The Code Talkers
The College Cyber Competition Guide to Geekspeak
When Mirek Bartik tells his University of Texas at San Antonio student cyber team about bot herding "sheep" or phishing for "whales," he's not referring to the college's veterinary curriculum.
Bartik is helping coach the UTSA team to compete in the 2015 National Collegiate Cyber Defense Competition in San Antonio in late April, and this is the lingo they use to protect computer networks against hackers.
Raytheon sponsored last year's competition and has already signed on through 2016. The company, an industry leader in cybersecurity, sees the competition as an opportunity to help groom the next generation of data defenders.
Here's a glossary of more terms you might hear at the competition:
Bot — A program that automates a simple action. Bots infect computers and secretly perform activities under the control of a remote administrator.
Botnet — A collection of computers infected by bots.
Bot herder — Someone who controls a botnet.
Beacon — Messages received from attackers' malware that notifies them the device is alive, compromised and awaiting further instructions.
Blue Team — A group defending a computer system from mock attackers, usually as part of a controlled exercise. During the National Collegiate Cyber Defense Competition, the blue teams are made up of students.
C2 — Short for command and control: the communications channel and command structure used to control malware actions.
Cloud — A group of remote computing resources that can be provisioned to store, manage, and process data.
Cyber Missile — A weaponized exploit with an advanced payload that is packaged so anyone could click a button launch the attack.
Exfiltration — The removing of data from a compromised system to an attacker-controlled site.
Exploit — Code or commands that take advantage of a vulnerability in a system.
Honeypot — A trap set to detect intruders. A honeypot usually simulates a real network but is actually isolated and monitored so it can give advance warning of an intrusion. A honeynet contains one or more honey pots.
Implant — Code placed on a compromised system to provide a lasting presence on the system.
Insider threat — A threat posed by employees, contractors, business associates or other people who have inside access to an organization's computer system.
Leak — A vulnerability that will result in exposing data from a running process, leading to bypassing the Address Space Layout Randomization that protects against buffer overflow attacks.
Payload — Code that is executed when an exploit gains control of a system, typically providing the attacker a shell or installing an implant.
Persistence — Malware's ability to continue code execution despite the computer rebooting.
Phishing — Tricking someone into giving away personal information by imitating legitimate companies, organizations, or people online. The "ph" derives from phreaking, or "phone freaking" – hijacking telephone lines. Spearphishing focuses on a particular target.
Pivoting — Utilizing a compromised resource to move around connected systems in order to access data or compromise additional systems.
POC — Proof-of-Concept is an example rudimentary exploit that proves a vulnerability is hackable.
Privilege Escalation — Exploiting a vulnerability in an operating system or software application that increases the access level of an attacker.
PWNing — Pronounced "owning" and means to defeat security measures. Derived from the word "own" or dominate.
Reconnaissance — The active or passive technique of identifying computing resources either on a network or a system.
Red Team — A group of cybersecurity professionals authorized to simulate an attack. A "blue team" of students will face a red team at the Raytheon National Collegiate Cyber Defense Competition.
Rogue Wifi — A wireless access point an attacker sets up to compromise users' credentials, banking accounts and computers.
ROP — A technique called Return-Oriented Programming, which allows an exploit to bypass non-executable memory or code signing.
Sheep — An easily hacked person or computer. The person who will always click on the link.
Shell — A command terminal on a compromised system in which an attacker can execute commands.
Whale — High-ranking executives in an organization that are specific targets of spearphishing.
White Team — A group responsible for refereeing an engagement between a red team of mock attackers and a blue team of cyber defenders.