Essential Cyber Security Terminology
Now that cyber security is increasingly in the spotlight, and top-of mind for individuals and businesses, it’s important to know essential cyber security terms to help you navigate the conversations. We have compiled our ABC’s of Cyber Security to provide you this short glossary of terms, to help you have a better base-line understanding of common attack types, hacker types, technical terms and more. Our website’s glossary offers a much more comprehensive collection for further learning.
Behold: the ABC’s of Cyber Security:
Attribution is the process of finding the source of a cyber-attack to ensure that a counterattack is directed to the correct violator. There are debates as to the importance of attribution as it is often difficult to find the source of a perpetrator and they often reside outside of any judicial jurisdiction. Many, however, believe it to be a crucial step in forming counterattack tactics.
Adware is short-hand for advertising-supported software and will do a number of obnoxious actions for its users. Adware will display unwarranted ads to an online user or redirect search requests to advertising websites. It can also collect marketing, and other, data without the user’s knowledge or consent.
Anti-virus software is your first defense and preventative measure against security breaches. The software will search your hard-drive for any known or potentially uncovered viruses. With continual enhancements, most anti-virus software perform a plethora of protective actions against malware, ransomware, worms, Trojans, APT’s and more.
Also known as a Trapdoor, a backdoor is a technique used to bypass system security to access a computer’s information, undetected. Network administrators may use backdoors for troubleshooting and other official uses, but they are often used by hackers to gain access to a computer for collecting information and installing malicious software.
Black Hat Hacker
Black Hat Hackers are also known as Crackers or Dark-side Hackers. These hackers use their wealth of computer and security knowledge to breach systems and bypass system security with malicious intent. They’re the bad-guy hackers.
Brute-force cracking basically amounts to continually guessing a password until one gets it right and gains entry to a site. It can also mean similar trial-and-error means of finding hidden pages. You can learn in depth about Brute-force Cracking here.
The origin of cryptography comes from the Greek word kryptos, meaning hidden or secret, and graphein, meaning to write. Cryptography simply means to write code.
Cracking describes the various actions of a Black Hat Hacker. This involves social engineering, reverse engineering, creating unwarranted backdoors and any other means to breach a system with malicious intent.
Crimeware is a malicious software which a Black Hat Hacker downloads to unsuspecting victims’ computers in order to perform illegal, online action. This download often goes unnoticed and can be used to gather information, and perform other malicious actions, for extended periods of time.
DDoS stands for Distributed Denial of Services and are one of the most common attacks used to compromise an organization’s system. They are a type of DOS attack which use multiple compromised systems to target a single system. These compromised systems are typically infected with a Trojan and are used to overwhelm an online service impacting abilities to publish and access important information. You can learn in-depth about DDoS Attacks here.
The Dark Net is often spoken of as a mythical place, but it’s simply an overlay network accessed using non-standard communications and protocols. It’s used similarly to other search engines such as Google and Bing, but used for drug trade, sex trade, political activism and other illegal activity. Originally created by the U.S. government to search the web, untraced; it is now used by expert hackers to perform web activities outside of the government’s knowledge and jurisdiction.
A Drive-by Download Attack is ignited simply by a victim clicking a link which, unwittingly to them, injects malicious software onto their computer- or other device. You can learn in-depth about Drive-by Download Attacks here.
Encryption is the way to encode messages, text and information which requires authentication for access. Encryption is the safest way to protect your data because it requires a specific key or password in order to access the information.
Ethical Hackers are the good-guy hackers. These are highly skilled hackers and security specialists who use their knowledge for testing and evaluating a system’s security. They also act as consultants when producing security measures and procedures as well as aid in counterattacks, if necessary.
In cyber security, an exploit is no different from its common understanding- to make full use of a resource. When a Black Hat Hacker finds a vulnerability they will use tools designed to take advantage of the flaw, hence the term- exploit.
Firewalls monitor incoming and outgoing traffic between a secure, internal network and an outside network (i.e. the internet).
Your digital footprint are the traces you leave behind, when using the internet. Footprinting means that you are not covering your tracks, leaving a trail, for hackers to follow, to your important- and vulnerable- information.
Computer forensics are means of using techniques of investigation and analysis to uncover evidence from computing devices in accordance with building a case for the Federal Court System
Gigabytes are how we measure digital information. This unit will have varying value depending on the context.
Coming from military jargon, going dark is the sudden termination of communication. It can also apply to communication which has seemed to stop, but has actually just moved to a private channel. You can get more information about going dark here.
Gray Hat Hacking
Gray Hat Hackers are hackers with no malicious intent. They exploit security weaknesses to bring the vulnerability’s attention to the owner of the network, computer system or product.
Hacking is an elusive term, for hacking itself implies a number of possible actions and intentions. Generally, a hacker is a skilled programmer, coder and proficient in computer operating systems and networks.
The process of mapping large data items to a fixed-length string. Hashing condenses the mapping, making the string shorter. The string is then, often, used as the original data’s identification/fingerprint.
In whole, heuristics are the process of gaining experiential knowledge. In our cyber world, heuristics refers to software that filters messages which likely contain a virus or other malicious software.
When someone acquires private, identifying information for personal use. This information is often gained through social engineering and spyware to gather information such as social security numbers and bank account numbers to use, typically, for financial gain.
An interrupt implies any time a software or hardware is directed to another process which it was not performing in that moment. For instance: a hard disk is being read, a service error is detected, or if a process is acting slow, a CPU (central processing unit) will perform an interrupt to switch to a speedier process.
Your computer’s IP address is an identifying string of numbers which allows your computer to communicate with other computers over the internet. It also allows for tracking online activity.
One of the most widely-used, interpreted programming languages.
Just as described in Webster’s dictionary (“irregular, random movement”) a jitter indicates a deviation or displacement of high-frequency, digital signal pulses.
As in any field, your jump bag contains everything you need to get your job done- at a moment’s notice. As an IT/security professional your jump bag will include: your laptop, chargers, electrical tape, and anything else your job may require.
There are two different uses for the term key. 1) A variable value, applied using an algorithm, to produce encrypted text or decrypt encrypted text. 2) A field selected for sorting.
A Key Logger is a useful tool for crackers allowing them to obtain passwords by logging which keys have been pressed on a keyboard. This gives hackers the ability to bypass other security measures.
Any form of authentication information whether physical or electronic.
Granting entities only the minimal requirements/resources to access what they need to perform their official duties.
Licensed Penetration Tester (LPT)
A licensed professional who performs penetration testing on corporate networks to find vulnerabilities which need patching. Take our EC-Council courses to become a LPT yourself!
Encryption of data along a communications path, including routing data.
A malicious software designed to perform unauthorized processes disrupting, damaging, intruding a system/computer, usually covertly.
The processes of lessening the severity of a cyberattack.
Man-in-the-Middle (MitM) Attack
An attack involving a hacker intercepting communication between two devices with the ability to not only capture, but manipulate, sensitive information- in real-time.
An information system with interconnected components such as: routers, cabling, key distribution, etc.
Acting as both a review and target identification/analysis technique, network sniffing is a way of passively monitoring network communication.
Network Vulnerability Scanning
The inspection of potential exploits on a network, in order to identify and security vulnerabilities.
This attack entails a hacker obtaining data to be analyzed on a system of their own choosing.
Consists of any information or data being stored outside of approved containers.
Security controls implemented by people rather than systems.
Password cracking is a method of identifying an unknown or forgotten password using a password using either brute-force or dictionary searches. Password cracking is most used by hackers in an attempt to gain unauthorized access to a network or system. (This is why you need a complex password.)
A patch is a software designed to fix (or patch) security vulnerabilities.
Penetration testing is a means of discovering vulnerabilities in a system by simulating an attack on it. This allows for network owners to patch weaknesses before they are exploited.
Quick Response Code (QR code)
A barcode consisting of a matrix of dots which can be read with a QR scanner or built-in smartphone camera.
Attempt to retrieve information from a computer system/software program, such as a search engine query.
A computer program can only process so much at once. When it is sent multiple jobs it adds them to a list (or queue) as a way to order its tasks.
A specific type of malware which requires a user to pay a ransom in order to regain control/access.
Remote Access Trojan (RAT)
A RAT is a Trojan malware which has been designed to allow an attacker remote access to a system/network. Making it one of the most apropos acronyms around.
Reverse engineering is a means of analyzing the functions of a piece of software/hardware so that the behavior can be understood. In cybersecurity, reverse engineering is commonly used to create defense mechanisms against malware.
When an attacker captures a valid session ID so they can gain unauthorized access to a web server.
Social engineering covers a broad range of ways in which hackers manipulate users to gain necessary information they can use to access a server/network unauthorized. This could be in the form of fake social media profiles or phishing emails. To learn about all the signs of social engineering, check out our Data Security & Privacy Compliance training.
Spyware is a form of malware which covertly collects information and monitors a user’s activities.
Just what it sounds like, a targeted attack is an attack aimed at a specific individual or organization. Targeted attacks most often utilize advanced persistent threat attacks (APT) and are most commonly seen in industrial espionage, business disruption and hacktivist political statements.
Thread modeling is a process of determining whether a threat is a malicious or incidental threat as well as where the most effort should be applied to keep a system/network secure.
Named after the mythological Trojan horse (from Greek mythology) a Trojan presents itself as a benign, or harmless, program, but is actually a form of malware.
An update becomes available when a user or developer finds a flaw in a software and fixes the code to prevent the problem. Installing updates ensures said precaution coding is added to your software.
When a hacker gives an ID number to a page address allowing them to track the user’s web behavior.
USB stands for Universal Serial Bus which is a hardware used for data storage that is supported by most of the major operating systems.
A virus is a piece of code which has the capabilities to copy itself and carry out malicious actions such as destroying data.
Virtual Private Networks, or VPNS, are exactly as the sound: two computers which can connect securely over the internet.
A process conducted by a program which identifies security vulnerabilities in a system/network automatically.
White Hat Hacker
A security specialist who performs penetration tests and network scans to expose system/network vulnerabilities before that hackers find them.
White Box Testing
Testing the internal structure of a program, or the program source coding.
A worm acts similarly to a virus: self-replicating, typically malicious code. However, worms are also self-distributing so they do not require a host program or human to propagate.
Or Cross-site Scripting attacks, are a malicious injection which are injected into usually trusted websites.
An XPath injection uses a query to gather information about how XML data is used to authenticate a user, allowing them to find access.
An unknown exploit which exposes a vulnerability in software or hardware, unwittingly to the owner/vendor/user.
Typically, a home-based PC exploited by a remote hacker set up to forward transmittions/communications to other computers on the internet.
Zeus Trojan (Zbot)
A particular Trojan built to run on various Microsoft Windows versions, typically used to steal banking information.
With these simple terms, you should have a much better understanding of the headlines you read, or the next time you get in a conversation with someone in the cyber security field.
Interested in a career in cyber security? Get your career started today with CompTIA’s Security+ certification!
CyberTraining 365 is an online academy that offers nearly 1,000 hours of relevant and cutting edge cyber security training. Our training provides the most in demand industry certification prep courses including EC-Council, CompTIA, (ISC)2 and Cisco; all taught by leading cyber security experts. All of our offerings are aligned with the national initiative for cyber security education (NICE) and ensure the most up-to-date information for this constantly shifting field. With engaging content in a scenario-based format, CyberTraining 365 uses bite-sized micro-learning methodology ensures learners are not overwhelmed with information. On Demand LMS platform has white-label capabilities ideal for internal training purposes