Cybercrime Terms

Glossary of Cybercrime Terms

Cybercrime Dictionary

back door -- a vulnerability intentionally left in the security of a computer system or its software by its designers

biometrics -- the use of a computer user's unique physical characteristics -- such as fingerprints, voice, and retina -- to identify that user

black hat -- a term used to describe a hacker who has the intention of causing damage or stealing information

bypass -- a flaw in a security device

ciphertext -- data that has been encrypted

Computer Emergency Response Team (CERT) -- an organization that collects and distributes information about security breaches

countermeasure -- any action or device that reduces a computer system's vulnerability

cracker -- a term sometimes used to refer to a hacker who breaks into a system with the intent of causing damage or stealing data

cracking -- the process of trying to overcome a security measure

cryptography -- protecting information or hiding its meaning by converting it into a secret code before sending it out over a public network

crypto keys -- the algorithms used to encrypt and decrypt messages

cybercrime -- crime related to technology, computers, and the Internet

decrypt -- the process of converting encrypted information back into normal, understandable text

denial of service (DoS) -- an attack that causes the targeted system to be unable to fulfill its intended function

digital signature -- an electronic equivalent of a signature

domain name -- the textual name assigned to a host on the Internet

dumpster diving -- looking through trash for access codes or other sensitive information

email -- an application that allows the sending of messages between computer users via a network

encryption -- the process of protecting information or hiding its meaning by converting it into a code

firewall -- a device designed to enforce the boundary between two or more networks, limiting access

hacker -- a term sometimes used to describe a person who pursues knowledge of computer and security systems for its own sake; sometimes used to describe a person who breaks into computer systems for the purpose of stealing or destroying data

hacking -- original term referred to learning programming languages and computer systems; now associated with the process of bypassing the security systems on a computer system or network

high risk application -- a computer application that, when opened, can cause the user to become vulnerable to a security breach

hijacking -- the process of taking over a live connection between two users so that the attacker can masquerade as one of the users

host -- a computer system that resides on a network and can independently communicate with other systems on the network

Hypertext Markup Language (HTML) -- the language in which most webpages are written

information security -- a system of procedures and policies designed to protect and control information

Internet -- a computer network that uses the Internet protocol family

Internet Relay Chat (IRC) -- a large, multiple-user, live chat facility

Internet service provider (ISP) -- any company that provides users with access to the Internet

intranet -- a private network used within a company or organization that is not connected to the Internet

intrusion detection -- techniques designed to detect breaches into a computer system or network

IP spoofing -- an attack where the attacker disguises himself or herself as another user by means of a false IP network address

keystroke monitoring -- the process of recording every character typed by a computer user on a keyboard

leapfrog attack -- using a password or user ID obtained in one attack to commit another attack

letterbomb -- an email containing live data intended to cause damage to the recipient's computer

malicious code -- any code that is intentionally included in software or hardware for an unauthorized purpose

one-time password -- a password that can be used only once, usually randomly generated by special software

packet -- a discrete block of data sent over a network

packet sniffer -- a device or program that monitors the data traveling over a network by inspecting discrete packets

password -- a data string used to verify the identity of a user

password sniffing -- the process of examining data traffic for the purpose of finding passwords to use later in masquerading attacks

pen register -- a device that records the telephone numbers of calls received by a particular telephone

phracker -- a person who combines phone phreaking with computer hacking

phreaker -- a person who hacks telephone systems, usually for the purpose of making free phone calls

piggyback -- gaining unauthorized access to a computer system via another user's legitimate connection

piracy -- the act of illegally copying software, music, or movies that are copyright-protected

Pretty Good Privacy (PGP) -- a freeware program designed to encrypt email

probe -- an effort to gather information about a computer or its users for the purpose of gaining unauthorized access later

risk assessment -- the process of studying the vulnerabilities, threats to, and likelihood of attacks on a computer system or network

smart card -- an access card that contains encoded information used to identify the user

sniffer -- a program designed to capture information across a computer network

social engineering -- term often used to describe the techniques virus writers and hackers utilize to trick computer users into revealing information or activating viruses

spam -- unsolicited commercial email

spoofing -- the process of disguising one computer user as another

trap and trace device -- a device used to record the telephone numbers dialed by a specific telephone

Trojan horse -- an apparently innocuous program that contains code designed to surreptitiously access information or computer systems without the user's knowledge

virus -- a computer program designed to make copies of itself and spread itself from one machine to another without the help of the user

war dialer -- software designed to detect dial-in access to computer systems

warez -- slang for pirated software

white hat -- a hacker whose intentions are not criminal or malicious

wiretapping -- the interception of electronic communications in order to access information

worm -- a computer program that copies itself across a network