In the world of information security, it can seem like the required terminology constitutes a language entirely separate from English. Breaking down these terms can seem daunting, so we’ve broken some of the biggest ones down to size. Read on for some key cybersecurity jargon defined and explained from the first half of the alphabet.
If gated websites (that is, websites or parts of them that require a username and password to access) are the proverbial front door of the cybersecurity house, there has to be a backdoor. Some companies and businesses may choose to build “backdoors” into their systems so that their computer personnel can quickly access its building blocks. This can be beneficial and efficient, but also dangerous if the wrong people are made privy to those backdoors.
Dramatic imagery aside, black hat hackers are legitimately the villains of the hacker world. Also known as “crackers” or “dark-side hackers,” they tend to break into computers and networks and usually are the culprit behind computer virus creation, all for personal gain. These types of hackers often sell information regarding discovered program weaknesses to other hackers or entities.
Also called zombie armies, botnets are networks of computers that have been infected (hacked into) by an attacker. Essentially, your computer may be doing bad things for other people without your knowledge. How comforting.
A “bug” is simply an error or inconsistency in a program. Most of the time, these are just an annoying inconvenience, but some can be exploited by attackers. Fun fact: bug bounty programs are sometimes put in place by companies to identify bugs before the wrong people can do any harm with it. Which brings us to…
When a black hat hacker (defined above) is successful in breaking into a network or security system, they have cracked it. Hence these hackers’ other name, “cracker.”
From “cryptography,” this word simply means that something is secret, hidden, or not easy to decipher. Having an encrypted network connection is one of the determining factors in how secure your data is, for example.
The seedy underbelly of the internet universe, the Dark Web (not to be confused with Deep Web) refers to the collection of websites that hide the IP addresses (which are readily available and visible for normal, legitimate websites) of the servers that run them. What this means is that these sites are publicly visible and available to anyone, but cannot be traced back to their creators or administrators. Because of this, the Dark Web is often associated (and rightly so) with illicit drug dealing, firearms running, pornography and identity theft.
Similar but not the same as the Dark Web, the Deep Web is the portion of the internet that is not found by search engines. While yes, some deep web sites are simply password-protected pages and encrypted networks (aka: not malicious), and it would be impossible for Google to know about every single website in existence, do exercise caution if using any site not found with search engines.
In order to create the encrypted network connections just discussed, we need to follow through on the process of encryption, by manipulating or scrambling data in a way that makes it into a secret code. Decryption is therefore the process of decoding previously coded secret messages, in whatever form they may be.
A person who either operates alone or as part of a network of others who actively and intentionally breaks into computers or computer networks.
Literally, the bad computer-related stuff.
Abbreviated MiiT, this is a form of cyberattack in which a hacker gets in between your computer and where you are intending your data to go. In other words, if you’re checking your bank accounts through a public WiFi network, you may be sending your banking login credentials right to someone who can take your money.
Now that you’re fluent in cybersecurity jargon beginning with letters A through M, stay tuned for the second blog post that will define cybersecurity jargon N-Z in the months to come. While you’re waiting, put your new knowledge to the test and read through the Secure360 blog.