A digital security glossary: Terms you need to know

Oct. 4, 2017

Digital technology doesn’t die — it just ages really, really quickly. To stay safe online, that means journalists and campaigners need to stay up-to-date with the latest vocabulary in digital security. Thanks to our huge digital footprints, it’s imperative to keep track of our personal data along with where and how it is stored. And to do that, the first step is to learn the language. To help protect yourself and your team, Advocacy Assembly compiled a list of cybersecurity keywords you need to know. 


1. Two factor authentication: Popular email services have extra layers of security when logging in. This is called two-factor authentication. It means that when you login to a service, you are asked for both a password and a random number generator by either an app or an SMS code. Using the option from an app is more secure than getting an SMS each time. 


2. Multi-factor authentication (MFA): Multi-factor authentication combines two or more independent credentials. The goal of MFA is to create a layered defense and make it more difficult for an unauthorized person to access a target such as a physical location, computing device, network or database. If one factor is compromised or broken, the attacker still has at least one more barrier to breach before successfully breaking into the target.Two-factor authentication (also known as 2FA) is a method of confirming a user's claimed identity by utilizing a combination of two different components. 


3. End to end encryption (E2EE) : End-to-end encryption is a system of communication where the only people who can read the messages are the people communicating. No eavesdropper can access the cryptographic keys needed to decrypt the conversation—not even a company that runs the messaging service. For example, companies that use end-to-end encryption are unable to hand over texts of their customers' messages to the authorities.


4. Ransomware : is a type of malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the users' files unless a ransom is paid.


5. DDoS attacks: A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.


6. Cyber attacks: A cyber attack is deliberate exploitation of computer systems, technology-dependent enterprises and networks. Cyberattacks use malicious code to alter computer code, logic or data, resulting in disruptive consequences that can compromise data and lead to cybercrimes, such as information and identity theft. Cyberattack is also known as a computer network attack (CNA).


7. Malware: is an overall term for the number of different pieces of malicious software that an adversary may try to get on your computer, phone or tablet.


8. Phishing: is one of the most common ways that malware gets onto our devices. We have seen activists all over the world, from Tibet to Mexico, targeted using this relatively simple method. 


9. Spyware: Programs that secretly record your activities on your computer are called spyware. They can be used for some perfectly legitimate purposes, but the majority of spyware is malicious. Its aim is usually to capture passwords, banking credentials and credit card details - and send them over the internet to fraudsters.


10. Password manager: A password manager assists in generating and retrieving complex passwords, potentially storing such passwords in an encrypted database or calculating them on demand. There are many different types of password managers available but one that we recommend is called KeePassX. It is open source, which means that it is free to use and it’s code can be checked for security bugs.

What about you? Have you ever thought about these keywords? If you found this helpful why not tweet us to @Advocassembly and let us know!

Want to understand digital security and how it affects you? Sign up to Security First’s four mini-courses here.