Common Terminology
Below you will find brief definitions of both common and not so common terms that will better help you understand the risks you face every day.
Virus Worm Trojan Horse Rootkit Smishing Botnet BlueBugging Bluejacking
Bluesnarfing Snarfing Bluedating Pod Slurping Ransomware Scareware Sidejacking
Virus: A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. A computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells. Extending the analogy, the insertion of a virus into the program is termed as an infection, and the infected file (or executable code that is not part of a file) is called a host. Viruses are one of the several types of malicious software or malware. In a common parlance, the term virus is often extended to refer to worms, trojan horses and other sorts of malware, however, this can confuse computer users, since viruses in the narrow sense of the word are less common than they used to be, compared to other forms of malware. This confusion can have serious consequences, because it may lead to a focus on preventing one genre of malware over another, potentially leaving computers vulnerable to future damage. However, a basic rule is that computer viruses cannot directly damage hardware, but only software. While viruses can be intentionally destructive (for example, by destroying data), many other viruses are fairly benign or merely annoying. Some viruses have a delayed payload, which is sometimes called a bomb. For example, a virus might display a message on a specific day or wait until it has infected a certain number of hosts. A time bomb occurs during a particular date or time, and a logic bomb occurs when the user of a computer takes an action that triggers the bomb. However, the predominant negative effect of viruses is their uncontrolled self-reproduction, which wastes or overwhelms computer resources.
Worm: A worm is a self-replicating computer program, similar to a computer virus. A virus attaches itself to, and becomes part of, another executable program; however, a worm is self-contained and does not need to be part of another program to propagate itself. They are often designed to exploit the file transmission capabilities found on many computers. The first implementation of a worm was by two researchers at Xerox PARC in 1978. The authors, John Shoch and Jon Hupp, originally designed the worm to find idle processors on the network and assign them tasks, sharing the processing and so improving the whole network efficiency. In addition to replication, a worm may be designed to do any number of things, such as delete files on a host system or send documents via email. More recent worms may be multi-headed and carry other executables as a payload. However, even in the absence of such a payload, a worm can wreak havoc just with the network traffic generated by its reproduction. Mydoom, for example, caused a noticeable worldwide Internet slowdown at the peak of its spread. A common payload is for a worm to install a backdoor in the infected computer, as was done by Sobig and Mydoom. These zombie computers are used by spam senders for sending junk email or to cloak their website's address. Spammers are thought to pay for the creation of such worms, and worm writers have been caught selling lists of IP addresses of infected machines. Others try to blackmail companies with threatened DoS attacks. The backdoors can also be exploited by other worms, such as Doomjuice, which spreads using the backdoor opened by Mydoom. Top of page
Trojan Horse: A Trojan horse is a malicious program that is disguised as or embedded within legitimate software. The term is derived from the classical myth of the Trojan Horse. They may look useful or interesting (or at the very least harmless) to an unsuspecting user, but are actually harmful when executed. Often the term is shortened to simply trojan, even though this turns the adjective into a noun, reversing the myth (Greeks, not Trojans, were gaining malicious access). There are two common types of Trojan horses. One, is otherwise useful software that has been corrupted by a cracker inserting malicious code that executes while the program is used. Examples include various implementations of weather alerting programs, computer clock setting software, and peer to peer file sharing utilities. The other type is a standalone program that masquerades as something else, like a game or image file, in order to trick the user into some misdirected complicity that is needed to carry out the program's objectives. Trojan horse programs cannot operate autonomously, in contrast to some other types of malware, like viruses or worms. Just as the Greeks needed the Trojans to bring the horse inside for their plan to work, Trojan horse programs depend on actions by the intended victims. As such, if trojans replicate and even distribute themselves, each new victim must run the program/trojan. Therefore their virulence is of a different nature, depending on successful implementation of social engineering concepts rather than flaws in a computer system's security design or configuration.
Rootkit: A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications. The term rootkit is a concatenation of "root" (the traditional name of the privileged account on Unix operating systems) and the word "kit" (which refers to the software components that implement the tool). The term "rootkit" has negative connotations through its association with malware.Typically, an attacker installs a rootkit on a computer after first obtaining root-level access, either by exploiting a known vulnerability or by obtaining a password (either by cracking the encryption, or through social engineering). Once a rootkit is installed, it allows an attacker to mask the ongoing intrusion and maintain privileged access to the computer by circumventing normal authentication and authorization mechanisms. Although rootkits can serve a variety of ends, they have gained notoriety primarily as malware, hiding applications that appropriate computing resources or steal passwords without the knowledge of administrators and users of affected systems. Rootkits can target firmware, a hypervisor, the kernel, or—most commonly—user-mode applications.Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it. Detection methods include using an alternate, trusted operating system; behavioral-based methods; signature scanning; difference scanning; and memory dump analysis. Removal can be complicated or practically impossible, especially in cases where the rootkit resides in the kernel; reinstallation of the operating system may be the only alternative. Just about everyone is walking around with a laptop, smartphone, tablet etc. these days which leaves so many people at risk of losing valuable information so easily. We can help; from the high-schooler sharing every moment safely with their friends to the road warrior running their business from their mobile devices. Top of page
Smishing: Smishing or "SMS phishing" refers to a phishing attack that specifically targets mobile phones. The victim would receive an SMS with a hyperlink wherein a malware automatically finds its way in your phone or leads the user to a phishing site formatted for mobile screens.
Botnet (Zombie PCs): A combination of the words "Robot" and "Network," a Botnet is any number of internet computers that inconspicuous to their owners; forward e-mails (any of which include spam, malware, or viruses) to other computers on the internet. These infected computers are also known as "zombies". DoS attacks (Denial of Service) often rely on thousands of zombie PCs.
BlueBugging: A craze originally jump started by a Malaysian IT Professional, bluebugging (not to be confused with bluesnarfing) allows a more skilled person to illegally access a cellular phone via Bluetooth wireless technology. This act often times goes unnoticed without any proper notification or alerting to the phone's user. A vulnerability such as this allows phone calls, SMS messages to be read and sent, phonebook contacts to be erased, phone conversations to be tapped, and other malicious activities. But access is only attainable within a 10 meter range of the phone.
Bluejacking: The sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDA's or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another bluetooth enabled device via the OBEX protocol. Bluetooth has a very limited range, usually around 10 meters (32.8 ft) on mobile phones, but laptops can reach up to 100 meters (328 ft) with powerful (Class 1) transmitters. Top of page
Bluesnarfing: The unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDA's. This allows access to a calendar, contact list, emails and text messages, and on some phones users can copy pictures and private videos. Bluesnarfing is much more serious than Bluejacking, but both exploit others' Bluetooth connections without their knowledge. Any device with its Bluetooth connection turned on and set to "discoverable" (able to be found by other Bluetooth devices in range) may be susceptible to Bluejacking, and possibly to Bluesnarfing when and if Bluesnarfing of the current Bluetooth security becomes possible. By turning off this feature, the potential victim can be safer from the possibility of being Bluesnarfed; although a device that is set to "hidden" may be Bluesnarfable by guessing the device's MAC address via brute force.
Snarfing: is information theft or data manipulation in wireless, local networks
Bluedating (from Bluetooth): A form of dating which makes use of mobile phone and Bluetooth technologies. Subscribers to the service enter details about themselves and about their ideal partner, as they would for other on-line dating services. When their mobile phone comes in the vicinity of that of another subscriber (a radius of about 10 meters) the phones exchange details of the two people. If there is a match, then both users are alerted and can seek each other out and directly chat using Bluetooth (bluechat). Settings can include an option which restricts alerts to subscribers who have a friend in common.
Pod Slurping: Pod Slurping is when your iPod or any portable USB storage device begins to surreptitiously copy large amounts of files from your computer to its hard drive, it's engaged in something called "Pod Slurping". Pod slurping is becoming an increasing security risk to companies and government agencies. Typically, access is gained while the computer is unattended, and this process can occur in as little as 65 seconds.
Ransomware: A program that makes a computer near unusable then demands payment in order for the user to regain full access. It "kidnaps" the computer! Ransomware is also commonly referred to as a "crypto virus" or "crypto trojan." Examples of Ransomware include Gpcode.AK, Krotten, and Archiveus. Ransomware was originally a trojan called PC Cyborg, created by Dr. Joseph Popp. Top of page
Scareware: Scareware is software that tricks people into downloading or purchasing it, under the guise of fixing their computer, when in reality the faux anti-virus program is the real problem. Scareware programs often run a fictitious or careless system scan, and then present the user with a list of malicious programs that must be corrected, always leaving itself off of the list. The scareware then informs that in order to fix these "problems" it will require the user to pay a fee for a "full" or "registered" version of the software. Examples of scareware include: System Security, Anti-Virus 2010, and Registry Cleaner XP.
Sidejacking: Sidejacking is a hacking technique used to gain access to your website specific accounts. Websites typically encrypt your password so it cannot be stolen, but then send you an unencrypted "session-id". The session-id is either some random data in the URL, or more often, random data in a HTTP cookie. A hacker who finds the session-id can then use it to gain access to the respective account. Thus enabling the hacker ability to read your email, look at what you've bought online, or control your social network account, and so on. Robert Graham, who pulled together a variety of known and new vulnerabilities and packaged them into an automated session snatcher, was responsible for this term.
Black Hat: "Black Hat" hackers are those people who specialize in unauthorized breaching of information systems, often times attacking those containing sensitive information. They may use computers to attack systems for profit, for fun, or for political motivations. Attacks often involve modification and/or destruction of data which is done without authorization. They also may distribute computer viruses, internet Worms and deliver spam through the use of botnets.
White Hat: A "White Hat" hacker describes an individual who identifies a security weakness in a computer system or network but, instead of maliciously taking advantage of it, exposes the weakness, and repairs the vulnerability protecting the network from unwarranted intrusions or attacks. The term is taken from old western films, where the white hat cowboy is portrayed as the hero, and the black hat as the villain. Top of page
​