Malware

The term malware is a combination of English words ‘malicious’ and ‘software’ and describes the intent of the author of such a program rather than its specific features. The overall term of malware includes computer viruses, computer worms, Trojan horses, crimeware, spyware, ransomware and adware.

Computer virus

In computer security, a virus is a program that can spread itself without the user’s knowledge. For replication it is inserted into other executable files or documents. Viruses are just one type of the so-called malware, malicious software. Generally, worms and other types of malware are also (incorrectly) referred to as viruses.

Computer worm

It is a computer program capable of automatic replication of itself in order to spread to other computers. After it infects the system, it takes control of the communication network software which then uses for its own spreading.

Trojan horse

It is a part of a program or application hidden for the user with a function that the user doesn‘t want (typically it is a malicious activity). The name Trojan Horse comes from the ancient story of the conquest of Troy.

Crimeware

It is the name for the type of malware that is created to make cybercrime automatic. It can be used for example to steal identity, logins, execute unauthorized bank transactions, or to steal sensitive personal and company data.

Spyware

It is a program that uses a website to send data from a computer (or mobile phone or other device) without the user’s awareness.

Ransomware

It is a kind of malware that blocks or encrypts a computer system and then requests the victim to pay a ransom in order to renew the access. Some forms of ransomware encrypt files on the hard disk (cryptoviral extortion), others only lock the system and by threatening message force users to pay.

Adware

It is a name for products that make work unpleasant by using an advertising application. These can have varied levels of aggressiveness – from regular banners to constantly jumping pop-ups or icons in the notification area. Another annoying thing is an unrequested change of the home page in Windows Internet Explorer.

Rootkit

It is a set of computer programs that can mask the presence of malicious software on your computer, such as viruses, Trojan horses, spyware, and others.

SPAM

It is an unsolicited message widely distributed over the Internet. Originally it was used primarily for unsolicited advertising e-mails, over time this phenomenon affected also other types of the Internet communication – such as discussion forums, comments and instant messaging.

HOAX

It generally refers to fraud, mystification or humorous deception. In electronic communication, hoax is an unsolicited e-mail or instant message that warns the user of a virus, asks for help, informs about danger, tries to entertain him, etc. Hoax usually includes a request asking for further distribution of the information among friends, or to as many additional addresses as possible, that’s why it is sometimes referred to as a chain email. Czech word mystification is a matching translation of a word hoax.

Phishing

It is a fraudulent technique used on the Internet to get sensitive data (passwords, credit card numbers, etc.) in electronic communication. To attract the trustworthy public, the communication pretends to come from popular social networks, auction websites, online payment portals, government agencies, or IT administrators.

Firewall

It is a software or network device that is used to control and secure network traffic between networks with different levels of trust and security. To put it simply, it serves as a control barrier that defines the rules for communication between networks which separates.

Botnet

It is a name for software agents or Internet robots that operate autonomously or automatically. Currently, the term is most commonly associated with malware, where botnet refers to a network of computers infected with a special software managed from one centre. Botnet then performs unwanted activity such as spamming, DDoS attacks and others.

DoS

Denial-of-service is a type of attack on the Internet services or sites that aims at making a target service unavailable to other users; this can be caused by overloading by requests or by using some mistake that does not allow an attacker to control the service, but to break it. A subtype of DoS attack is called a distributed denial-of-service (DDoS), in which a large number of distributed computers is used to overwhelm the target service with requests.

Spoofing

It is based on falsifying identity. There are various types, e.g.

TCP / IP – Many protocols in the TCP/IP category do not provide mechanisms for authenticating the source or target message and are therefore vulnerable to spoofing attacks unless applications take additional measures to verify the identity of the sending or receiving host.

Email addresses – sender information displayed in emails (the “From” field) is easily forged. This technique is commonly used by spam senders to hide the origin of their emails. Email spoofing is done exactly the same way as writing counterfeited mailing addresses. If the letter matches the protocol (i.e. stamp, postal code), SMTP sends a message.

Social engineering

It is a way of manipulating people to take some action or to get some specific information. The term is commonly used to describe fraud or fraudulent practices in order to obtain the organization’s confidential information or an access to a company´s information system. In most cases, the attacker does not come into personal contact with the victim.

Keylogger

It is a software that reads individual keystrokes. In case of software, this is some kind of spyware, but there are also hardware keyloggers. Keylogger does not directly threaten the computer, but is used to detect people’s passwords.

Hacker

It is a computer specialist or a programmer with a detailed knowledge of the operation of the system, which he can perfectly use, but primarily adjust to his needs. In the mass media, this term is used for cybercriminals and computer network intruders, but both are correctly referred to as crackers. Today, both terms are often confused.

Cracker

It is a name for a person who misuses the knowledge of computer security to his advantage in order to break into software. Cracker must have a good knowledge of the computer (information technology) functioning, programming, computer security, cryptography, etc. Inappropriate program design and programming errors cause software vulnerabilities that can be used by programming the exploit.

Exploit

It is a special program, data, or sequence of commands that takes advantage of a programmer’s error that causes unintended operation to occur on computer software in order to gain some benefit. Usually, it is about taking control of a computer or about unwanted installation of software that further carries out an activity which the user does not know about (e.g. some kind of malware). A commonly used protection is the early installation of updates issued by the author of the flawed software.

Source: The information about the terms listed above are drawn from Wikipedia, where links are directed to for more detailed description.



Content owner: CIC - Department of Integration and Coordination (81370) , Last change: 16.09.2019