New to the cybersecurity game? Well, it might behoove you to bank a little vocab. Let’s take a look at 13 terms that may seem like jargon (well, they are), but express concepts you’ll need to understand digital security.
- Advanced persistent threat: An attack in which an actor uses sophisticated tech and tactics to gain access to a network, often staying undetected for a lengthy period of time. In this sort of an attack, the actor is often a nation-state. Attacks of this kind are used to pilfer information or to lie in wait for future mischief.
- Authentication: A process, such as a login and password combination, used to identify a user, process, or device prior to granting access to a system. Strong authentication is a verification process using several elements or stages, such as digital certifications and phone numbers in addition to a login and password.
- Bot: In the context of cybersecurity, a bot (also known as a zombie) is an Internet-connected computer that has been compromised by malicious code in order to use the computer for something other than what was intended. Bots work together in something called a "botnet," a network of compromised computers that is frequently used by hackers to send messages such as spam or malicious code without it being traceable.
- Brute force attack: The attempt to gain access to a network using repeated guesses at passwords or Data Encryption Standard keys.
- Darknet: A hidden neighborhood of the Internet, only accessible using non-standard protocols—most famously the Tor browser. The darknet is a marketplace for illegal substances and arms, stolen data, and software used for hacking. It is also a meeting place for, among others, criminals and terrorists. Sites on the darknet are not indexed and do not appear on search engines. Hidden web real estate can (and is) used for good as well, such as protecting dissidents in repressive regimes.
- Distributed denial-of-service (DDoS) attack: Distributed denial-of-service is the easiest, and therefore most common, type of black hat hacking attack. The attackers use multiple hosts to send requests to a target site at such a rate that it crashes.
- Encryption: The process of converting plaintext to ciphertext by an encryption algorithm. In other words, the plain message you wish to send—whether it is text or a sound file, a video, or something else—is encoded so that it is only understood by the sender and its intended recipient. Encryption is available through software, but most computer systems are already set up to encrypt all of your data.
- Hacking: Hacking is most often thought of as the action of gaining unauthorized access to information, devices, and networks. More accurately, black hat hackers do so to damage, steal, or commit other mischief. White hat hacking is devoted to unearthing vulnerabilities, often ones that the hackers believe a company or organization knows of but has not repaired.
- Malware: Short for "malicious software," malware is any program or file embedded into a system to run an unauthorized process for the purposes of capturing information, sabotaging the system, holding it for ransom, or other negative actions.
- Man-in-the-middle (MitM) attack: A type of attack in which the actor intercepts, alters, or eavesdrops on data as it travels between the sender and recipient. An example of this is intercepting messages through an unencrypted Wi-Fi connection.
- Phishing: A social engineering hack in which the actor attempts to trick a target into delivering access to the target’s system. An example of this would be a spoofed email message, which appears to come from a legitimate IP address belonging to a bank or major Internet site. The email requests the target enter their login and password or financial information. Spear phishing is the same type of approach, but with information targeting a specific individual or organization.
- Spoofing: Sending an email disguised to look like it is coming from someplace besides its actual origin. The IP address may be changed, the email address may mimic a known domain, and the email formatting may imitate the design attached to a well-known company or site.
- Virus/worm/Trojan: A virus is a self-replicating computer program, designed to be slipped into a computer in order to copy, delete, change, damage, or lock data. A virus frequently uses the infected computer to spread itself to other targets. Similarly, a worm does not alter files, but rather, it stays in active memory and replicates itself. A Trojan or Trojan horse is a virus that appears to have a useful function and uses that shell of legitimacy to avoid security measures.
This covers the most common cybersecurity terms, making it a great foundation for those who are looking for an introduction to cybersecurity jargon. Should you need more information on cybersecurity terminology, check out the National Institute of Standards and Technology and the National Initiative for Cybersecurity Careers and Studies.
If you are concerned with any of these security issues, please contact us -- we can cost-effectively improve your security posture via a rigorous program of people, process, and technology through our SOCVue security monitoring service.
Top photo credit: bikeriderlondon/Shutterstock