. 

Firewall - A firewall carries out a similar job to a nightclub bouncer: it sits at the entrance to a charity’s network and watches all the data attempting to get in. Its purpose is to ensure that only legitimate data can get onto the network, while preventing data sent by hackers or other unwanted data from gaining entry. Many modern firewalls are now equipped with other security features including the ability to set up secure VPN (see below) connections. 

Hacker - A hacker is a term commonly used to describe a cyber criminal, or anyone who attempts to interfere with other people’s computer systems with ill intent. Originally, a hacker simply referred to someone who liked to experiment with computer systems, so many cyber security experts prefer to use the term malicious hacker or black hat hacker when referring to cyber criminals. 

Key logger - A hacker who gets access to an end user’s computer may install a key logger. This is a particularly malicious piece of software which records every keystroke that a user makes, and then sends this information to the hacker. A key logger can be used to discover passwords when they are typed in by the user. 

Malware - This is the name given to any type of malicious software, including viruses, ransomware (see below), and key loggers. In general, malware is software which the user never intends to have running on their computer, and often the user will be unaware of its presence. Endpoint security software detects malware using a number of techniques, including recognising specific pieces of data associated with the malware (a so-called signature) and spotting suspicious activity on the computer which may indicate that malware is present. 

Patch / update - Hackers will attempt to gain access to a computer system using an exploit that makes use of a specific vulnerability in a piece of software. Once a vulnerability is discovered, software makers usually release a patch or update to the software which removes the vulnerability so that the exploit no longer works. For that reason, it is very important from a cyber security perspective to ensure that all software run by your charity is patched or updated as promptly as possible. 

Penetration testing - A good, but costly, way to check your cyber security measures is to employ experts to carry out a penetration test. This involves the experts pretending to be hackers and attempting to break into your charity computer systems to try to access confidential information. After a penetration test, the testers should provide a full report of any weaknesses that they found in your cyber security defences and recommended actions you should take to ameliorate the situation. 

Phishing - The most common cause of a data breach is a phishing attack. Phishing involves a hacker sending out emails which trick users into clicking on links which lead to websites controlled by the hacker, or which result in malware such as a key logger being downloaded onto the user’s computer. Phishing can be difficult to detect, so charity staff need to be trained to detect phishing emails, and not to click on links in emails. 

Ransomware - One of the fastest-growing cyber security threats, ransomware can cause huge problems to charities that fall victim to it. When ransomware infects computers on a charity’s network it silently encrypts the data that it finds, making it inaccessible. A screen then appears demanding the payment of a ransom in return for the key needed to decrypt the data. It is possible to decrypt some versions of ransomware using free tools, but in general organisations have to restore data from backups in order to regain access to it.  

Social engineering - Some hackers gain unauthorised access to computer systems by tricking charity staff members into revealing confidential information such as passwords by pretending to be someone they are not. This is known as social engineering, and it often takes the form of a hacker calling a staff member and saying that they are from the IT department and that they need to know the staff member’s password so that they can fix an issue with their account. 

Two factor authentication - Two factor authentication makes it harder for a hacker to get unauthorised access to an account by requiring that a user supplies a second credential, in addition to a password, when logging in to an account. This may take the form of a one-time code sent to their mobile phone, a biometric such as a fingerprint, or some other piece of information. Sometimes known as 2FA, two factor authentication is particularly important for protecting information held on services based in the cloud.  

VPN - A remote access virtual private network, or VPN, provides a secure way for home workers to connect to their charity’s network and computer systems. Once a VPN has been set up, all the data that travels between the home worker’s computer and the charity network is encrypted so that it can’t be read even if it is intercepted by hackers as it travels over the internet. VPNs typically require a piece of software running on the home worker’s computer, and VPN hardware (which may be built into a firewall) at the charity’s offices. 

Vulnerability - A vulnerability in a piece of software is a coding error or some other feature of the application which does not work exactly as expected. When hackers find vulnerabilities, they may design exploits which take advantage of the vulnerability to allow them to gain unauthorised access to computer systems, or to steal data. Software with a known vulnerability should be patched or updated as soon as possible to remove the vulnerability. 

Vulnerability scanning - Since charities often run many different software applications on their computer systems, it can be difficult to keep track of which applications have known vulnerabilities. A vulnerability scanner identifies all the software on a single computer or on all the computers on the network, and then checks for any that have known vulnerabilities. 

Zero Day - When a vulnerability is discovered, software makers try to release a patch or update that removes the vulnerability before hackers can develop an exploit. A zero day exploit, or zero day, is one which is developed and used by a hacker before the software maker is even aware of the vulnerability. That means that the hacker can be sure that their exploit will work until a patch is released. For this reason, a zero day is extremely dangerous.