| Antivirus | Software that is designed to detect, stop and remove viruses and other kinds of malicious software |
| App | Short for Application, typically refers to a software program for a smartphone or tablet |
| Attack (Cyber Attack) | Malicious attempts to damage, disrupt or gain unauthorised access to computer systems, networks or devices, via cyber means |
| Bitcoin | One of the most popular forms of Cryptocurrency |
| Black Hat (Hacker) | A malicious hacker – often one who does so purely for the challenge rather than any gain |
| Booter | Used to implement a DoS or DDoS attack. Also known as a stresser |
| Botnet | A network of infected devices, connected to the Internet, used to commit coordinated cyber-attacks without their owner’s knowledge |
| Browser | A software application which presents information and services from the web |
| Brute Force Attack | Using computational power to automatically enter a huge number of combination of values, usually in order to discover passwords and gain access |
| Certificate | A form of digital identity for a computer, user of organisation to allow the authentication and secure exchange of information |
| Certified Ethical Hacker (CEH) | A skilled professional who looks for weaknesses and vulnerabilities in target systems using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate way |
| Closed Source | Closed Source data can only be legitimately accessed by those with permission to do so and generally belongs to a company or organisation. The opposite is Open Source. |
| Cloud | Where shared computer and storage resources are accessed as an online service instead of hosted locally. |
| Cryptocurrency | A digital asset in which encryption techniques are used to regulate the generation of units of ‘currency’ and verify the transfer of funds, operating independently of a central bank |
| Cyber Security | The protection of devices, services and networks — and the information on them — from theft or damage |
| Dictionary Attack | A type of brute force attack in which the attacker uses known dictionary words, phrases or common passwords as their guesses |
| Denial of Service (DoS) Distributed DoS (DDoS) | An attack involving the overloading of a website or web service (such as email) by bombarding it with multiple requests / data messages. If requests come from multiple origins simultaneously it is Distributed. Usually involves a botnet to carry out the attack. Stresser or booter software or websites may be used |
| Download Attack Drive-By Download | The unintentional installation of malicious software or virus onto a device without the user’s knowledge or consent. May also be known as a drive-by download |
| Encryption | A mathematical function that protects information by making it unreadable by everyone except those with the key to decode it. |
| Ethical Hacker | A computer hacker or computer security specialist, who specialises in penetration testing or other security testing. Also see Certified Ethical Hacker and White Hat Hacker |
| Exploit | May refer to software or data that takes advantage of a vulnerability in a system to cause unintended consequences |
| Firewall | Hardware or software which uses a defined rule set to constrain network traffic to prevent unauthorised access to or from a network |
| Grey Hat (Hacker) | A computer hacker who may sometimes violate laws or typical ethical standards, but does not have the malicious intent typical of a black hat hacker and often does legitimate work |
| Hacker | Someone with computer skills who uses them to break into computers, systems and networks (legitimately or not) |
| Honeypot Honeynet | Decoy system or network to attract potential attackers that helps limit access to actual systems by detecting and deflecting or learning from an attack. Multiple honeypots form a honeynet |
| Internet of Things (IoT) | Refers to the ability of everyday objects (rather than computers and devices) to connect to the Internet. Examples include kettles, fridges and televisions |
| Kali (Linux) | A type of Linux operating system which is preconfigured with computer security tools. A favourite with Black Hat hackers too |
| Keylogger | Malware that once installed records all keystrokes from a keyboard and then send them back to the Cyber Attacker. Often reveals usernames, passwords, banking details |
| Linux | A free computer operating system, which can run on the same hardware as Microsoft Windows. Often used to run servers which run the internet and intranets |
| Macro | A small program that can automate tasks in applications (such as Microsoft Office) which attackers can exploit to gain access to (or harm) a system |
| Malware | Malicious software – a term that includes viruses, trojans, worms or any code or content that could have an adverse impact on organisations or individuals |
| Network | Two or more computers linked in order to share resources |
| Open Source | Open Source data is that which is freely available if you know how and where to look. The opposite is Closed Source. An Open Source researcher is trained to look for openly available data. |
| Penetration Testing Pentest / Pentester | Short for penetration test. An authorised test of a computer network or system by a Pentester designed to look for security weaknesses so that they can be fixed |
| Pharming | An attack on network infrastructure that results in a user being redirected to an illegitimate website despite the user having entered the correct address |
| Phishing | Untargeted, mass emails sent to many people asking for sensitive information (such as bank details) or encouraging them to visit a fake website. May result in the installation of Malware. |
| Ransomware | Malicious software that makes data or systems unusable until the Victim makes a payment – usually in Bitcoin |
| Router | The network device which allows multiple internet enabled devices to connect to other networks, usually over the internet |
| Smishing | Phishing via SMS: mass text messages sent to users asking for sensitive information (e.g. bank details) or encouraging them to visit a fake website |
| Social Engineering | Manipulating people into carrying divulging personal or technical information, or carrying out actions such as changing an email address, which is of use to a Cyber Attacker |
| Spear Phishing | A more targeted form of phishing, where the email is designed to look like it’s from a person the recipient knows and/or trusts – such as someone in Management or from a finance department. |
| Stresser / Stressor | Used to implement a DoS or DDoS attack. Also known as a booter |
| Trojan | A type of malware or virus disguised as legitimate software. Often used to take remote control of a computer, or extract and send out confidential data |
| Virus | Programs which can self-replicate and are designed to infect legitimate software programs or systems. May be purely destructive or have other aims. A form of malware |
| Virtual Private Network (VPN) | Software which creates an encrypted network to allow secure connections for remote users, e.g. in an organisation with offices in multiple locations or allows home working |
| Vulnerability | A weakness, or flaw, in software, a system or process. An attacker may seek to exploit a vulnerability to gain unauthorised access to a system |
| Water Holing Watering Hole Attack | Setting up a fake website (or compromising a real one) in order to exploit visiting users |
| Whaling | Highly targeted phishing attacks (masquerading as a legitimate emails) that are aimed at senior executives |
| White Hat (Hacker) | An ethical computer hacker, or computer security specialist, who specialises in penetration testing or other security testing |
| Worm | A self-replicating, self-spreading and self-contained program that spreads across a network |
| Zero Day / 0Day | Recently discovered vulnerabilities (or bugs), not yet known to vendors or antivirus companies, that Cyber Attackers can exploit |
South-East Cyber Crime Unit
Working together to protect communities from cybercriminals
South-East Cyber Crime Unit
Working together to protect communities from cybercriminals