Cyberattack: The jargon explained
Paris (AFP) – From ransomware to kill switch, here are explanations of some of the terms used in stories on the massive attack by the WannaCry worm:
– Malware –
Malware is short for malicious software, or a programme written to disrupt or disable computers or networks. It can take the form of a virus or a worm.
– Viruses and worms –
A virus is a piece of malware that needs the action of users to spread to other computers, such as sending emails, sharing files, downloading an infected file or inserting a USB stick.
Worms, on the other hand, can propagate by themselves.
– Ransomware –
Ransomware is the term used for a piece of malware that encrypts the data on a computer, rendering it inaccessible to the user. An on-screen message usually appears demanding payment in exchange for a code to decrypt the data.
– Vulnerability –
A flaw in software that can be exploited to distrupt the normal operation of computers or networks, including tampering with or stealing data.
A “zero day” vulnerability is one that hasn’t yet been made public.
– Patch –
An update to software that fixes a problem or a vulnerability.
– Phishing –
Phishing is the use of deception to gain confidential information such as usernames, passwords, bank account details and credit card number. Phishing attackers often say there is a problem with an account and send a link to sign in. Users are directed to a fake log-in made to look like the real one and end up disclosing sensitive information.
– Kill switch –
Like on a piece of machinery, a kill switch in malware shuts down the spread of a virus or worm.
In the case of WannaCry, a cyber security specialist noted that it was contacting a domain name before it infected each computer, and would not infect the computer if it hadn’t received a reply. The researcher registered the domain name to slow its spread, apparently with success. Experts warn that WannaCry’s code could be changed so it does not have a kill switch.
A botnet is a network of infected computers. The infected computers can be controlled remotely, for instance to carry out attacks to overload websites.
Some botnets can number into the thousands of infected computers, and may sold to carry out attacks.
– Bitcoin –
Bitcoin is the leading so-called virtual or crypto currency. It is accepted by many businesses, especially on the internet, and can be exchanged for traditional money.
Independent of governments and banks, Bitcoin uses blockchain technology, where encrypted digital coins are created by supercomputers, and the currency is regulated and controlled by a community of users who try to guard against counterfeiting. While transactions are recorded, the identity of those carrying out the transactions is not, making Bitcoin popular for illicit activity.