Bits N’ Bytes Cybersecurity Education is a 501(c)(3) dedicated to building a human firewall through education on cybersecurity and privacy for all vulnerable populations!

Alphabet Soup of Cybersecurity

  • Home
  • Alphabet Soup of Cybersecurity

Cybersecurity almost has its own alphabet of cyber-related terms. These are the top 40 cybersecurity words made for you!

  • Authentication: The process of identifying a user’s identity, making sure that they can have access to the system and/or files. This can be accomplished either by a password, passkey, or fingerprint scan, sometimes even a combination of the above.
  • Backups: The process of creating a duplicate copy of data (files, systems, applications) and storing it in a separate location, allowing for data recovery in case of a system failure, cyberattack, or accidental deletion.
  • Botnet: A combination of the words “robot” and “network”, a botnet is a network of computers that have been infected with a virus, and now are working continuously in order to create security breaches. These attacks come in the form of disinformation, Bitcoin mining, sending spam emails, and DDoS attacks.
  •  Brute force: a hacking technique that uses trial and error to guess passwords, encryption keys, and login credentials.
  • Cloud: Cloud computing provides on-demand services over the internet. Cloud service providers like Microsoft Azure, AWS, and Google Cloud, which offer on-demand services and are both cost-effective and low-risk in terms of security, make this procedure simple. It also limits the downsides of having physical storage, like space costs, damage, or un-backed up data.
  • Computer Fraud and Abuse Act (CFAA):  Federal law in the US that governs computer crimes such as unauthorized access, data theft, computer damage, computer fraud, and cyberstalking. The goals are to protect cybersecurity and privacy online.
  • Cookie: a small piece of data sent, like a nametag, from a website and stored on the user’s computer by the user’s web browser while the user is browsing.
  • Cyber Attack: Any attempt to breach a logical environment’s security boundary. An attack may concentrate on intelligence gathering, disrupting company operations, exploiting weaknesses, keeping track of targets, stopping work, obtaining value, harming logical or physical assets, or leveraging system resources to enable assaults against other targets.
  • Cybercrime: Any unlawful act; stealing money or data, committed via the computer network.
  • Data Breach: The result of a hacker successfully breaking into a system, gaining control of its network and exposing its data, usually personal data covering items such as credit card numbers, bank account numbers, Social Security numbers, and more.
  • Data protection act: Several laws in the US and in US States giving individuals control over their personal information and protect it from damage, loss, or corruption.
  • DDoS (Distributed Denial of Service): Using multiple hosts and users, hackers bombard a website with a tidal wave of requests to such an extent that it locks up the system and forces it to temporarily shut down.
  • Deepfake: A piece of audio or video that has been altered and changed to make it seem authentic or credible. The most perilous aspect of the prevalence of deepfakes is that they can easily convince individuals into believing in someone’s false authentication. The rise of AI creates more fear of how deep fakes can target people unaware of potential harms. 
  • DNS (Domain Name System): This way of allowing users to access websites by typing in a domain name instead of an IP address. Like uses words instead of the IP address numbers. (Hello.com vs 125.125.125).
  • Encryption: Coding used to protect your information from hackers. Think of it like the code cipher used to send a top-secret coded spy message.
  • Exploit: A means of attack on a computer system, either a series of commands, malicious software, or a piece of infected data. 
  • Firewall: Any technology, be it software or hardware, is used to keep intruders out. Set up to either allow or deny any IP address that tries to access the system or parts of the system. 
  • Black Hat Hacker: Any hacker who attempts to gain unauthorized access to a system with the intent to cause mischief, damage, or theft. They can be motivated by greed, a political agenda, or boredom.
  • White Hat Hacker: A hacker who is invited to test out computer systems and servers, looking for vulnerabilities, to inform the host of where security needs to be buffed up. Sometimes called “ethical hackers.
  • Blue Hat Hacker: A cybersecurity professional who tests systems for vulnerabilities before they are released to the public or works to keep systems protected from Black Hats and fixing the vulnerabilities White Hats find.
  • IP Address:The world IP stands for Internet Protocol. An IP address is a series of numbers allocated to computers, routers, servers, and pretty much anything connected to the Internet, including websites. It functions very similarly to a standard address, allowing users to find any system or device on the global network by specifying its location. (192.154.234 is an example).
  • Internet of Things (IoT): Refers to commonplace items that are connected to the internet and are capable of autonomously collecting and transferring data without requiring human input. Any physical thing that can be given an IP address and can transport data is considered to be a part of the Internet of Things.
  • Malware: A portmanteau of “malicious” and “software”, describing a wide variety of bad software used to infect and/or damage a system. Ransomware, worms, viruses, and trojans are all considered malware. It is most often delivered via spam emails.
  • Man in the Middle Attack
    • An attack on the “middleman”, in this case, defined as the Wi-Fi system that connects users to the Internet. Hackers who commit Man in the Middle Attacks can break the Wi-Fi’s encryption and use this as a means of stealing your personal data because they’re now in the system.
  • Multi-Factor Authentication (MFA): This makes it more difficult for hackers to access your account by requiring you to provide at least two different credentials. MFA requires a second factor to confirm your identity in addition to your username and password, such as a one-time security code, a fingerprint scan, or a face recognition scan.
  • Network: Two or more computers connected together to share resources, exchange files, or enable electronic communications make up a network. A network’s connections to its computers can be made by cables, phone lines, radio waves, satellites, or infrared laser beams.
  • Password Managers: A software that safely keeps and maintains a user’s passwords for accounts. All the data is encrypted, so a user needs a “master password” to access the information.
  • Pen-testing: This simulates a cyberattack on your computer system to look for weaknesses that could be exploited. Pen-testing involves attempting to get into any number of application systems in order to find security holes like unsanitized inputs that are vulnerable to code injection attacks.
  • Personal information: Any kind of data that can identify you such as full name, date of birth, address, Social Security Number. A hacker with your personal information could use it to exploit you for identity theft, financial fraud, and other types of crime.
  • Phishing: A scam where a hacker poses as a legitimate business or organization (especially credit card companies, banks, charities, Internet providers, other utilities) in order to fool the victim into giving them sensitive personal information or inducing them to click a link or attachment that ends up delivering malware. Some target important leaders in the business, called whaling. Others use voice phishing, called vishing, to target people over the phone. 
  • Ransomware: A form of malware that hijacks your system and encrypts your files, denying you access to them until you send money to unlock everything. In other words, it kidnaps your computer and holds it for ransom, hence the clever name.
  • Social Engineering: Instead of breaking in or utilizing technical hacking techniques, this strategy relies on user manipulation and human psychology. An employee might get an email from a social engineer purporting to be from the IT department in order to deceive him into disclosing private information rather than trying to uncover a software weakness in a company system. Phishing attacks are built on a foundation of social engineering.
  • Software: It is a group of applications that instruct a computer to carry out a task. In which Users can download and use a package that contains these instructions. When it is in use the computer reads the program from the storage device and temporarily stores the instructions in random access memory (RAM). 
  •  Spam: a type of unsolicited, bulk message that can be sent via email, text message, social media, or other electronic means. Spam is often used for advertising, phishing, or spreading malware.
  • Spoofing: It’s when a hacker changes the IP address of an email so that it seems to come from a trusted source.
  • Spyware: A form of malware used by hackers to spy on you and your computer activities. If a mobile device such as a smartphone is infected with spyware, a hacker can read your text messages, redirect your phone calls, and even track your physical location.
  • Trojan Horse: This type of malware misleads computer programs by looking innocent, but in fact allows the hacker into your system via a back door, allowing them to control your computer.
  • Trolling: type of online harassment where someone posts or comments to deliberately upset others.
  • User Authentication: A technique to prevent unauthorized users from accessing sensitive data is user authentication. For instance, User A can only see data that is relevant and cannot view User B’s sensitive information.
  • Virus: Malware that changes, corrupts, or destroys information, and then spreads to other systems, usually by otherwise benign means (e.g. sending an email). 
  • VPN (Virtual Private Network): This is a method of connecting a series of computers and devices in a private encrypted network, with each user’s IP address being replaced by the VPN’s IP address. Users get Internet anonymity, making it difficult for hackers to attack.
  • Worm: Malware that can reproduce itself for the purposes of spreading itself to other computers in the network. Particularly nasty, worms can either be simply a means of slowing down a system by eating up resources, or by committing exploits such as installing back doors or stealing data. 

For more information and a longer list of terms go to the US NICCS (National Initiative for Cybersecurity Careers and Studies) Vocabulary list:  https://niccs.cisa.gov/cybersecurity-career-resources/vocabulary