Speaking hacker

Forget tech translators. Here's the key to expert cyber slang

Graphic of cyber slang terms

Evil maids, sock puppets and bot herders are not rock bands. They're terms used by cyber experts. (Click for full image)

Brute-force cracking isn't what you do with pistachios. A rootkit isn't a set of dental tools, although there may be pain involved.

As the cybersecurity field evolves, it develops its own parlance, from exploits and fuzzing to wardriving and zombies. As a cyber defense authority, Raytheon speaks the lingo. In advance of this year's National Collegiate Cyber Defense Competition championship, presented by Raytheon, in Orlando, Florida, April 13-15, we provided this glossary:

@ — Symbol chosen by the late Ray Tomlinson, a Raytheon BBN Technologies engineer who first employed it for Internet email, to separate the names of users and their networks in addresses.

Air gap — To physically separate or isolate a secure network from other unsecured systems or networks.

Back door — A hidden entry to a computer, network or software that bypasses security measures.

Blackhat — A criminal hacker who breaches security for malicious reasons or personal gain.

Blue team — A group defending a computer system from mock attackers, usually as part of a controlled exercise. During the Raytheon National Collegiate Cyber Defense Competition, the blue teams are made up of students.

Bot — A program that automates an action. Bots infect computers and secretly perform activities under the control of a remote administrator.

Botnet — A collection of computers infected by bots.

Bot master or herder —Someone who controls a botnet.

Brute force — In cryptology, a trial-and-error method of cracking a password-protected system. An attacker uses automation to guess all possible passwords until the correct one is found. There are numerous ways to prevent brute force attacks, such as locking an account after three failed password attempts or two-factor authentication.

Cracking — Breaking into a secure system or a copyrighted software for illegal purposes. While hackers are often ethical experts, crackers are malicious.

Dark Web — Sites and content purposefully hidden and unreachable through standard web browsers. The Dark Web is often used for illegal purposes and can only be found using special browsers. Often confused with the “Darknet,” which is an “overlay” network that requires special software (like Tor) to surf the Internet anonymously for both legal and illicit purposes.

Deep Web — The part of the Internet that’s not indexed by search engines — from firewalled and encrypted sites to password-protected and paywalled pages.

DoS attack — A Denial-of-Service attack disrupts a website, server, or network resource – often by flooding it with more requests than it can handle. A Distributed Denial of Service Attack is a DoS attack using a multitude of machines.

End-point security — Security measures that protect a network from potential vulnerabilities posed by laptops and other mobile devices that access the network remotely.

Evil Maid attack — When a baddie with physical access to an unattended computer installs software, like a keylogger or rootkit, allowing them to remotely control or view data from the machine.

Exploit — A vulnerability or bug that hackers can use to their advantage on a computer or network, such as gaining access or control of a system, escalate privileges (like making themselves administrators) and wreak havoc on a network.

Fuzzing — Automated input of invalid, unexpected or random data to a computer program. “Shocking” a computer in this way can reveal vulnerabilities.

Honeypot — A trap set to detect intruders. A honeypot usually simulates a real network, but is actually isolated and monitored so it can give advance warning of an intrusion.

Insider threat – A threat posed by employees, contractors, business associates or other people who have inside access to a computer system. 

Malware —Software designed to hijack, damage, destroy or steal information from a device or system. Variations include spyware, adware, rootkits, viruses, keyloggers and more.

Patching —The process of updating software.

Pentest — Short for penetration testing, or trying to hack into a system to identify weaknesses.

Phishing — Tricking someone into giving away personal information by imitating legitimate companies, organizations, or people online. The “ph” derives from phreaking, or “phone freaking” -- hijacking telephone lines. Spearphishing focuses on a particular target.

Pwned — Pronounced like owned with a “p” at the beginning, pwned means to defeat security measures. Derives from the word “own,” or dominate.

Ransomware — Malware that extorts money by blocking access to data or threatening to publish it until the ransom is paid.

Rootkit — Software that malicious hackers install on systems, giving them “root” or administrator privileges, allowing full access.

Red team — A group of cybersecurity professionals authorized to simulate an attack. A “blue team” of students will face a red team at the Raytheon National Collegiate Cyber Defense Competition.

Sniffer — A computer program that can intercept and log traffic that passes through a network.

Spoofing — An attack where a hacker masquerades as another person or system to gain access to a computer. E-mail address spoofing is often used to execute phishing attacks.

Sock puppet — A false identity used in online communities and social media to deceive others.

Social engineering —Manipulating people into sharing private information.

Two-factor authentication — A method of confirming a user’s identity two ways: something known like a password with a second factor, like a PIN or token..

Wardriving — Searching for neighborhood Wi-Fi networks in a vehicle, using a laptop or smartphone.

Zombie — An infected device that is used to perform malicious tasks under remote control. Botnets of zombie computers are often used to spread e-mail spam and launch denial-of-service (DoS) attacks.


SANS Glossary of Security Terms




Last Updated: 03/07/2018