Advanced persistent threat (APT)
Tuma pakepake arā atu anō
A well-resourced, highly skilled cyber actor or group that has the time, resources, and operational capability for long-term intrusion campaigns. Their goal is typically to covertly compromise a target, and they will persist until they are successful. They are very capable of compromising secured networks using both publicly disclosed and self-discovered vulnerabilities.
Botnet
Whatunga Pūwerewere
Normally networks of compromised personal or office devices such as internet modems, personal computers, or network attached storage. Malicious cyber actors use these as infrastructure to send spam, perform denial-of service activities, or attempt to obfuscate the origins of a malicious cyber campaign.
Cloud service
Ratonga kapua
Provides ubiquitous, convenient, on-demand access to shared pools of computing resources (such as servers, storage, or online applications).
Common vulnerabilities and exposures (CVE)
Whakaraeraetanga
A vulnerability is a weakness in software, hardware, or a network that can be exploited by an actor. The Common Vulnerabilities and Exposures (CVE) database is a publicly available register of known vulnerabilities, each assigned a unique identifier in the format of CVE-yyyy-xxxx.
Credentials
Whakatūturu pārongo
A user’s authentication information used to verify identity – typically a password, token or certificate.
Cryptocurrency miner
Maina moni whitirangi
Malicious software that co-opts computing resources for generating cryptocurrency. Many digital currencies require the solving of computationally intensive mathematical problems in order to generate digital assets
Cyberspace
Āteatāurungi
The global network of interdependent information technology infrastructures, telecommunication networks, and computer processing systems in which online communication takes place.
Cyber security
Whakahaumaru ā ipurangi
Measures to protect systems, data, and devices from unauthorised access, and ensuring the confidentiality, integrity, and availability of information.
Data breach
Raraunga wāwāhi
The intentional or unintentional release of sensitive or private information into an unsecure environment.
Defence evasion
Karo kaupare
A tactic that describes a series of attempts to avoid network defenders discovering a malicious actor.
Denial of service (DoS)
Whakakore ratonga
An attempt to make an online service unavailable by overwhelming the service with more traffic than it can handle.
Disinformation
Ngā kōrero horihori
The deliberate, intentional spread of false and misleading information designed to achieve a strategic purpose.
Exfiltration
Tāhae
Where an actor has unauthorised access to private organisational data (for example, legitimate credentials or intellectual property), and copies it from a system.
Hybrid threat
Tuma momorua
A mix of military, non-military, covert and overt activities by state- and non-state-sponsored actors that occur below the line of conventional warfare.
Hypervisor
Kaiwhakahaere pūrere marik
Software enabling the creation, management, and running of discretely hosted virtual machines (VMs) on the same hardware.
Incident
Maiki
An occurrence or activity that appears to have degraded the confidentiality, integrity, or availability of a data system or network.
Indicators of compromise (IoCs)
Paetohu whakamōrearea (ngā IoC)
Usually IP addresses, domain names, or files that may be shared publicly or in confidence. Together they suggest a computer system or network may be compromised.
Living off the land
He ora nō te whenua
A technique using legitimate and pre-existing software on a victim network, in contrast to the installation of malicious software, to maintain network accesses. Use of legitimate software and accounts is less likely to raise alerts for defenders.
Malicious cyber actor
Nanakia tūkino mōhiohi
An individual or group of people who seek to exploit computer systems to steal, destroy, or degrade an organisation’s information. Actors may be individual computer hackers, part of an organised criminal group, or state-sponsored.
Malware
Pūmanawa kino
Malicious software or code intended to have an adverse impact on organisations’ or individuals’ data, such as viruses, Trojans, or worms.
Mitigation
Ārai mōrea
Steps that organisations and individuals can take to minimise and address cyber security risks
Nationally significant organisation
Whakahaere hira ā-Motu
Organisations such as government agencies, key economic generators, niche exporters, research institutions, and operators of critical national infrastructure. If these organisations were affected by a cyber security incident, the impact could lead to national-level harm.
Opportunistic cyber activity
Ngohe ā-ipurangi tūpono
Occurs when malicious cyber actors select their victims based on the availability of a vector of compromise, regardless of victim location, sector, or intelligence value.
Personal information
Ngā mōhiohio whaiaro
Information about an individual, including name, date of birth, biometric records, medical, educational, financial, and employment information.
Phishing
Hītinihanga
The use of fake, deceptive, or alluring messages to solicit a behaviour from the recipient – such as clicking a link or divulging personal information or credentials.
Public attribution
Whakahuatia whānuitia nō hea
A tool used by governments and private-sector organisations to deliberately release information about the source of a cyber intrusion, primarily to uphold norms about what constitutes acceptable state behaviour in cyberspace.
Ransomware
Pūmanawa utu uruhi
A type of malware designed to disrupt the use of computer systems and files until a ransom is paid.
Supply chain compromise
Poke ara ratonga
A form of attack that targets software, hardware, or an IT service provider, where the ultimate aim is exploit downstream customers.
Targeted cyber activity
Ngohe ā-ipurangi heipū
Occurs when malicious cyber actors demonstrate an intent or a tasking to compromise an organisation for its intelligence value, regardless of a specific access vector.
Virtual private server (VPS)
Tūmau tūmataiti mariko
A portion of a large physical server divided into virtual spaces available for temporary use.
Zero-day vulnerability
Whakaraeraetanga rā-kore
A software vulnerability for which there is currently no patch, and for which there is often no CVE number assigned. The term derives from the number of days for which defenders and developers have been aware of the vulnerability.