Terms relevant for Information Security.


Advanced Persistent Threats (APT): An adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve its objectives by using multiple attack vectors (e.g., cyber, physical, and deception) over an extended period of time.

Adware: software that automatically plays, displays, or downloads advertisements to a computer, often in exchange for the right to use a program without paying for it.Some can serve as spyware, gathering information about you from your hard drive, the websites you visit, or even your keystrokes. Certain types of adware have the capability to capture or transmit personal information.

Antispyware Software: A program that specializes in detecting both malware and non-malware.

Antivirus Software: A program that monitors a computer or network to identify all major types of malware and prevent or contain malware incidents.


Baiting: A Social Engineering attack, leaves malware-infected physical device such as a USB drives in places where they will be found. The finder picks up the device and accesses it on their computer, which installs malicious software.

Bot: abbreviation of “robot”, a computer infected with malicious software without the user’s knowledge. Cybercriminal can send commands to it and other infected machines over the Internet. Since the compromised computers blindly follow the commands of the cybercriminals, infected machines are also called zombies.

Botnet (bot network): abbreviation of “robot network”, a botnet is a network of hijacked computers controlled remotely by a hacker. The hacker can use the network to send spam and launch Denial of Service (DoS) attacks, and may rent the network to other cybercriminals. A single computer in a botnet can automatically send thousands of spam messages per day. The most common spam messages come from zombie computers.

Browser hijacker: malware that alters browser settings to redirect to websites that you had no intention of visiting. Most browser hijackers alter browser home pages, search pages, search results, error message pages, or other browser content with unexpected or unwanted content.

Brute-force attack: A method to try and break passwords by continuously attempting to log in with different credentials until they find one that works. It could take hours, days or months depending upon the complexity of the password being used.

Business Continuity Plan (BCP): how a business will respond to accidents, disasters, emergencies, and/or threats without any stoppage or hindrance to its key operations.


Channels: Wireless networks use Channels which are separated so the various communication streams don’t interfere with each other. The 802.11 wireless standard allows for channels ranging from 1 thru 14.

Cyberbullying: Bullying that takes place in cyberspace. Includes Internet and mobile phone communication. It may involve harassing, threatening, embarrassing, or humiliating someone online.

Cybercrime; criminal activity using computers and the Internet. It can take many shapes and forms, including the downloading of illegal music or videos files to stealing money from online bank accounts. Can also include nonmonetary offenses, such as creating and distributing viruses.

Cybercriminal: malicious user who use the Internet to commit crimes such as identity theft, PC hijacking, spamming, phishing and pharming, and other types of fraud.

Cybersquatting: registering or using a domain name with malicious intent to profit from the goodwill of a trademark or brand name belonging to someone else. A cybersquatter may offers to sell the domain to the person or company who owns the trademark at an inflated price. Cybersquatters sometimes register variations of popular trademarked names as a way of distributing malware.

Cyber Security: technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access.


Denial of service (DoS): an attack designed to prevent a system from functioning properly as well as denying access to the system by authorized users. Hackers can cause attacks by destroying or modifying data or by overloading the system’s servers until service to authorized users is delayed or prevented.

Distributed denial of service (DDos): a type of denial-of-service (DoS) attack where multiple sources are used to generate traffic to disable or shut down a targeted URL.

Dictionary attack: A method to try and break passwords by going through all the words in a dictionary, trying each one in turn until it finds a password which works.

DNS cache poisoning: A method of attack whereby ‘updated’ data is used to enable the hacker to divert traffic to the hacker’s destination of choice.

Drive-by download attack: when a visitor goes to a website or reads an HTML email and malware is downloaded without their permission or knowledge.

Drive-by login attack: similar to a Drive-by download attack but it limited to an individual email or IP address.


Headless worms: malicious code targeting “headless devices” such as smartwatches, smartphones and medical hardware.


Information: an organised collection of data. Can be on paper, held electronically, in the cloud, verbal etc.

Information Asset: any item that has a value to a business. Can be buildings, systems, people, information, brand, reputation or intellectual property.

Information  Security: the practice of protecting information from unauthorised access, use, disclosure, modification or destruction to protect confidentiality, integrity and availability. Covers both physical and cyber security


Mail bomber: a service cybercriminals use for mass-mailing leads with malware.

Malicious app: a mobile application (app) disguised as a legitimate app that can contain viruses, worms, Trojan horses, malware, spyware, or any other items that may harm user devices or personal data. Cybercriminals distribute malicious apps through legitimate app stores like Google Play by masquerading as a legitimate app.

Malicious code: code designed to damage a system and the data it contains, gather sensitive information, gain unauthorized access, or to prevent the system from being used in its normal manner.

Malvertising: usually executed by hiding malicious code within relatively safe-looking online advertisements. These can lead victims to unreliable content or directly infect a victim’s computer with malware, which may damage a system, access sensitive information, or even control the computer through remote access.

Malware: generic term used to describe any type of software or code specifically designed to exploit a computer or the data it contains, without consent. Malware includes viruses, Trojan horses, spyware, adware and rootkits.

Man In The Cloud (MITC) attack: A method to access cloud services such as Microsoft OneDrive, Google Drive and Dropbox to amend, copy or delete data.

Man In The Middle attack: A method to intercept data and act as a relay/proxy. One way to do this is via an unencrypted WiFi access point in a shop or hotel.


Phishing: sending fraudulent emails disguised as legitimate ones, usually disguised as from a trusted source. The message is meant to trick the recipient into clicking on a link or attachment to install malware.


RADIUS – Remote Authentication Dial In User Service (RADIUS): A networking protocol that provides centralised Authentication, Authorisation, and Accounting management for users who connect and use a network service within a business. Users are authenticated against company systems for added protection.

Ransomware: blocks access to a device and/or files until money is paid.

Rogue Access Points/Rogue APs: Wireless access points installed on a company’s network without the company’s knowledge. They override the legitimate network thereby allowing the hacker to perform a man in the middle attack and intercept data.

Rogue Anti-Virus: pretends to be legitimate Anti-Virus software. Displays fake warnings of virus infections. Victim made to believe that they need to pay to clear the infection.

Rooting: a way that users of mobile devices hack their devices to gain privileged access to the operating system. This gives the user the ability to alter or replace system applications and settings, run apps that require administrator permissions, or perform operations that otherwise would have not been possible.

Rootkits: malware that is designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer. Designed to steal passwords and identifying information.


Scareware: a category of malware which use the strong emotion of fear to get victims of an attack to pay money to restore ‘normality’ to their computer/device. Examples include displaying fake messages about virus infections or system errors and claiming to have locked-down some aspects of the device.

Sniffing/eavesdropping: passively listening to data on a network without the users knowledge by tricking the network into passing all data through the hacker’s computer first.

Smishing: SMS phishing where text messages are sent to encourage people to pay money out or click on suspicious links.

Social engineering: the act of convincing people to provide access to sensitive information. It can be done in many ways; by telephone calls, social media, walking into an office etc.

Social Rat in the Browser (Social RitB): an attack to get access to a computer. A RAT is a Remote Access Trojan. The attack is aimed at online banking done via a browser. The Social element comes in when social engineering is used to convince a user to install a standard remote support tool on their computer. The user is asked to login and stay away from the computer while ‘checks are done’. The checks are fraudulent transactions that can clear out an account.

Spam: an unwanted electronic message, most commonly unsolicited bulk email. Includes legitimate advertisements, misleading advertisements, and phishing messages designed to trick recipients into giving up personal and financial information.

Spyware: spies on a user’s computer. It can capture information such as web browsing habits, email messages, usernames and passwords, and credit card information. Can be installed on a computer through an email attachment containing malicious software.


Tailgating. A Social Engineering attack, when an unauthorized person follows an authorized person into a secure location, usually to steal property or confidential information. This could involve waiting outside a door with two cups of coffee and waiting until someone opens the door and lets them in.

Trojan horse (or Trojan): malicious programs disguised as legitimate software. Unlike a Virus, Trojans don’t replicate.


Unsecured WiFi: a wireless network that doesn’t request the user to log into it via the use of a username and password. These are usually displayed as open networks.


Virtual private network (VPN): A way of using the public internet like a secure private network. It encrypts data and routes it through remote servers, keeping details private and secure.

Virus: a computer program file capable of attaching to disks or other files and replicating itself repeatedly, typically without user knowledge or permission.

Vishing: persuading victims to hand over personal details or transfer money, over the telephone. Criminals may have name, address, phone number, bank details – essentially the kind of information you would expect a genuine caller to have. They make you believe your money is in danger and have to act quickly.


WEP – Wired Equivalent Privacy: The first wireless security scheme. Designed to provide security that was essentially equivalent to the privacy that was enjoyed in a wired environment. The least secure type of wireless network available.

WPA – Used Temporal Key Integrity Protocol (TKIP): This improves the security of WEP. It uses WEP for encryption, but it makes the attacks used to crack WEP a more difficult and time-consuming.

WPA2-PSK: The next level up from WPA. Designed for the home and small businesses. Uses a pre-shared key (PSK).

WPA2-AES: A version of WPA2 used by businesses. It uses the Advanced Encryption Standard, or AES, to encrypt data and is the most secure. Often coupled with a RADIUS server that is dedicated for authentication.

For more definitions see the Glossary of Key Information Security
Terms maintained by the National Institute of Standards and Technology.