91 Cyber Security Terms You Need To Master
Cyber Security Terms are evolving every day. But to get a handle on them here are 91 of the most commonly used terms by hackers, writers and security officers. See how many you can find in popular spy and cybercrime fiction.
One of the most banded about words today in UK cyber security terms, a “bot” refers to an automated software application that performs tasks over the internet. But not always does it refer to bad agents. Bots can be used for legitimate purposes, such as web indexing by search engines, but they often play a more sinister role.
When used maliciously, a bot is typically part of a botnet, which is a network of compromised computers or devices that are remotely controlled by a cybercriminal. These bots can be used to carry out activities such as distributed denial-of-service (DDoS) attacks, where multiple bots flood a target website with traffic to make it unavailable. To crash the site intentionally. They can also be used to send out spam, distribute malware, or steal data.
Botnets are particularly dangerous because they can operate on a large scale, often involving thousands or even millions of compromised devices, and their activities can be difficult to detect because they mimic normal internet traffic. Therefore you can expect to see this as one of the many cyber security terms in daily life and also in contemporary political thrillers and fiction and non fiction on cybercrime.
.
CYBER SECURITY TERMS FOR AUTHORS
Understanding cyber security terms is essential for authors writing in today’s digital age. Familiarity with key concepts like phishing, encryption, and firewalls enhances the authenticity of your work. These terms add depth to tech-driven plots, ensuring your narrative stays relevant and credible while engaging readers in a world where cyber threats are ever-present.
Alias
A false identity – to conceal who you are in the physical or digital worlds. Used all the time in the cyber world.
Backdoor
Secret entry points built into code to access a system. Used by governments and companies to access their networks. Software planted maliciously by hackers. A big risk to cyber security.
Black Propaganda
Disinformation that is deniable by (and not traceable to) its source. Used by Government agencies, spies and malicious hackers.
Blackhat
Malicious hackers. Their goal is to infiltrate computer systems. Used by intelligence services looking for compromising information, or individuals either with criminal intentions or just out for kicks.
Bitcoin
A digital currency used to make anonymous purchases online and also in the physical world. Perfect for money launderers and tax dodgers.
Botnet
An extensive collection of hacked and compromised computers which are used to target and overload a website until it crashes. Also useful for decrypting files others don’t want you to. The use of the word “bot” is a common cyber security term
Breach
The term used for the moment a hacker successfully exploits a vulnerability in a computer or device, and gains access to its files and network.
BYOD (Bring Your Own Device)
Refers to a company security policy that allows for employees’ personal devices to be used in business. A BYOD policy sets out regulations, such as whether a personal phone or laptop can connect to the corporate network.
Buffer Overflow
Occurs when more data is written to a block of memory than the buffer is configured to hold. A hacker can exploit buffer overflow deliberately by trying to upload a super-large file to the server to write malicious scripts executable to permanent memory areas of the system.
Burner Phone
A burner phone is a cheap, prepaid mobile phone purchased with cash to avoid any kind of paper trail. So called, if authorities trace the number you can “trash and burn” and replace it with another.
CIA
U.S.’s foreign intelligence gathering service. Formally created in 1947, the Central Intelligence Agency (CIA) grew out of the World War II Office of Strategic Services (OSS).
Cipher
A message scrambled into nonsense by substituting and adding random letters. For someone to read it, they need a key or have a programme of cryptanalysis (see below). They now deal a lot with cyber security and cyber espionage.
Clickjacking
A hacking attack that tricks victims into clicking on an unintended link or button, usually disguised as a harmless element.
Cloaking
Cloaking is where a hacker presents you with content or a hyperlink that differs from what you actually see as in The Secret War when Karen identifies fake news. It is also a common link jacking practice among video streaming sites who trick you to click a video play button, but load an ad.
Cloud
Technology that allows access to our files and/or services through the internet from anywhere in the world. In fact, it’s just a collection of computers with huge storage capabilities that remotely serve requests. Now used more by people online than poets.
Counterintelligence
The business of thwarting the efforts of foreign intelligence agencies, including gathering information on spies and conducting activities to prevent espionage, sabotage, assassinations on behalf of foreign powers and terrorist organisations.
Cracker
Also known as a black hat hacker, is someone who performs actions aimed at obtaining unauthorised access to software or a network.
Cryptanalysis
The art of deciphering coded messages.
CRYPTOLOGIST
An expert in cryptanalysis (see above).
Dangle
Someone sent by their country’s intelligence agency to a foreign intelligence agency in the hope of recruitment as a spy. They then become a double agent like Professor Wang in The Secret War
Dark web
The dark web is the hidden collective of internet sites only accessible by a special web browser. Used for keeping internet activity anonymous and private, it’s where cybercriminals certainly hang out. To access it, you need a special browser called Tor. Cyber security experts monitor the dark web.
Decryption
Break a code, with or without a key. Or a process that transforms encrypted information back to into its original format.
Deepfake
An audio or video clip edited and manipulated to seem real, such as the video of Robin Miller in The Missing Activist. Deepfakes can easily convince people to believe a certain theory. Used by conspiracy theorists and creators of political and financial propaganda.
Deep Web
This refers to the part of the internet not indexed by Google. This can be useful to legal groups such as clubs that simply do not want to appear on Google.
Distributed Denial of Service (DDoS)
DDOS is when hackers cram a target with so much traffic that the server gives in and the computer or website crashes.
Domain
A group of computers, printers and devices that are interconnected and governed as a whole. For example, your computer is usually part of a domain at your workplace.
Double Agent
A spy who pretends to be working against one country but who is, in fact, working for that country’s or organisation’s opponent. Used to spread disinformation. Today many double agents are experts in cyber security.
Doxing
A term used for collecting information online about a target so you can cross-reference information to discover the real identity behind an alias. For example, Karen Andersen needed to trace the real person behind “China Girl” in The Secret War to uncover the mystery behind the lethal agent DX21.
ELINT
Electronic intelligence, derived from the interception of radiation sources such as radars.
Encryption
A method of protecting data by applying a cipher so it can only be read by using a key.
Exploit
An exploit is a piece of software or series of commands executed to take advantage of a security vulnerability on a network or software. “Exploiting a network” means trying to compromise the security of a system by taking advantage of its vulnerabilities.
Exploit kit
An exploit kit is a collection of tools or software that run on web servers, scouting for vulnerabilities on the target machines and exploiting these vulnerabilities by executing malicious commands.
Firewall
A firewall is a filter that enables safe communication between users and systems within a network by keeping away any outside unwanted intrusion. It works as a shield to protect a web server from a DoS attack by filtering and discarding the malformed requests before they actually reach it. One of the most common of the cyber security terms.
Friends
British slang for members of the Secret Intelligence Service.
Grayhat
These hackers break into systems without permission, motivated by a political goal or to trace someone. In The Missing Activist, Karen Andersen acts this way to log into the social media account of missing person Robin Miller, concerned about his mental status.
Hacktivist
A hacktivist is an activist who hacks a corporate website to draw attention to their political statement. It’s the equivalent of painting slogans on the side of an oil platform, and probably far effective in today’s age.
Honey Trap
Slang for use of men or women in sexual situations to intimidate or snare others, like Yoyo Chen in The Secret War
HUMINT
Intelligence collected from human sources. This may openly, as when police interview witnesses or suspects. With espionage, it’s done through covert means, i.e. tricking someone into giving out information.
Junk packets
These are simple internet connection requests sent rapidly involving great numbers designed to make a website crash.
Key
A string of letters and numbers which unlock an encrypted system. Similar to activating a piece of software. These are used to send important and secret data over the internet. Today, for greater security to lock data, both sender and recipient have different keys. A bit like a double lock, plus a bolt in cyber security terms..
HTTPS/SSL/TLS
HTTPS, which stands for HyperText Transfer Protocol, is a basic framework that controls how data transmits across the web. The extra S means that all data is first encrypted to add a further layer of security. SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are protocols used by HTTPS to provide identity proof. As a hacker can see data transmitted through plain HTTP, its recommended for sites which collect credit card information.
IP Address
An internet version of a home address for your computer, which is identified when it communicates over a network. Traceable.
Keystroke logging
Keystroke logging is the cyber security term which refers to using malware to record all keyboard strokes that a user presses on a computer. It is one of the most common password hacking techniques used by hackers to get passwords. Some free software you download online might come with a keystroke logger. Be wary.
Local
A local attack is where someone delivers malware directly to the vulnerable target computer or network by having previous access to it and escalating certain privileges. It is common for such kinds of attacks to be launched by a disgruntled employee who wants to take revenge on the company and inserts code that causes computers to fail. Often, the problems do not manifest all at once, but in a way that leaves the cause of the malfunction difficult to determine. For example, this happened at Siemans from 2014 through 2016.
Logic Bomb
An attack that is triggered by a specific event. The infected computer or hacked code is waiting for a single event or combination of events to launch its attack. The best known of these attacks might have been the Michelangelo virus, which was supposed to attack millions of computers on March 6, 1992. In 2013 The South Korean logic bomb cyber attack wiped data from computers in the country’s banking and broadcasting industries. For most companies, the threat comes from the inside (see above).
Malware
Any software or programme designed to hack or damage targets. Short for ‘malicious software’, Malware includes ransomware, RATs, and spyware.
Man in the middle
Someone who secretly hacks their way into communications between people or computers. They can then extract data or even add false information. Used a lot by spies on social media groups such as Facebook and LinkedIn, as well as WhatsApp. An example of this was when Karen joined a group of Jihadi brides in The Missing Activist as Basilah. There was another incident of a “Man in the Middle” in The Killing of the Cherrywood MP.
MI5
The British domestic counterintelligence service, officially known as the Security Service. Coming under the authority of the Home Secretary, it’s headed by a Director General (DG) who presides over an internal security organisation, secretariat, legal advisory branch, and information services branch.
MI6
The British foreign intelligence service, officially known as the Secret Intelligence Service. Formed in 1909, the “MI6” label originated when the agency was “section six” of military intelligence. The Chief of MI6 is directly accountable to the Foreign Secretary.
Nugget
British term for the bait (money, political asylum, sex, or career opportunity) offered to a potential defector.
NSO Group
Named after founders Niv, Shalev and Omri, an Israeli technology firm primarily known for its proprietary spyware Pegasus, which is capable of remote zero-click surveillance of smartphones. See below. S
One-time Pad
Strings of random numbers for singular use as a key in enciphering messages; the proper use of a one-time pad renders a message mathematically unbreakable.
Operational Security (OpSec)
On the internet, your IP address is a big giveaway to your identity. Easily tracked, to hide it you need good OpSec. Also refers to not leaking personal information or writing anything which can blow your cover if you are a cyber criminal without much nouse.
OSINT
Open source intelligence is information derived from publicly available sources.
Partridge Securities
Run by Donald Partridge, Partridge Securities is the fictional securities firm carrying out private investigations. Karen Andersen’s sometimes boss.
Payload
Payload is an ethical hacking terminology used to refer to the part of the virus or malware that performs the malicious actions like destroying system data or hijacking the computer system.
Pegasus
Trojan horse computer virus capable of reading text messages, tracking calls, collecting passwords, location tracking, accessing the target device’s microphone and camera from mobile phones. Used a lot in books and films.
Penetration testing (Pentest)
The name given to the process of deliberately attacking a computer network to learn the weak points in the system. If you’re a major organisation, you will frequently run a pentest so you can fix these vulnerabilities before a hacker gains entry and runs havoc with your business.
Phishing
A harmless-looking email which could be dodgy. Often these communications contain within them an irresistible hook enticing you to open it such as, “We couldn’t deliver your parcel. Click here for …” Open it and your hacker gains access to private data you don’t want them to have. Most phishing emails have misspellings. Perhaps you don’t recognise the sender. Leave it alone and it can’t hurt you. But beware of spear-phishing. A more targeted and malicious approach, designed to look like it’s come from a friend or someone you trust. Time to up your OpSec.
Phreaker
A phreaker is a hacker who illegally breaks into a telephone network in order to wiretap voice calls or phone lines or make long-distance calls for free.
Plaintext
The original message before encryption.
Playback
To provide false information to the enemy while gaining accurate information from him or her.
Pocket Litter
Items in a spy’s pocket (receipts, coins, opera tickets, etc.) that add authenticity to his or her identity.
Provocateur
An operative sent to incite a target group to action for purposes of entrapping or embarrassing them.
Ransomware
Derived from “ransome” plus “malware”. This is when someone steals your data and holds it hostage. They’ll demand payment for its return, often bitcoins which can’t be traced. Sometimes they delete files for every minute you withhold payment. There’s nothing good about ransomware. It’s a bit like kidnapping on the net and really nasty.
Remote
A remote attack is where an attack is carried out by sending an exploit over a network to exploit security vulnerabilities in another machine without obtaining previous access to the vulnerable machine.
Remote administration tools (RATs)
Pieces of software that hide in the dark corners of your computer to give a hacker access and sometimes full administrator control. Not dissimilar to allowing a technician to enter your system to perform a remote fix. Therefore, some RATS are welcome, but be aware of those who are after your private data.
Rootkit
Rootkit is a type of malware that stealthily runs on a system, hiding certain programs or processes existing in a computer from being uncovered by normal detection methods, while giving continuous privileged access to the computer
Script kiddy
Name given to a starter in hacking who needs to use seasoned hackers’ scripts and codes to get going. Everyone was there once.
Shell
A piece of code planted on a website so that a hacker can gain access and do lots of damage if they want. Once they’re in, they can change things in your network and even take over control.
Shrink wrap code
Shrink wrap code is where an off-the-shelf software comes with certain features that the user is not aware of, or that can be used by an attacker to exploit the system. Gone are the days when you could pick up some good secondhand or cheap software on some dodgy market stall.
SIS
Secret Intelligence Service is the official name of Britain’s MI6. (See above)
Sleeper
Agent living as an ordinary citizen in a foreign country and who acts only when a hostile situation develops.
Social Engineering
The term given to attacks aimed at the weakest part of any IT security system, which is the end user. These are attacks that attempt to trick the user into responding, such as a link to something of interest. Social engineering uses a range of devices from phishing email to luring people to terrorist organisations. It relies on manipulating people into cyber espionage or to behave in a certain way.
Software
A set of programs that tell a computer to perform a task. These are compiled into a package that users can install and use. For example, Microsoft Office is an application software.
Spam
Spam is a common ethical hacking terminology used to refer to any unwanted or unsolicited email from the internet. Some are harmless and aimed at promoting products or advertising goods. But others are used to spread malware or steal sensitive data through phishing emails. Spammers collect email addresses from the internet using web scraping tools.
Spoofing
Email spoofing is the term used by cyber types where an attacker changes slightly the headers of an email to make it look like it came from a legit source that you trust, like your bank. IP spoofing is where an illegitimate data packet is sent over a network by modifying its sender address to look like it’s from a trusted host. Spoofing is a deliberate attempt to give access to information you don’t want to give out.
Spy
Spies are people with access to valuable information. Also called agents or assets, they may volunteer to spy or someone will recruit or blackmail them to pass information.
Spyware
Aptly named, software designed to monitor your computer to detect other software intending to steal data.
SQL Injection
SQL injection is a very common type of website hacking where an attacker inserts malicious SQL statements through forms to be executed by the application. It is so common that a proper penetration test should not omit SQL injection vulnerability tests. I
Target of evaluation
Target of evaluation is one of the most common ethical hacking terminologies used to refer to any system, network, application or software that is the subject of a security analysis or attack. Linked to the good guys, supposedly.
Traffic Analysis
Methods for gaining intelligence from the patterns and volumes of messages.
Trojan horse
A piece of malware that often allows a hacker to gain remote access to a computer through a “back door”.
Virus
A virus is a hacking terminology used to refer to malware that replicates itself and can destroy or corrupt your system.
Visual hacking
Visual hacking is an in-person form of hacking that takes advantage of poor security by end-users. Usually overcome by cybersecurity training for employees. Examples of visual hacking opportunities. include logged-in, unattended computers and passwords taped to monitors.
Virtual Private Network (VPN)
A tool that allows the user to remain anonymous while using the internet by masking the location and encrypting traffic.
Vulnerability
The crack in the system which allows a hacker to enter. Vulnerabilities can come from visual hacking, planted code, or just weak spots in your system.
Whitehat
Someone hired to break into a system intentionally to find its weakness and vulnerability. Also known as penetration testing. In the cyber world, WhiteHats are good guys, most of the time.
Worm
A word is a type of virus that sits on your active system memory and duplicates itself but does not alter system files or data. As invisible as those in the garden buried deep beneath the surface of the flower bed.
XSS
XSS, also known as cross site scripting, is a web security vulnerability that enables a hacker to inject malicious client-side JavaScript code into web pages viewed by users.
Zero-day attack
A zero-day attack or zero-day exploit is simply the use of a previously undiscovered flaw in an application or operating system to gain access to or control system resources. The term zero-day refers to the fact that it is the day on which the attack or exploit was first identified. For more cyber security terms re