Malicious hackers exploit unknowing computer users, hijacking login credentials, freezing file access, swiping personal identification details, and even rendering their device unusable.
As more business moves online, protecting your company’s data, employees, customers, and sensitive information are crucial. This means you and your team need to know what to look out for and how to respond.
But if you’re reading this article, it’s likely you need some cybersecurity 101 to have a firm grasp on the basic cybersecurity terminology.
Here are 9 cybersecurity terms you should get familiar with.
1. Data breach
A data breach occurs when a user gains access to protected information without permission, such as passwords, credit card details, and email addresses. The data is typically stolen and used to commit fraud and other crimes.
Data breaches can be devastating for your small business and prevention will be your best ally. One way is to ensure you are meeting the highest standards for data protection. That means having the appropriate payment security in place and ensuring your business is PCI-DSS (Payment Card Industry Data Security Standard) compliant.
Becoming PCI-DSS compliant isn’t just a regulation enforced, it shows your customers that their data is safe when shopping with you. Plus, when you implement these measures in your business, you make it harder for cybercriminals to find a way in.
Authentication involves verifying a user’s identity, a process that typically includes entering a username or email address and password.
Multi-factor authentication requires you to show more than one piece of information to gain access to an account. For example, you may need to enter a password, and a four-digit code sent to your smartphone.
Malware — also known as malicious software — infects Internet-connected devices, giving criminals access to the devices’ contents. This includes any devices you use to do business tasks such as phones, iPads, or computers. Different malware achieves different objectives. Some steal sensitive data and use that data to access bank accounts, and others freeze the device and demand payment.
Read More You can read more about 4 of the more common types of malware in our article: How hackers hack.
Ransomware is a type of malware that prevents users from accessing their system and data. The software asks the user to pay a ransom — often via Bitcoin or another cryptocurrency — in return for access to their files. Sometimes, paying the ransom works. Other times, the ransom is paid, yet the data remains locked.
Phishing emails appear legitimate, but are carefully engineered by cybercriminals to dupe unsuspecting users into divulging private information or downloading an attachment. Always be cautious of emails that ask you to reply with your password or any other personal information. To check whether an email is genuinely from your bank, Internet service provider, or any other organisation, phone the company directly using the number listed on their website.
6. Trojan horse
A Trojan horse is a type of malware that disguises itself as reputable software. Trojan malware attacks have continued to evolve and come in many different forms. Some include:
- SMS Trojan – infects your mobile device and can send and intercept text messages;
- Trojan IM – targets your instant messaging and steals your logins and passwords;
- Downloader Trojan – downloads and installs new versions of malicious programs on your infected computer;
- Mailfinder Trojan – aims to steal the email addresses you’ve accumulated on your device;
- Ransom Trojan – similar to Ransomware, where it seeks a ransom to undo the damage done to your computer such as blocking your data or affecting your computer’s performance.
There are many more types of Trojan horses and multiple ways you can protect your business from them. A general rule would be to never click, visit, or download anything you think looks unsafe or doesn’t come from a legitimate source.
A firewall is a defence technology that helps keep cybercriminals away from your business. Firewalls can be either software- or hardware-based.
Encrypted data is encoded and can only be accessed by those that possess the ‘key’. Encrypted data is not accessible by unauthorised users, meaning even if your information ends up in the wrong hands, the cybercriminal will not be able to use it.
A keylogger is a type of software that records every letter, number, and special character typed by a computer user. Cybercriminals have long used keyloggers to obtain passwords and other sensitive information.
Level up your business’ cybersecurity
You can protect yourself, your business, and your customers against cybercrime with a robust security strategy. Learn more about eWAY’s Merchant Trust Initiative (MTI), which will give you the tools you need to improve security within your business, including guidance on how you can become PCI-DSS compliant.