Table A1.
Glossary terms [30] used in the systematic review.
| Term | Definition |
|---|---|
| Cryptographic attack | An attack carried out with the intention of revealing information that has been concealed |
| Cyber attack | The act of intentionally disrupting data information |
| Cyber defence | The ability to prevent cyber attacks from infecting a computer system or device |
| Cyber resilience | The ability of an organisation to continue delivering healthcare services to patients despite adverse cyber events |
| Cyber risk | Exposure to harm or loss resulting from breaches of or attacks on information systems |
| Cyber threat | The possibility of a malicious attempt to damage or disrupt a computer network or system |
| Data breach | This is when information is lost, stolen, displaced, hacked or communicated to unofficial recipients |
| Denial-of-service (DoS) | An attack that aims to flood a network with traffic in order to disrupt service and prevent users from accessing network resources |
| Distributed Denial-of-service (DDoS) | A malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. DDoS attacks achieve effectiveness by utilizing multiple compromised computer systems as sources of attack traffic |
| Malicious software or Malware | A group of programs that are designed to harm or compromise a computer system without the permission of the user |
| Man-in-the-middle (MITM) or Eavesdropping | A reconnaissance attack in which an intruder intercepts communication between two parties. The attacker eavesdrops on the contents communicated by secretly acting as an intermediary in the information exchanged |
| Phishing | The use of social engineering to trick individuals or organisations into either divulging information or perform an activity harmful to their computer |
| Privilege Escalation | Attacks driven by the goal of achieving a higher level of access to a network or exploiting vulnerabilities in a program or network |
| Spyware | A software that is installed on a computer without the user’s knowledge, which transmits information about the user’s computer activities over the Internet |
| Ransomware | A type of malicious software designed to block access to a computer system until a sum of money is paid |
| Structured Query Language (SQL) Injections Exploit | Attack that exploit vulnerabilities in SQL to execute malicious “payloads" (harmful SQL statements), that make the data servers divulge information |
| Trojans | A type of malware designed to appear as useful, legitimate software |
| Virun | A common malware that self-propagates without the permission of the user and infects other computers |
| Worms | A type of malware that does not rely on a host file to run, self-replicate or propagate |