Essential Cybersecurity Glossary: Key Terms Explained

TechCrunch's Essential Cybersecurity Glossary

Navigating the world of cybersecurity can be challenging with its complex jargon. This glossary defines key terms to help you understand online threats and protect yourself.

A

Advanced Persistent Threat (APT): A well-resourced hacker, often state-sponsored, who gains unauthorized access and remains undetected for extended periods to steal data or sabotage systems.

Adversary-in-the-Middle (AitM) Attack: Intercepting network traffic to eavesdrop or modify data. Encryption helps protect against AitM attacks.

Arbitrary Code Execution: Running unauthorized commands or code on a system due to a vulnerability. This can enable backdoor access or malware installation.

Attribution: Identifying the source of a cyberattack, a complex and often difficult process.

B

Backdoor: A method of bypassing normal security measures to gain future access to a system. Backdoors can be legitimate or malicious.

Black/White Hat Hacker: Black hats hack illegally for personal gain. White hats hack ethically to find vulnerabilities and improve security.

Botnet: A network of compromised devices controlled by a command-and-control server, used for attacks like DDoS.

Brute Force Attack: Repeatedly trying different password combinations to gain access to an account or system.

Bug: A software error that can cause unexpected behavior, sometimes creating a security vulnerability.

C

Command-and-Control (C2) Server: Used by hackers to control compromised devices in a botnet and launch attacks.

Crypto: Shorthand for cryptography (secure communication techniques) or cryptocurrency (digital currencies).

Cryptojacking: Using a device's processing power without permission to mine cryptocurrency.

D

Dark Web: A part of the internet requiring special software to access, offering anonymity but also used for criminal activity.

Data Breach: Unauthorized removal of data from a system.

Data Exposure: Protected data stored on a system without access controls, making it vulnerable.

Data Leak: Protected data escaping a system due to a vulnerability or insider access.

Deepfake: AI-generated videos, audio, or images designed to look real, often used for malicious purposes.

Def Con: A major annual hacking conference in Las Vegas.

Distributed Denial-of-Service (DDoS) Attack: Flooding a target with traffic to overload its servers and disrupt service.

E

Encryption: Scrambling data to make it unreadable without the decryption key.

End-to-End Encryption (E2EE): Secures communications so only the sender and recipient can read the message.

Escalation of Privileges: Gaining higher access rights on a system than authorized.

Espionage: Stealthy hacking aimed at spying, surveillance, and data collection.

Exploit: A method used to take advantage of a vulnerability.

Extortion: Obtaining something, typically money, through threats or intimidation.

F

Forensics: Analyzing digital data to find evidence of crimes or security incidents.

H

Hacker: Someone who alters how something works, often by exploiting vulnerabilities. Can be malicious or ethical.

Hack-and-Leak Operation: Stealing data and then publicly releasing it.

Hacktivist: A hacker who uses their skills for political or social activism.

I

Infosec: Short for information security, focused on protecting data and information.

Infostealers: Malware designed to steal sensitive information like passwords and credentials.

J

Jailbreak: Circumventing security restrictions on a device or software.

K

Kernel: The core of an operating system that controls hardware and software.

M

Malware: Malicious software designed to harm or exploit systems.

Metadata: Data that describes other data, such as file size, creation date, or location.

Multi-Factor Authentication (MFA): Requiring multiple forms of identification to verify a user's identity.

O

Operational Security (OPSEC): Practices for keeping sensitive information secret.

P

Penetration Testing: Simulating attacks to identify vulnerabilities in a system.

Phishing: Tricking users into clicking malicious links or opening infected attachments.

R

Ransomware: Malware that encrypts files and demands a ransom for decryption.

Remote Code Execution: Running code on a system remotely over a network.

S

Sanctions: Legal restrictions on interacting with entities involved in malicious cyber activity.

Sandbox: An isolated environment for testing potentially harmful code.

SIM Swap: Hijacking a phone number to gain access to online accounts.

Social Engineering: Using deception to manipulate people into divulging information or performing actions.

Spyware: Malware that monitors a user's activity and collects data.

Stalkerware: Spyware used to track someone's location, messages, and other personal information.

T

Threat Model: Identifying potential threats and vulnerabilities to develop security strategies.

U

Unauthorized: Accessing a system without permission, often illegally.

V

Virtual Private Network (VPN): Creates a secure connection over a public network, often used for privacy.

Vulnerability: A weakness in a system that can be exploited by attackers.

Z

Zero-Click Attack: A cyberattack requiring no user interaction to compromise a device.

Zero-Day: A vulnerability that is unknown to the software vendor, leaving systems unprotected.