Glossary: 20 terms to better understand the world of cybercrime - Part 1
There has never been so much talk in hacking in Brazil as in the past two weeks. This has initiated a series of discussions on digital security, which usually involve some very specific terms and are often not understood by someone who is not very familiar with the area.
A backdoor is a vulnerability deployed on a system. Its literal translation is "back door", which explains the idea well. It can be purposely put into software by a developer to allow government spying on users, for example. It is usually thought to be secretive and of restricted use, but it is not uncommon for hackers to discover it and start using it in other ways.
A botnet is a network of bots, as its name implies. However, instead of robots in the more conventional sense, the bots in this case are devices like computers, cell phones, security cameras and basically any device connected to the internet that have been infected with some type of malware. These devices can be remotely controlled to operate together in multiple action types. A common activity for botnets are Denial of Service (DDoS) attacks.
This word always generates controversy. In the past, it was used to define the "evil hacker," the person who used his knowledge of technology for crime. However, time tried to give it a new meaning. "Crackear" in digital jargon is to provide a pirated version of software (a game, for example) on the internet after breaking the protection that prevents the use of pirated copies.
The term most accepted today to define what was called a "cracker" in the past is "black hat" (read the "Hacker" below).
It is a crucial part of any security system. Briefly, it consists of encrypting information (a password, for example), in a way that can not be interpreted by those who intercept it for evil purposes. Only those who are in possession of the decryption keys can decrypt the data.
There are multiple types of cryptography, for various purposes. One type that has become quite famous is the end-to-end encryption seen in WhatsApp, which encrypts the message before it leaves the user's cell phone and only deciphers it when it reaches its intended recipient, so neither WhatsApp nor any hacker who intercepts content in the middle of the path can understand it.
The DDoS attack is known in good English as denial of service attack. It consists of overloading a server with useless requests until it is unable to perform its primary task. This could include, for example, the overthrow of a site or a service such as Telegram, which recently underwent a major attack.
This type of attack is not aimed at stealing information, since there is no invasion of the servers, but rather cause disruption. It is in many cases carried out by the botnets previously mentioned, using millions of infected devices to clog a server of false requests, leaving them slow or unusable.
Deep Web is, by definition more precise, everything that is not cataloged by search engines like Google, and this does not necessarily have to do with crimes. Pages that belong to Deep Web include, for example, your email: you can not read what you receive in your inbox from Google. This holds true for any other type of inaccessible material without a password.
Over time, the term Deep Web became famous for one of its applications, known more precisely as Dark Net, which is the part of the internet that can not be accessed without the browser Tor. In this space are, for example, drug dealers , rent killers, pedophiles and basically all kinds of people who can benefit from the anonymity provided by the very strong encryption network Tor.
Technically, Dark Net is part of Deep Web, since pages are not cataloged by search engines, but Deep Web is much larger than Dark Net.
A defacing is a virtual graffiti. It is an attack that uses vulnerabilities to deploy a message, often politics, to a site. In recent years, this type of attack has hit many pages of political parties to show criticism or messages of support to its opponents. Often, however, they are made just for fun (see item "Lulz" below).
Social engineering is a somewhat confusing term, but it represents a very simple concept: the clever. It is used to define hacker attacks that do not necessarily involve great technological knowledge; to succeed, simply fool the victim into giving away the information that the cybercriminal needs willingly.
This may include, for example, calling the victim by going through some type of technical support or claiming that she has won a prize and needs her data to complete a registration.
The term is used to define an attack technique developed based on a security flaw in some system. For example, the WannaCry malware, which became famous after reaching hundreds of thousands of computers in a few hours in 2017, used an exploit called EternalBlue to take advantage of a flaw in Windows, which allowed its rapid spread and infection.
In the world of cybersecurity, a brute-force attack is a technique that aims to penetrate an account or server by breaking your password based on trial and error. This means that instead of contacting the victim to try to get their password or use some more refined technique, the hacker sets up machines that try to get multiple combinations of letters, numbers and symbols until they find the correct keyword.
It is not a guaranteed successful technique since systems are developed with a view to avoiding brute-force attacks, limiting the amount of attempts that can be made in a given period of time.