National Cyber Security Awareness Month: Demystifying Cyber Security Acronyms and Terms
LEXINGTON, Ky. (Oct. 12, 2017) — University of Kentucky Information Technology Services is providing tips and advice throughout Cyber Security Awareness Month. Below is the second in a series of stories, focused on terms to know.
Whether we realize it or not, the internet touches nearly all aspects of our daily lives. With the perpetual connectivity to the internet through multiple devices increasing cyber security concerns arise. Anyone can fall victim to cyber security attacks.
Cyber security brings with it an ever-evolving library of terminology that at times can be difficult to understand. Below we attempt to demystify some of the more common terms utilized today.
Cybercrime is the act of using a computer or other internet technology as a tool to commit illegal acts. Examples include piracy, phishing, fraud and identity theft.
Commonly, used by gamers, “pwned” is computer slang, meaning “own.” For example, if you’re playing a game and another player beats you he can say that he “pwned” you. In cyber security, being “pwned” means that a hacker has gained control of your computer.
Files that are constantly moving across a network. Torrents are tagged so that any particular torrent can be located from anywhere on the network with the correct software.
Malware (aka malicious software) is a software file or program that has the power to contaminate your computer by infecting it with viruses, worms, spyware, trojans (malware disguised as legitimate software) and more. Malware can steal, delete, encrypt, hijack and alter sensitive personal data. Malware comes through the internet via email, software downloads and torrent files. If you have frequent spam pop-ups, your computer is extremely slow or it crashes often, you’re likely a victim of malware.
To prevent malware contamination, if you are a UK student, faculty or staff member Microsoft Essentials can be downloaded at https://download.uky.edu. Others can purchase antivirus protection programs such as Microsoft Essentials, Bitdefender or Avira.
Ransomware is a type of malware that locks your computer screen or files by freezing it, preventing access until a ransom is paid. This happens mainly with large organizations and companies like universities, hospitals and banks. Ransomware generally starts with the appearance of an unusual file or notification on the screen that will not allow you to use your computer, followed by instructions on how to pay the ransom. Ransomware can be accidently downloaded from websites, attachments from spam emails, or from a payload (component of a computer virus that executes a malicious activity). Ransom is asked in the form of money, gift cards and bitcoins so that the receiver cannot be traced. Paying the ransom does not guarantee your system will be unlocked.
To protect yourself from ransomware attacks, avoid clicking on links and opening attachments from strangers. Avoid any phone calls where the caller is demanding an immediate payment for a civil or criminal offense that they are claiming you are responsible. Consider all of your alternatives to ensure that you’re backing up your most critical data in the safest way possible.
DDOS (Distributed Denial of Service) Attack
DDOS is a single attack on your computer system from multiple systems which have been compromised by malware. This attack creates an overload of incoming traffic and messages, causing the system to shut down. DDOS attacks utilize botnets (machines that have been compromised) through attachments and emails containing malicious software. Once a system has been compromised, the attacker controls the systems, instructing them to flood your site with fake requests. The attack can last anywhere from minutes to months, depending on how long the attacker decides.
What should students, faculty and staff do if they have fallen victim to cybercrime or are worried about the risks?
Information Technology Services (ITS) is here to help. If you think your computer has been compromised, need help understanding the variety of options available to protect your personal data, or have any other questions on this topic, ITS is available 24/7 via phone at 859-218-HELP (4357) or email at email@example.com.