When you first enter the world of IT, or even the business world, the jargon can be overwhelming and leave you feeling like an imposter who is about to be exposed for not knowing what everyone is talking about.
I vividly remember my first job in IT, I was an Environment Coordinator, which is essentially an ‘Air Traffic Controller’ for IT environments. I had to manage which test environments were being used, by who, any issues that arose and stop any conflicts. I remember being pulled into a meeting for a brief introduction to the project and honestly feeling like the Project Manager was speaking a different language. I struggled to make notes because I wasn’t even sure what I should be writing.
I had a meeting later on that day where I wrote down the word “wisdell” because someone had just said it, the guy next to me said, “No, its WSDL”, everyone looked at me and for a moment I felt shame at not knowing the jargon. That was when I decided to keep a glossary, and every word I didn’t recognize I jotted down and made sure I learned it.
I met some great people in my early days working in IT, but those first two weeks were hell. I was a 21-year-old woman, confident and assured in most areas of my life and remember crying to my mom that I didn’t think I could do it.
But I did do it, and you can do it too! This list is specifically for hacker or hacking related jargon so its words you will come across in an IT security environment, rather than encompassing IT as a whole. Before we get stuck in I want to let you into a few secrets:
- No one expects you to know everything when you start out.
- There are no stupid questions, don’t be afraid to ask someone if you don’t know something, people love to help.
- Be proactive about learning – when you start out you are given more leeway. Don’t use that time to be complacent, use it to learn as much as you can so that when people start expecting big things from you, you can deliver.
This list isn’t exhaustive, we have tried to include the most important terms.
Black Hat – A hacker or hacking group who hacks for personal gain or with malicious intent. Black hat hacking is illegal.
Botnet – A collection of internet-connected devices (Computers, servers, mobile devices) that are controlled by malware without the user’s knowledge.
Brute Force – an unsophisticated type of attack where the hacker will use trial and error to find the correct password and compromise an account or system. Most systems stop brute force attacks by putting a delay on more password attempts if the password is incorrect a certain amount of times. You may have come across this yourself if you have forgotten your password and tried a few different combinations to be met with the message “please wait X amount of hours before trying again”.
Bug – An error or flaw in a piece of software that can affect user experience or leave the program vulnerable to an attack.
Cracking – a term for breaking into a security system with malicious intent. It is most commonly used to describe breaking digital copyright protections. For example on torrent sites, it is common to see “Sims 3 Crack” or “Adobe 2018 Crack”, to indicate you can download this software and it won’t recognize that you are not a legitimate user or haven’t paid.
Dark Web and Deep Web – The deep web is ‘the rest of the internet’, the stuff you can’t see on Google. The dark web is on the deep web but is only used to describe illegal or generally unsavory practices. The dark web is only accessible through specialized browsers such as Tor (The Onion Router). The dark web is home to hitmen, drug marketplaces, weapons marketplaces, banned books, counterfeit money and porn you wish didn’t exist. The deep web doesn’t have to contain nefarious content, companies often house databases on the deep web that they don’t want to be indexed by Google. Persecuted individuals in countries with oppressive governments will also use the deep web to communicate with the world.
DDoS – It stands for Distributed Denial of Service Attack and involves an attacker flooding a network with traffic to bring it down.
Encryption – The scrambling of data to make it unreadable to hackers if it is intercepted. Decryption is the decoding of the data.
Exploit – The method used when a bug or vulnerability is taken advantage of by an attacker.
Forensics – digital forensics involves recovering lost information or evidence of tampering in relation to a crime.
Hacktivist – Politically motivated hacking, one prominent example is the group Anonymous.
InfoSec – Abbreviation of “Information Security”. It is often used interchangeably with cybersecurity but some people prefer one over the other.
Jailbreak – Removing manufacturer restrictions on a device, such as an iPhone.
Malware – It means “malicious software” such as viruses, ransomware, spyware etc.
OTR – It stands for Off the Record and refers to a protocol for quick encryption of end to end messages. It uses a temporary key for every conversion, making it more secure.
Password Manager – a tool for securely storing all of your account passwords. They are becoming increasingly popular since trying to remember unique and complicated passwords is a trying task.
Penetration Testing/Pen testing – a legitimate form of hacking where a system is tested by hackers to check for vulnerabilities and resilience.
Ransomware – A type of malware that restricts your access to your own computer files and demands a ransom to retrieve them.
Root – The most powerful or fundamental level of access to the system. If a hacker gains root access, they have complete control of the system.
Shodan – A search engine that has been dubbed “hacker‘s Google”. Hackers can use Shodan to search for unprotected connected devices such as webcams, printers, baby monitors, medical devices and more.
Sniffing – A way of intercepting data over a network without being detected.
Token – An extra layer of security in the form of a small physical device that a user can use to log in to a device.
VPN – Stands for Virtual Private Network. VPN’s allow a secure way to use the internet over an internet you may not trust and want to remain anonymous on. VPN’s can artificially change your location so you could, for example, watch Netflix’s US catalog whilst in the UK.
Warez – Pronounced as “where’s”, it is a type of pirated software that is distributed on torrent sites and often laden with malware.
White hat – The “good” hackers. Hackers that are employed by companies to hack their systems with permission.
Zero-day – a bug that is unknown to the creators of the software and is unpatched. The name is used to describe how there has been zero days since the bug was discovered and the first attack.