Cybersecurity Basics: Terms and Definitions All Campus Safety Pros Should Know

Malware. Phishing. Password attacks. What’s the difference, anyway? Everyone involved in campus safety would benefit from knowing these general cybersecurity terms.

Cybersecurity Basics: Terms and Definitions All Campus Safety Pros Should Know

Phishing

Phishing attacks masquerade as legitimate requests for information through email and trick users into revealing account credentials or other information. Some attackers leverage fake domains that are similar to legitimate websites in an attempt to capture credentials. The emails often appear to be legitimate but link the recipient to a malicious file or script designed to give hackers access to the device and take control.

Phishing attacks can also take place through phone calls (voice phishing), text messages (SMS phishing), or on social media networks through direct messages.

Man-in-the-Middle (MitM) Attacks

These attacks occur when a hacker intercepts the communication between two parties in an attempt to spy on the victims, steal personal information or credentials, or alter the conversation in some way.

According to Lepide, MitM attacks are less common these days as most email and chat systems use end-to-end encryption which prevents third parties from tampering with data that is transmitted across the network, regardless of whether the network is secure or not. This type of attack often exploits unsecured public WiFi networks.

Phishing or malware attacks are often leveraged to carry out a MitM attack, says Infocyte.

Denial-of-Service (DoS)/Distributed Denial of Service (DDoS) Attacks

DoS attacks work by flooding systems, servers and/or networks with traffic to overload resources and bandwidth, potentially resulting in the system being unable to process and fulfill legitimate service requests. Most sophisticated firewalls are able to detect and respond to DoS attacks.

However, DDoS attacks are launched from several infected devices with the goal of achieving service denial and taking a system offline, making way for another attack to enter the network/environment. In Oct. 2020, a DDoS attack paralyzed the Miami-Dade County Public School’s e-learning platform.

A 2020 joint report from DNS security firm EfficientIP and International Data Corp found four out of five companies experienced a DNS attack, with traditional DDoS making up 27% of the attacks (39% experienced phishing attempts and 34% experienced malware-based attacks).

Graphic Source: IDC 2020 Global DNS Threat Report

In 2019, a man was sentenced to 10 years in prison and ordered to pay $443,000 for launching a DDoS attack against several U.S children’s hospitals in 2014. Authorities said the hackers knocked Boston Children’s Hospital offline for days, disrupting the day-to-day operations and research capabilities.

Internet of Things (IoT) Attacks

The Internet of Things (IoT) is a network of Internet-connected objects able to collect and exchange data, such as IP phones, printers, intercom systems, and security cameras. IoT devices are generally less secure than most modern operating systems, making them a big target for hackers. The interconnectedness of IoT devices makes it possible for hackers to breach an entry point and use it as a gate to exploit other devices in the network.

More than 30% of all network-connected endpoints are IoT devices, and a 2019 Gartner report found the adoption of enterprise IoT grew 21.5% from 2018 to 2019, totaling an estimated 4.8 billion devices.

A 2020 report from Unit 42, a threat intelligence team at Palo Alto Networks, analyzed security incidents spanning 1.2 million IoT devices in thousands of locations across enterprise IT and healthcare organizations in the U.S. The analysis found that “the general security posture of IoT devices is declining, leaving organizations vulnerable to new IoT-targeted malware as well as older attack techniques that IT teams have long forgotten.” It also found 98% of all IoT devices are unencrypted, potentially exposing personal and confidential data.

Password Attack

This is a type of cyberattack where a hacker tries to guess a user’s password. Methods used to identify an individual password include social engineering, gaining access to a password database, testing the network connection to obtain unencrypted passwords, or simply by guessing.

In 2020, remote work and distance learning brought on a whole host of cybersecurity issues which were compounded by the surge in the use of videoconferencing platforms like Zoom, Microsoft Teams and Google Meets. Through this surge, researchers discovered that tiny visual cues and an algorithm can be used by hackers to guess a user’s password if they sign in to an account while on a video call.

According to Forbes, citing the study, a hacker can use a methodology called keystroke inference, which is essentially watching the shoulders and upper arms for clues as to what the user at the other end of the call is typing.

Graphic Source: Zoom on the Keystrokes: Exploiting Video Calls for Keystroke Inference Attack

It is likely we’ll see less and less of these attacks as more options become available for identity verification. According to Experian’s annual Global Identity & Fraud Report, for the first time in four years, passwords did not earn a spot in the top three most secure methods for authenticating a customer’s identity. This is especially good news since a 2020 survey from Visual Objects found Millennial workers are 6.5 times more likely to reuse work passwords than Baby Boomers, who use safer password practices.

Cybersecurity experts recommend companies integrate a two-factor authentication system or a password manager. Neither requires employees to recall complex strings of characters and both better protect data.

Server Query Language (SQL) Injections

SQL injections occur when an attacker inserts malicious code into a service using SQL language, forcing the server to deliver protected information. It usually involves submitting malicious code into an unprotected website comment section or search box.

SQL databases use SQL statements to query data, and these statements are typically executed through an HTML form on a webpage, according to Lepide. If the database permissions have not been set properly, the attacker may be able to exploit the HTML form to execute queries that will create, read, modify or delete the data stored in the database.

Cross-Site Scripting (XSS) Attacks

These attacks are similar to SQL injection attacks except instead of extracting data from a database, they are usually meant to infect other users who visit the site.  Using the example of the comments section on a webpage, Lepide says if the user input isn’t filtered before the comment is published, an attacker can publish a malicious script that is hidden on the page. When the user visits the page, the script can infect their device or be used to extract the user’s credentials. The attackers could also redirect the user to a malicious website.

Graphic Source: Cloudflare

Zero-Day Exploit

In these cyberattacks, hackers learn of a new vulnerability in a widely-used software program or operating system and then target organizations who use that software to exploit the vulnerability before a fix becomes available.

Rootkits

Rootkits are installed inside legitimate software and enable attackers to gain remote control and administration-level access over a system. Infocyte says since rootkits hide in legitimate software, once a user allows the program to make changes to their operating system, the rootkit installs itself in the system and remains dormant until the attacker activates it or it is triggered through a persistence mechanism.

Rootkits are typically spread through email attachments or downloads from insecure websites.

Improving Cybersecurity on Your Campus

It is clear that cyberattacks are a real threat to hospitals, K-12 school districts and colleges campuses, and have been worsened by the pandemic. Strong cybersecurity practices are a must-have to truly ensure the safety and security of all students, patients, and employees.

Here are some resources that emphasize the importance of cybersecurity:

And for IT and cybersecurity employees who may have their work cut out for them, here are some ways to help avoid burnout.

About the Author

Contact:

Amy is Campus Safety’s Senior Editor. Prior to joining the editorial team in 2017, she worked in both events and digital marketing.

Amy’s mother, brother, sister-in-law, and a handful of cousins are teachers, motivating her to learn and share as much as she can about campus security. She has a minor in education and has worked with children in several capacities, further deepening her passion for keeping students safe.

In her free time, Amy enjoys exploring the outdoors with her husband, her 2 children and her dog.

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters
Campus Safety Online Summit Promo Campus Safety HQ