Glossary: cyberattacks and malware 101

Trojans, phishing emails, spyware – the internet is teeming with malware and cybercriminal attacks are omnipresent.

But how do these attack methods differ? The main differences are briefly explained here:

Botnet - Network of hacked computers

When hackers use malware to take control of many computers and connect them to a network, they form what is called a botnet ("bot" = "robot" and "net" = "network"). Hackers often use thousands or even millions of networked computers (also called zombies) for DDoS attacks. The users of the individual PCs usually notice nothing. Aside from PCs, other networked devices such as routers, webcams and networked household appliances are also misused for bots.

CEO-Fraud - The hacker pretends to be your boss

In the case of CEO fraud, fraudsters pretend via email or telephone to be a member of senior management or a finance department employee and instruct the person contacted to make payments to a specific account. With this form of social engineering, the criminals specifically choose their victims. The attackers manipulate their victims, claiming that an important payment must be made quickly and that nobody can know about it.

DDoS attacks - Websites are paralysed

With DDoS (distributed denial of service) attacks, the perpetrators attempt to paralyse computer networks by means of a very large number of requests from a network of many distributed computers (botnet). In doing so, the hackers want to damage companies or use the attacks as a threat to blackmail their victims. Companies and organisations can use various measures to counter DDoS attacks.

 

Drive-by infection - Malware installed by visiting a website

In the case of a drive-by infection, simply visiting a website can infect a computer with malware. These are generally trustworthy websites that hackers have compromised with malware or else websites that were created solely for this purpose. Vulnerabilities of the browser or its plug-ins are usually exploited.

 

Keylogger - Keystrokes are recorded

A keylogger is a piece of software or hardware that can be used to monitor all of a computer's keystrokes. Third parties can thereby read passwords, credit card information and search queries entered on a computer, for example. Caution is advised, as this type of spyware is very common because such software is often available online as freeware and can be installed on a PC without being noticed.

 

Malware, malicious code, malicious software

These terms refer to various malicious programs and codes that are designed to damage computers, networks or their users. They can be viruses, worms, Trojans and other forms of malware. Such software is usually distributed via email or hidden on websites and in programs and files (see drive-by infection).

 

Phishing - The hacker wants to access your login details

Fraudsters use phishing ("password" and "fishing" = "password fishing") to try to obtain personal data from internet users. They usually send emails with bogus senders and company logos in order to convince the recipients to use a link to enter their access data for e-banking or a webshop password. One insidious form is spear phishing, in which the recipients are specifically selected and personally contacted.

Ransomware - The hacker encrypts your data and blackmails you

Ransomware is malware used by cybercriminals to infect a computer, encrypt the data and thus make it unusable for users. If the data on a computer is encrypted, the fraudsters try to blackmail their victims and demand a ransom (see Trojan, Trojan horse).

 

Social engineering - You are asked questions in order to cause you damage

Social engineering attacks take advantage of people's helpfulness and good faith in order to gain access to confidential data or to prompt them to perform certain actions. For example, the attackers ask for passwords and login data over the telephone. These are often fake support calls that the fraudsters use to try to gain access to a computer or system.

 

Spam - You receive unsolicited emails

Spam refers to unsolicited and automatically sent emails that often contain advertising or malware or are written as chain letters. The email program's spam filter can intercept only some of the unsolicited emails, which are estimated to account for more than 60% of global email traffic.

Spyware - Someone spies on you

Unauthorised parties use spyware to spy on PC users to obtain sensitive data such as passwords or account information or to analyse surfing behaviour. The information obtained in this way can be used for criminal acts or for advertising purposes. Spyware can be a keylogger that reads all keystrokes or a tool that analyses surfing behaviour, for example.

 

Trojan, Trojan horse - Disguised malicious programs

Trojan horses or Trojans are programs that covertly perform harmful actions but disguise themselves as useful applications or files. Encryption Trojans, which encrypt repositories or individual file directories, are particularly widespread (see ransomware).

 

Virus

An example of malware that copies itself and embeds itself in other programs or operating systems (it spreads "virally"), where it causes damage or interferes with the operation of a computer. Computer viruses generally need a host file to which they dock and via which they spread.

 

Worm

An example of malware that exploits security vulnerabilities in applications or operating systems and can spread independently from computer to computer (without a host file or program).

 

Further information on general threats:

Website MELANI

 

Last modification 22.01.2020

Top of page

https://www.isb.admin.ch/content/isb/en/home/themen/sicherheit/informationssicherheit/glossar-einmaleins.html