1.2 Terms related to cyber security

Threats

Think of threats as the different ways someone might try to sneak into your digital "house" to take something or cause trouble. This could be through:

Malicious Software (Malware)

Bad software that can mess up your computer, steal your information, or lock you out until you pay a ransom.

Data Breaches

When someone breaks into a company's or website's storage and steals private information like passwords or credit card numbers.

Denial of Service Attacks (DoS)

When hackers flood a website with so much traffic that it can't work properly, making it impossible for anyone to use it.

Vulnerabilities

Vulnerabilities are like the unlocked doors or weak spots in your digital house that make it easier for thieves (hackers) to get in. They can be:

Software Flaws: Mistakes in programs or systems that hackers can use to break in. This could be a bug or a backdoor left by the software creators.

Features Misused: Normal parts of a computer or website that can be twisted for bad purposes, like cookies (small data files) or JavaScript (a programming language for web pages) that can trick your browser into visiting harmful sites.

User Error: Mistakes that we make, like clicking on a bad link, using easy-to-guess passwords, or losing our gadgets, which can give hackers a way in.

Zero-day Exploit or Attack: This happens when a hacker discovers and uses a flaw in software before the company that made the software can fix it.

Risk

Risk is the chance of something bad happening because of threats, vulnerabilities, and what would happen if those threats actually took place. If a company has valuable information, weak security spots, or if an attack would cause a lot of damage, the risk is higher.

Exploits

An exploit is a tool or piece of code that takes advantage of vulnerabilities to break into systems. It's like a thief having a master key to get into any door that has a specific weak lock. Exploits can be hidden in websites, so just visiting the wrong site could let hackers drop malicious software onto your device without you realizing it.

So, in a nutshell, cyber security is all about understanding the bad things that could happen (threats), finding and fixing the weak spots (vulnerabilities), knowing the chances of being attacked (risk), and stopping the tools that hackers use to break in (exploits).