Cybersecurity: Who's a HoneyMonkey? What's a Zero-Day Attack? And Where's a Backdoor?

Cybersecurity is one of the most relevant and sensitive topics in the FinTech sector. Recent stories of data breaches across industries that have occurred with major players have left a bad aftertaste and made users extra cautious about sharing personal information. The situation with cybercrimes is so critical that cybersecurity may become one of the hottest industries by 2020.

The global cybersecurity market will grow to an estimated $170 billion by 2020 from $77 billion in 2015 with the Asia-Pacific region quickly emerging as a major market for cybersecurity interests and North America & Europe remaining the top cybersecurity markets. In fact, the European cybersecurity market is expected to hit $35.53 billion by 2019 while cybersecurity markets in the Asia-Pacific region and Latin America will increase to $32.95 billion and $11.91 billion, respectively.

However, this time, we will rather focus on the concept and the term itself. Often caught up in analyzing industry trends, we forget to go back to the basics and look at the roots. As our contribution to the readers that are just learning about the industry, we are going to look at some of the most important and interesting terms that will contribute to a better understanding of cybersecurity.

Information Systems Audit and Control Association (ISACA), AT&T, PwC, National Credit Union Administration, FBI and a wide range of other authorities have defined an extensive list of terms one needs to know to understand the basics of cybersecurity. We won’t be explaining the general terms like data mining, DDoS, malware, phishing, Trojan and authentication. Instead, let’s look at some rare yet interesting ones provided by these companies.

Black hat hacker: An individual with extensive computer skills used to breach the security of companies for malicious purposes.

White hat hacker: A computer security expert who penetrates networks to warn companies of gaps that a malicious attacker could exploit. They are often employed by the companies themselves to test the durability of their systems.

Grey hat hacker: Ethically between black hat and white hat hackers, grey hats exploit system vulnerabilities, which is technically illegal. They tend not to leverage these hacks as a criminal, but sometimes offer to close the security gap for a fee.

Smurf: The Smurf attack works by spoofing the target address and sending a ping to the broadcast address for a remote network, which results in a large amount of ping replies being sent to the target.

Zombie: A computer connected to the Internet that has been compromised by a hacker, a computer virus, or a Trojan horse.

Hacktivist: A hacker or group that breaches systems for political (rather than monetary) gain.

Spear phishing: A targeted digital attack filled with personal information directed at a specific executive or company.

Botnet: A large number of compromised computers used to create and send spam or viruses, or flood a network with messages such as in a distributed denial of service attack.

Doxing, doxxing: Broadcasting personal information about a person or group, usually done by Internet vigilantes or hacktivists. The term comes from dropping dox using the slang term for .DOCX, the file extension used by Microsoft Word.

Daemon: A program which is often started at the time the system boots and runs continuously without intervention from any of the users on the system. The daemon program forwards the requests to other programs (or processes) as appropriate. The term daemon is a Unix term, though many other operating systems provide support for daemons, though they're sometimes called other names. Windows, for example, refers to daemons as "system agents and services."

Eavesdropping: listening to private communication without permission.

Jamming: An attack in which a device is used to emit electromagnetic energy on a wireless network’s frequency to make it unusable.

Honeypot: A specially configured server, also known as a decoy server, designed to attract and monitor intruders in a manner such that their actions do not affect production systems.

Salt: A non-secret value that is used in a cryptographic process, usually to ensure that the results of computations for one instance cannot be reused by an attacker.

Masquerading: When an unauthorized agent claims the identity of another agent.

HoneyMonkey: An automated system simulating a user browsing websites. The system is typically configured to detect websites which exploit vulnerabilities in the browser. Also known as "honey client."

Keystroke logger, keylogger: A surveillance software that records every keystroke, including usernames and passwords.

Warchalking: Marking areas, usually on sidewalks with chalk, that receive wireless signals that can be accessed.

Fork bomb: A fork bomb works by using the fork() call to create a new process which is a copy of the original. By doing this repeatedly, all available processes on the machine can be taken up.

Ping of death: An attack that sends an improperly large ICMP echo request packet (a "ping") with the intent of overflowing the input buffers of the destination machine and causing it to crash.

Packet: A piece of a message transmitted over a packet-switching network. One of the key features of a packet is that it contains the destination address in addition to the data.

ACK piggybacking: The practice of sending an ACK inside another packet going to the same destination.

Zero-day attack, zero-day exploit: A computer threat that tries to exploit computer application vulnerabilities that is unknown to others or undisclosed to the software developer. Zero-day exploits (actual code that can use a security hole to carry out an attack) are used or shared by attackers before the software developer knows about the vulnerability. A cyberattack that exploits a vulnerability the day it becomes known, or even before vendors are aware they have an issue. Hackers then take advantage until users apply a patch to close the security hole.

Gnutella: An Internet file sharing utility. Gnutella acts as a server for sharing files while simultaneously acting as a client that searches for and downloads files from other users.

Backdoor: A means of regaining access to a compromised system by installing software or configuring existing software to enable remote access under attacker-defined conditions.

Man-in-the-middle attack: An attack strategy in which the attacker intercepts the communication stream between two parts of the victim system and then replaces the traffic between the two components with the intruder’s own, eventually assuming control of the communication assuming control of the communication.

Spoofing: Sending a network packet that appears to come from a source other than its actual source.

Logic bombs: programs or snippets of code that execute when a certain predefined event occurs. Logic bombs may also be set to go off on a certain date or when a specified set of circumstances occurs.