Top 22 Hacking Terms That Security Professionals Use (2022)
It's time to get up to speed on hacking terms. If you want to stay ahead of the curve, you need to be familiar with hacker lingo.
Phishing is an email scam where cybercriminals try to steal your personal information by posing as someone you know. They lure you into supplying sensitive personal information such as your banking details or passwords.
The phishing email may appear to come from a well-known company, such as your bank or email provider, and ask you to supply personal information to verify your account. Or the email may try to lure you into clicking on a link that takes you to a fake website.
Be extremely careful when supplying any personal information online, and never trust unsolicited requests for information.
Malware is a type of malicious software designed to exploit vulnerabilities in your computer system to steal information, disrupt operations, or gain control of the computer. Malware can come as:
- Trojan horses
Be vigilant about what you download and install on your computer. Always use caution when clicking on links in emails or visiting websites you don't know. It’s good practice to always scan any files you download from the internet.
Ransomware is malware that blocks you from accessing your computer files, systems, or networks until you pay a ransom for their return. Ransomware works by preventing access to your computer or encrypting your files, databases, or applications.
A ransom message promising to restore access will appear. The message usually requests the amount in cryptocurrency, and where to send it to get your files back. Paying a ransom doesn't guarantee you will get your data back.
Email and IP spoofing are everyday hacks met by users worldwide. Email spoofing is a common hack technique used by hackers to make emails appear as if they have come from trusted sources. For example, a hacker can create an email that looks like it's from your bank.
IP spoofing is where Internet Protocol (IP) packets are changed and sent to your computer with an altered IP from a seemingly trusted host. Hackers can then hide their identity, impersonate another computer system, or both. IP spoofing allows hackers to conduct often undetected malicious actions to:
- steal your data
- infect your device with malware
- crash your server
Spyware is malware that collects information about your online activities, such as the websites you visit and the emails you send. It can also track your keystrokes, steal passwords, and even hijack your computer.
Spyware can easily infiltrate a device and remain undetected as it installs on your computer without your knowledge or consent. Spyware can be difficult to remove, as it often exists in hidden areas on a computer or phone.
Adware is spyware that often pops up on people's computers without their knowledge or consent. You'll recognize adware as it:
- shows annoying pop-up ads
- tracks your movements online
- collects your personal information
- installs viruses and spyware
- hijacks your browser
Adware can harm your device by slowing it down. Google Safe Browsing helps prevent it by showing a warning when visitors visit such an untrustworthy website.
Encryption can protect your data from unauthorized views. Encryption transforms readable data into an unreadable format to protect it from unauthorized access or theft. However, cybercriminals use encryption to:
- disguise malware
- bypass security controls
- hide their tracks
- encrypt files during ransomware attacks
8) Zero Day threat
A Zero-Day threat is a security vulnerability that the software manufacturer has not publicly disclosed or recognized. Hackers can exploit these vulnerabilities to access data, systems, or networks. So, it is impossible to detect by antivirus software. To protect yourself, always patch and update your software.
9) Brute Force Attack
Hackers use brute force attacks to gain access to your account. The attack often targets admin accounts to gain access to steal information and documents. Brute Force Attacks try every possible password combination until they find one that works.
The S in HTTPS stands for Secure. Your browser address bar's lock shows that this site is HTTPS encrypted, so you know it's a secure encryption.
HTTPS uses two security measures, SSL, and TLS, to help protect the data you transmit over the internet. Always ensure the sites you visit are secure.
A bot is a computer program designed to automate specific tasks on a website. The search engine Google uses bots to scan websites and index them. However, when hackers use these bots, they can be programmed to perform malicious tasks and introduce malware into the system.
Botnets are networks of bots controlled by hackers. Cybercriminals use them to:
- send spam emails
- launch denial-of-service (DDoS) attacks
- steal information
- cover the hacker's tracks
To avoid being infected with botnets, keep your software up to date and use strong passwords.
13) Distributed Denial of Service Attack (DDOS)
A DDoS attack uses bots or zombies to send massive amounts of traffic to a website. This deluge can prevent legitimate users from accessing the site and may even crash the server, disrupting all activity.
A firewall is a network security system. It checks your incoming and outgoing network traffic to help protect your computer from unauthorized access. It blocks incoming traffic from unauthorized sources and can also help protect against malware and viruses. A firewall can be either hardware, software, or both.
Inbound security rules monitor traffic coming into your system to:
- block malicious files from being
- prevent intrusions by hackers
- stop receiving spam emails
Outbound security rules monitor traffic, leaving your system to:
- allow legitimate users to access the internet
- block spam emails from being sent
- stop malware from being executed
Malicious hackers strive to circumvent firewalls, which require continual updates, adjustments, or replacement with new security measures over time.
A payload is the actual data transmitted over a network. In hacking terminology, the payload of an attack is the malicious code or data that is executed on a target system so it can:
- compromise your data
- destroy information
- hijack your computer system
16) Black Hat / White Hat / Grey Hat
Hackers are categorized by the type of "hat" they wear.
A black hat hacker practices malicious, illegal activity to cause harm to systems or individuals.
A white hat practices ethical hacking, where they find security flaws and vulnerabilities for companies before black hats exploit them. White hat hackers use the same hacking techniques as black hats, but they do it with the owner's permission. So, it's legal.
A gray hat hacker works between the two extremes of their black and white hat counterparts. They will often hack without the owners' permission to find security vulnerabilities. They usually do this out of curiosity rather than steal or cause pain.
A rootkit is malware that hides inside your computer's operating system. When the rootkit is activated, it grants access to all your system's resources, including passwords, email addresses, and other personal information.
They are one of the scariest methods as they can go undetected and are injected by:
- unsafe websites
- infected hard drives
It’s lethal as it can erase its tracks and go undetected because it runs at the system level. It's tough to detect even by skilled IT security professionals.
18) RAT (Remote Access Tool)
A RAT is malware that allows an attacker to control and check your activities from a remote location. RATs can:
- steal data
- spy on the victim
- take over their computer
Hackers spread RATs by:
- spam emails
- infected websites
- shady file-sharing networks
SPAM is the most common cyber-crime. It's the unsolicited, unwanted messages sent in bulk via:
- text messages
- phone calls
- social media
SPAM is intrusive and annoying. Those links could be malware or phishing scams. So, permanently delete spam and use a spam filter.
A worm is malware that can spread through networked computers by copying and pasting infected files. Worms can cause considerable damage by infecting systems with malicious software, deleting data, or causing widespread network outages. They are often used to exploit security vulnerabilities and steal sensitive information.
21) Evil Maid Attack
An evil maid attack is an exploit that physically targets an unattended device. For example, a maid could tamper with your computer in your hotel room to access and steal its data later. The most likely targets are:
- Company executives
- Government officials
22) R.U.D.Y attack
R.U.D.Y. stands for 'R U Dead Yet?'. A denial-of-service attack tool aims to tie up a web server by submitting form data absurdly slow. A successful R.U.D.Y. attack will mean that the server will be unreachable by legitimate traffic.
As you can see, hacking is an important topic. Learning about hacking terms will help you stay safe online.
About Robert Stark: Robert is a Taiwan-based writer and digital marketer. He has a passion for helping people simplify their lives through tech.
Patrick Yu is a Senior Project Manager at Level Interactive and has 8 years of experience writing business, legal, lifestyle, gaming, and technology articles. He is a significant contributor to Acer Corner and is currently based in Taipei, Taiwan.