The Alpha Threat

A

AS4808: A Chinese network associated with major spying campaigns, including breaking into 1,000 Hotmail accounts.

B

Blackshades: A malicious virus software used by hackers to control computers remotely, including accessing the webcam and logging keyboard strokes. It targets Windows-based operating systems. US officials say over 500,000 computer systems have been infected worldwide with the software which was being sold for $40. The FBI arrested 100 people who had downloaded the virus in 2014.

Brute force attack: A brute force attack is an automated search for every possible password to a system. It is an inefficient method of hacking compared to others like phishing. It’s used usually when there is no alternative. The process can be made shorter by focusing the attack on password elements likely to be used by a specific system.

C

Clone phishing: The modification of an existing, legitimate email with a false link to trick the recipient into providing personal information.

D

Denial of service attack (DoS): Used to take a website out of action. The attack sends so many content requests to the site that the server overloads. Some have described such attacks as the Internet equivalent of street protests and some groups, such as Anonymous, frequently use it as a protest tool.

Distributed denial of service attack (DDoS): A DoS using a number of separate machines.

Doxing: Discovering and publishing the identity of an otherwise anonymous Internet user by tracing their online publically available accounts, metadata, and documents like emails.

E

E-crime Virus: A bogus email purporting to be from the Metropolitan police or US Department that states: “This computer has been locked due to illegal activity” before demanding a ransom.

F

Firewalls: Personal firewalls – sometimes known as ‘software firewalls’ or ‘desktop firewalls’.

G

Grey hat hacker: Someone who breaks the law in the pursuit of a hack, but does not do so maliciously or for personal gain.

H

Hacktivist: A hacker whose goals are social or political.

I

IRC: Internet relay chat, a protocol used by hackers for one-on-one conversations to communicate or share files.

J

Jurisdiction: What makes cybercrime detection so hard to enforce.

K

KVM: A keyboard video mouse. A gadget which fits into the back of a bank’s cash machine to allow a thief to transfer cash from its computer systems while he sits at home.

L

Logic Bombs: A device, virus, or programme designed to cause damage at a time of the attacker’s choosing.

M

Malware: A software program designed to hijack, damage, or steal information from a device or system. Examples include spyware, adware, rootkits, viruses and keyloggers. The software can be delivered in a number of ways, from decoy websites and spam to USB drives.

N

Near Field Communication: Otherwise known as contactless payment. Works by means of a wireless chip containing the user’s payment card details, embedded in a mobile phone or on a payment card.

O

Offences: Cybercrime can be defined as offences committed against individuals or groups with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm or loss to the victim, using modern telecommunication networks such as the Internet (Chat rooms, emails, notice boards and groups) or mobile phones.

P

Paste Bin: The first signs of an online service being compromised is often when attackers publish part or all of the hacked data on this site.

Pharming: ending up at a fake site even though you entered the address for the authentic one.

Q

Quarantine: Where anti-virus software stores a virus.

R

Ratting: Remote Access Trojans (RATs) are usually invisibly downloaded with a program requested by you – for example a game – or an email attachment. They are often used to take control of webcams with the objective of the resulting video or images being used for blackmail or inappropriate uses.

S

Script kiddie: A would-be cracker
without technical skills. Script kiddies use purchased or downloaded cracking tools to attack systems and deface them, often just to appear cool to their friends.

Social engineering: Conning people into giving you confidential information, such as passwords to their accounts.

Spoofing: Altering the header of an email so that it appears to come from elsewhere – like a bank.

T

Trojan: A Trojan is a type of malware that is disguised as a desirable piece of software and usually installs a back door in the infected machine.

U

United States Cyber Command: Synchronises defence of US military networks.

V

Vishing: Voice phishing – fraudulently obtaining personal details by phone, often having already hacked or intercepted personal information.

W

Whaling: Spear-phishing that targets the big fish in companies for higher gains or to cause maximum embarrassment.

Waking Shark: Bank Of England investigation into the cyber security of Britain’s banks.

X

Xbox and Playstation networks were both taken offline in attacks by a group of hackers called Lizard Squad – who included a 13-year-old.

Y

Yakuza: Cybercrime is becoming a major source of revenue for the world’s top 5 crime gangs – Solntsevskaya Bratva (The Russian Mafia) Yamaguchi Gumi (Yakuza), Camorra (Naples-based mafia) ‘Ndrangheta’ (Calabria-based mafia) and the Sinaloa Cartel, Mexico’s largest drug cartel.

Z

Zero day exploit: A zero day attack is a previously unknown vulnerability in a system. It is the first such exploitation of a weak spot by a hacker.