Glossary of Cybercrime Terms
Cybercrime Dictionary
back door -- a vulnerability intentionally left in the security of a computer system or its software by its designers
biometrics -- the use of a computer user's unique physical characteristics -- such as fingerprints, voice, and retina -- to identify that user
black hat -- a term used to describe a hacker who has the intention of causing damage or stealing information
bypass -- a flaw in a security device
ciphertext -- data that has been encrypted
Computer Emergency Response Team (CERT) -- an organization that collects and distributes information about security breaches
countermeasure -- any action or device that reduces a computer system's vulnerability
cracker -- a term sometimes used to refer to a hacker who breaks into a system with the intent of causing damage or stealing data
cracking -- the process of trying to overcome a security measure
cryptography -- protecting information or hiding its meaning by converting it into a secret code before sending it out over a public network
crypto keys -- the algorithms used to encrypt and decrypt messages
cybercrime -- crime related to technology, computers, and the Internet
decrypt -- the process of converting encrypted information back into normal, understandable text
denial of service (DoS) -- an attack that causes the targeted system to be unable to fulfill its intended function
digital signature -- an electronic equivalent of a signature
domain name -- the textual name assigned to a host on the Internet
dumpster diving -- looking through trash for access codes or other sensitive information
email -- an application that allows the sending of messages between computer users via a network
encryption -- the process of protecting information or hiding its meaning by converting it into a code
firewall -- a device designed to enforce the boundary between two or more networks, limiting access
hacker -- a term sometimes used to describe a person who pursues knowledge of computer and security systems for its own sake; sometimes used to describe a person who breaks into computer systems for the purpose of stealing or destroying data
hacking -- original term referred to learning programming languages and computer systems; now associated with the process of bypassing the security systems on a computer system or network
high risk application -- a computer application that, when opened, can cause the user to become vulnerable to a security breach
hijacking -- the process of taking over a live connection between two users so that the attacker can masquerade as one of the users
host -- a computer system that resides on a network and can independently communicate with other systems on the network
Hypertext Markup Language (HTML) -- the language in which most webpages are written
information security -- a system of procedures and policies designed to protect and control information
Internet -- a computer network that uses the Internet protocol family
Internet Relay Chat (IRC) -- a large, multiple-user, live chat facility
Internet service provider (ISP) -- any company that provides users with access to the Internet
intranet -- a private network used within a company or organization that is not connected to the Internet
intrusion detection -- techniques designed to detect breaches into a computer system or network
IP spoofing -- an attack where the attacker disguises himself or herself as another user by means of a false IP network address
keystroke monitoring -- the process of recording every character typed by a computer user on a keyboard
leapfrog attack -- using a password or user ID obtained in one attack to commit another attack
letterbomb -- an email containing live data intended to cause damage to the recipient's computer
malicious code -- any code that is intentionally included in software or hardware for an unauthorized purpose
one-time password -- a password that can be used only once, usually randomly generated by special software
packet -- a discrete block of data sent over a network
packet sniffer -- a device or program that monitors the data traveling over a network by inspecting discrete packets
password -- a data string used to verify the identity of a user
password sniffing -- the process of examining data traffic for the purpose of finding passwords to use later in masquerading attacks
pen register -- a device that records the telephone numbers of calls received by a particular telephone
phracker -- a person who combines phone phreaking with computer hacking
phreaker -- a person who hacks telephone systems, usually for the purpose of making free phone calls
piggyback -- gaining unauthorized access to a computer system via another user's legitimate connection
piracy -- the act of illegally copying software, music, or movies that are copyright-protected
Pretty Good Privacy (PGP) -- a freeware program designed to encrypt email
probe -- an effort to gather information about a computer or its users for the purpose of gaining unauthorized access later
risk assessment -- the process of studying the vulnerabilities, threats to, and likelihood of attacks on a computer system or network
smart card -- an access card that contains encoded information used to identify the user
sniffer -- a program designed to capture information across a computer network
social engineering -- term often used to describe the techniques virus writers and hackers utilize to trick computer users into revealing information or activating viruses
spam -- unsolicited commercial email
spoofing -- the process of disguising one computer user as another
trap and trace device -- a device used to record the telephone numbers dialed by a specific telephone
Trojan horse -- an apparently innocuous program that contains code designed to surreptitiously access information or computer systems without the user's knowledge
virus -- a computer program designed to make copies of itself and spread itself from one machine to another without the help of the user
war dialer -- software designed to detect dial-in access to computer systems
warez -- slang for pirated software
white hat -- a hacker whose intentions are not criminal or malicious
wiretapping -- the interception of electronic communications in order to access information
worm -- a computer program that copies itself across a network