Fact sheets

Lexicon of the perfect little Hacker

In recent years, we have noted a resurgence of computer attacks around the world. From the malicious software “WannaCry” that recently hit close to 300,000 computers in over 150 countries, a virus “Petya” that disrupted the operations of several large international companies, hackers seem to be everywhere and demonstrate an ever renewed creativity, so much so that the question companies ask themselves is not so much “will I be attacked one day?” but rather “when will I be attacked?”.

So, to help you to navigate these dangerous waters and to better understand the terms are used by the experts in cyber security, we are offering you this small lexicon of the most common terms used during “cyber attacks”.

Backdoor: A means to gain unauthorised access, hidden in a program that allows a malicious user to break into a computer system.

For example, create a new administrator account with a password chosen by a hacker.

Hoax: False, obsolete, or unverifiable information that is propagated spontaneously by internet users. Essentially in written form, like an electronic mail, inviting the internet user to forward the information to all his or her contacts, resulting in a chain reaction.

For example, alerts to a virus or child disappearance, promise of happiness, petition request.

Trojan horse: Malicious software with reference to Homer’s Lliade, who under a legitimate appearance performs harmful actions without the knowledge of the user. By introducing a backdoor on the computer, the Trojan horse allows a hacker to take control of the computer via a remote connection, to steal registered passwords, to copy data, and to execute harmful actions.

Concretely, the most often, the hacker sends a mail to the person he is trying to infiltrate and encloses his “Trojan” in an attachment. If the user opens the file, the cookie is installed discretely on the computer, often hidden in a file or program that functions perfectly legitimately, like a game for instance.

Denied service: An attack by saturation consists of sending thousands of messages from dozens of computers in order to overwhelm the servers of a company. Although this technique does not modify the content of a company’s internet site, it does paralyse it for several hours, thus blocking its access to users.

Flaw: Vulnerability in a computer system that allows a hacker to compromise the normal operations of the system, its confidentiality or the integrity of the data it contains.

Malware: Program developed for the purpose of harming by means of a computer system or network. It can take the form of a virus or a computer worm.

Mail bombing: Sending a massive amount of emails (for example, several thousands) to a single recipient with malicious intent. Usually resulting in either by saturating the victim's mailbox or making it impossible for the victim to use his email address.

Patch: A piece of code that is added to software to fix a problem (for example, a bug fix).

Phishing: Theft of identity or confidential information (access codes, bank details) by subterfuge. The scammers are most often considered a trusted organization (banking, PayPal ...) and invite users, by email, to visit a fraudulent site - which looks like the authentic site - and share sensitive information.

Ransomware: Malicious software that hijacks the data contained in a computer system by encrypting and blocking the files contained on the computer and sending the key for decryption only when the user has paid the ransom.

Botnet: A network of infected machines controlled by a remote hacker. The latter can then transmit orders to the machines of the botnet and operate them as he pleases.

Scan: Fraudulent practice, most often from West Africa and Nigeria, which consists of extorting money from Internet users by dangling (promising) money.

For example, an email from a so-called rich African heir who finds himself in distress or in an emergency situation claiming his bank account is blocked. If the user agrees to help him get his money, then he promises in exchange to credit the helpers account with a huge sum of money.

Spamming: Massive sending of electronic messages for promotional or advertising purposes to persons with whom the sender has never had contact but whose information has been unlawfully retrieved.

Computer virus: A malicious program or piece of code that attaches itself to a legitimate file in the hope that the user or the system will execute it, to allow it to spread across a computer system (computer, server, mobile device, etc.) and often to attain the data, the memory, and / or the network.

The propagation from one machine to another is done by the exchange of infected files through a messaging system, backdoors, a fraudulent internet page, memory sticks, and file sharing.

Computer worm: A virus that spreads almost autonomously (without direct human intervention) via the network. It uses a flaw in the system to copy itself where it shouldn’t and then spread its code, without the knowledge of users, to the largest number of targets, and infect the network (address book recovery, sending copies ... ).