Cyber Glossary

As cyber risks become an increasing part of our broker's dialogue with clients, we thought it would be helpful to offer a brief guide on some of the terminology that is now associated with the cyber risk landscape. The terms and definitions below are for informative purposes only and meant to provide a general description of some common cyber terms. They do not form part of Aetna's insurance policies.

•Applications software (also called end-user programs) Includes database programs, word processors, and spreadsheets. Figuratively speaking, applications software sits on top of systems software because it is unable to run without the operating system and system utilities.


•Botnet - A botnet refers to a network of "robot" computers that automatically transmit spam, malware or viruses without the owner's knowledge. Computers in the botnet are referred to as "Zombies" as the computers usually injected by a trojan are controlled by the botnet creator and not the computer owner.


•DoS Attack (Denial-of-Service Attack) - 

A type of attack on a network that is designed to bring the network to its knees by flooding it with useless data.


•DDoS (Distributed Denial-of-Service) - 

The incoming data that floods the victim network originates from many different sources, effectively making it difficult to distinguish legitimate user-traffic from attack-traffic and almost impossible to stop as the origin is spread across so many points.


•PCI DSS (Payment Card Industry Data Security System, sometimes referred to as PCI) - A proprietary information security standard developed by MasterCard, Visa, American Express, Discover and JCB International to assist merchants in preventing payment card fraud and to improve security around processing and storing payment card details. PCI addresses minimum security requirements such as firewalls, encryption and anti-virus software.


•Sniffer - A program and/or device that monitors data travelling over a network. These programs can be used both for legitimate and illegitimate network purposes.


•Malware - An abbreviation for "malicious software", generally designed to secretly access a computer system without the owner's consent and steal data for illegal purposes. Malware includes computer viruses, Trojan horses, crimeware, rootkits and worms.


•Metatags - Hidden code embedded into web pages that enable search engines to quickly gather information about the pages.

•Phishing - A "con game" on the internet to collect personal information. Spear phishing is a more targeted phishing attempt on a specific user to collect personal or confidential information.

•PII (Personally Identifiable Information) - Unique information that establishes an individual identity.

•GDPR (General Data Protection Regulation) - 

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union. It addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. Unlike a directive, it does not require national governments to pass any enabling legislation and so it is directly binding and applicable.

•Cloud Computing - A type of computing that relies on sharing computing resources via the internet rather than having local servers or personal devices to handle applications.


•Cyber - A prefix used in a growing number of terms to describe anything related to the internet. Cyberspace is the non-physical terrain created by computer systems.


•IDS (Intrusion Detection System) - 

A passive monitoring system designed to warn you of suspicious activity that might result in a virus, worm or hacker by looking for intrusion signatures. IDS is NOT a firewall as it only signals an alarm as opposed to preventing an intrusion.


•IPS (Intrusion Prevention System) - 

A combination of IDS and an application layer firewall for protection, IPS is generally considered to be the "next generation" of IDS.


•White Hat Hacker - A hacker that uses their skills to expose system vulnerabilities before malicious hackers (known as black hat hackers) exploit them. Typically, they are hired by an organisation to improve system security.


•PKI (Public Key Infrastructure) - 

A system of digital certificates, Certificate Authorities, and other registration authorities that verify and authenticate the validity of each party involved in an Internet transaction. PKIs are currently evolving and there is no single PKI nor a single agreed-upon standard for setting up a PKI.


•Rootkits - Malicious software that is activated each time your system boots up. They are difficult to detect because they are activated before your system's operating system has completely booted up. Rootkits are able to intercept data from terminals, network connections and the keyboard.


•SQL Injection (Standard Query Language) - 

A form of attack on a database-driven website in which the attacker "injects" unauthorised SQL commands to bypass firewalls. SQL injection is a very common intrusion tool in cybercrime.


•Trojan or Trojan Horse - A destructive program that disguises itself as a benign network application but is designed to destroy and delete files. They often go undetected by antivirus software.


•Virus - A program that is loaded onto a computer and runs without the users' knowledge. All computer viruses are manmade and even self-replicating. It is dangerous because it will quickly use up all available memory and bring the system to a halt. More dangerous virus types are capable of transmitting themselves across networks, bypassing security systems and creating backdoors into networks.


•Waterhole Attack - An attack where users are lured to a compromised website, "watering holes", where threat actors plant malware on unsuspecting visitors to that website.


•Worm - A worm is a special class of virus that can replicate itself and use memory. However, unlike a virus, worms cannot attach themselves to other programs.

•Zero Day Vulnerabilities - A vulnerability in source code that is unknown to the developer when it is exploited by hackers to launch a "zero-day attack". I.e. there are zero days between the time the vulnerability is and the first attack. This means that there is no known security fix because developers are oblivious to the vulnerability or threat.

If you require further assistance with the language of Cyber risks, please contact your local Aetna distribution team for assistance.