Page:Cyber Threats to Elections Lexicon 2018 CTIIC.pdf/23

 

A type of cyber attack designed to prevent users from accessing a network-connected service by sending simultaneous illegitimate requests from numerous sources. Data is sent to overload a network’s resources.



The process of translating binary characters into representing characters (e.g., letters and numbers).



The conversion of plaintext, by means of a defined system (e.g., a “cipher”), so that it is unintelligible to an unauthorized recipient.



The transfer, either electronically or physically, of information from a victim system by a threat actor without the data owner’s permission.



The act of extracting and gathering intelligence data, often from a cyber attack or cyber espionage.



A compromised or commercially purchased intermediary system that is used as a proxy to disguise the attacker’s true point of origin.



Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide integrity, confidentiality, and availability.



The risk that one or more individuals with the access to and/or internal knowledge of a company, organization, or enterprise would exploit the vulnerabilities of that entity’s security, systems, services, products, or facilities with the intent to cause harm.