DVIDS – News – Understanding IT terminology is the key to prevention

QUANTICO, VA (July 7, 2021) – Cyber ​​is now commonplace and a part of everyday life. Since April, more than 200,000 incidents have been reported to the Internet Crime Complaint Center, a major pipeline has been shut down in the United States, and the world’s largest meat processing company has fallen victim to ransomware.

According to the Army Criminal Investigation Command’s Major Cybercrime Unit, the best way to protect yourself against cybercrime is to know and understand what cybercrime entails.

Commonly used cybernetic terms below follow on from Cybernetic 101 terminology and should be used as a quick reference guide to well-known intermediate cybernetic terms.

Commonly Used Terms

Authentication factor: Data used to identify a person to access an information system. Authentication factors can be something you know (usernames, passwords, secret questions), something you have (USB token, smart card, PKI certificate), something you are (fingerprint digital, DNA, retina model), something you do (annotate text in an image, clicking only on storefront images), or somewhere you are (GPS location).

Backdoor: means any method allowing an authorized or unauthorized user to bypass some or all of the security measures to gain access to a computer system, a network or a software application. Not all backdoors are bad – they can be used to help users who are stuck outside their system.

Tag: A type of malware that consistently calls an IP address or specified URL from a victimized system. A pending threat agent can respond to this beacon, establishing a connection that provides partial or even full remote access to the victim system.

Black Hat: A hacker who breaks into a network or device without consent to carry out malicious activities that can be used to harm the owner / users.

Encrypted Text: An unreadable and unintelligible group of alphanumeric characters produced from an encryption (an algorithm for performing an encryption or decryption) or the input of a reverse encryption.

Clickjacking: Attack that tricks victims into clicking on a disguised link, which may cause the victim to reveal confidential information or allow others to gain access to the victim’s system.

Client: A host that seeks to use the resources of a server.

Client / server network: In this network, individual workstations send requests to a central server, and the server provides all the resources.
Computer Networking (CNE): Consists of techniques and processes that use computers or computer networks to collect data on targeted systems and networks.
Cracking: When an attacker generates a set of values ​​that represent possible legitimate authentication factors, then tests those values ​​against the authentication system to see which one is correct.
Cross-site Scripting (XSS): Occurs when an attacker sends a script that is executed by the web browser of a victimized system or in another browser window accessing a different site.
Cryptocurrency: Or just crypto, any digital currency that uses an online ledger and cryptography to secure transactions.
Cryptography: The discipline that embodies the principles, means and methods of transforming data to hide their semantic content, prevent their unauthorized use or prevent their undetected modification.
Dark Web: is a subset of the Deep Web. Its content is not indexed and consists of overlaid networks that use the public Internet but require software, configuration or unique access authorization; designed to hide the identity of the user. Usually contains anonymous journalism and deals for illegal goods and services, and is regularly used by threat actors.
Decryption: The process of transforming encrypted text into plain text.
Deepfake: An audio or video clip that has been edited and manipulated to appear real or (make two lines believable.
Deep Web: Online content that is not indexed by traditional search engines. Content is accessible to the general public but is harder to find unless you have the correct URL. Legitimate uses of the deep web include online banking, webmail, cloud storage, and legal documents.
Denial of Service (DoS): is an attack that prevents a computing resource from communicating over a network, preventing it from being available to fulfill its purpose temporarily or permanently.
Directory: is a centralized list of resources such as users, groups, files, and applications. Directories are also called folders.
Distributed Denial of Service (DDoS): This is a DoS attack that originates / distributes many different host systems. In other words, this is an attack that involves using multiple computers to flood a single target simultaneously, causing a denial of service condition. The acronym D / DoS is a common method of referring to both DoS and DDoS attacks.
Encryption: Converting plain text to cipher text using a cryptographic algorithm. Encryption is commonly used to ensure the confidentiality and integrity of electronic communications and is a direct application of cryptography.
Host: Any device, such as a computer, that connects to a network.
IPv4: Or IP version 4, is a 32-bit numeric address written as four sets of numbers, called bytes, separated by periods (for example, 131.107.10.7).
IPv6: or IP version 6, is a new method of IP addressing implemented on newer computers and network equipment that provides more address space than IPv4. It is written as eight groups of hexadecimal digits separated by colons (for example, 2001: 0db8: 85a3: 08d3: 1319: 8a2e: 0370: 7334).
Metadata: Structured information that describes, explains, locates or facilitates the retrieval, use or management of an information resource. Or more simply, metadata is data about data.
Ransomware: A form of malware that deliberately prevents the victim from accessing computer files (holding the data hostage until a ransom is paid) or threatens to disclose the victim’s data unless a ransom is issued. paid.
Rootkit: A set of programs placed by an intruder at the root of the system (the directory where operating system files are stored) to manipulate the system and facilitate the concealment of its presence.
Script: list of commands executed by a program.
Server: piece of hardware or software that provides services to other devices or programs on a network. In other words, a host that receives requests to use its resources.
Structured Query Language (SQL) Injection: An attack in which unauthorized SQL commands (or just database commands) are used to trick a server into treating data input as a base query normal data. SQL injections allow hackers to exploit security holes in the software that runs a website.
Surface Web: Contains content for the general public that is indexed by traditional search engines and easily accessible using any Internet browser. Examples include news websites, social media, and even the US military website.
Threat: The potential source of an adverse event.
Threat agent: or threat actor, is a specific person or event that performs unauthorized actions against a system.
Web Crawler: also known as a robot; spider; or simply crawler, is a program that can be used to automatically browse a site and track and record all available links. Search engines use robots to browse the Internet and create an index of available sites in order to provide its users with effective search results.
White Hat: a hacker who attacks a network to obtain sensitive information with the consent of the owner; typically used to test infrastructure vulnerabilities.

Cybercrime Prevention Flyers (CPF) are produced as part of the CID Cyber ​​Lookout program to promote internet safety for the collective army family and provide recommendations to strengthen your cybersecurity posture and prevent cybercrime before that it does not happen. This CPF and all past CPFs are available at https://www.cid.army.mil/mcu-advisories.html.

Additional cyberterminology can be found at CyberTerminology101.pdf (army.mil).