Intrusion Set
A group of cyber security incidents that share similar cyber actors, methods, or signatures.
Intrusion
A computer system or network compromise; may describe a broad range of activities used to support cyber attacks, cyber influence, or cyber espionage. See also: Compromise, Penetration.
Malicious Cyber Activity
Activities, other than those authorized by or in accordance with US law, that seek to compromise or impair the confidentiality, integrity, or availability of computers, information or communications systems, networks, physical or virtual infrastructure controlled by computers or information systems, or information resident thereon.
Network
An information system comprising a collection of interconnected computers or devices.
Penetration
The unauthorized access or compromise of an electronic system, computer, or network by a cyber actor. See also: Compromise, Intrusion.
Persistence
The ability of malware (malicious software) to maintain access to a compromised system even after mitigation steps have been taken. Achieving some degree of persistence eliminates the need to reinfect a machine.
Personally Identifiable Information (PII)
Any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means.
Reconnaissance
The act of determining vulnerabilities in a targeted system or network. (Common examples include port scanning and open network traffic analysis.)
