• Skip to primary navigation
  • Skip to main content
  • Skip to footer

Cisco Umbrella

Enterprise network security

  • Free Trial
  • Contact us
  • Blog
  • Login
    • Umbrella Login
    • Cloudlock Login
  • Products
    • Product
      • Cisco Umbrella Cloud Security Service
      • Cisco Umbrella Investigate
      • Product Packages
      • Support Packages
    • Functionality
      • DNS-Layer Security
      • Secure Web Gateway
      • Cloud Access Security Broker (CASB)
      • Interactive Intelligence
      • Cloud-Delivered Firewall
    •  
    • Webinar signup
  • Solutions
    • By Need
      • Protect Mobile Users
      • Fast Incident Response
      • Web Content Filtering
      • Shadow IT Discovery & App Blocking
      • Unified Threat Enforcement
      • Reduce Security Infections
      • Secure Direct Internet Access
      • Securing Remote and Roaming Users
    • By Network
      • Protect Guest Wi-Fi
      • SD-WAN Security
      • Off-Network Endpoint Security
    • By Industry
      • Higher Education Security
      • K-12 Schools Security
      • Healthcare, Retail and Hospitality Security
      • Enterprise Cloud Security
      • Small Business Cybersecurity
      • Our Customers
      • Customer Stories
    • Ransomware Defense for Dummies book
  • Why Us
    • Fast Reliable Cloud
      • Cloud Security Infrastructure
      • Cloud Network Status
      • Cloud Network Activity
      • Recursive DNS Services
      • Top Reasons to Trial
      • Getting Started
    • Unmatched Intelligence
      • Cyber Attack Prevention
      • Interactive Intelligence
    • Extensive Integrations
      • IT Security Integrations
      • Hardware Integrations
      • Meraki Integration
      • Cisco SD-WAN
    • Navigation-dropdown-promo-free-trial_102820
  • Resources
    • Content Library
      • Top Resources
      • Analyst Reports
      • Case Studies
      • Customer Videos
      • Datasheets
      • eBooks
      • Infographics
      • Solution Briefs
    • International Documents
      • Deutsch/German
      • Español/Spanish
      • Français/French
      • Italiano/Italian
      • 日本語/Japanese
    • Cisco Umbrella Blog
      • Latest Posts
      • Security Posts
      • Research Posts
      • Threats Posts
      • Product Posts
      • Spotlight
    • For Customers
      • Support
      • Customer Success Hub
      • Umbrella Deployment Hub
      • Customer Success Webinars
      • What’s New
      • Cisco Umbrella Studio
  • Trends & Threats
    • Market Trends
      • Rise of Remote Workers
      • Secure Internet Gateway (SIG)
      • Secure Access Service Edge (SASE)
    • Security Threats
      • Ransomware
      • Cryptomining Malware Protection
      • Cybersecurity Threat Landscape
    •  
    • 2020 Cybersecurity trends
  • Partners
    • Channel Partners
      • Partner Program
      • Become a Partner
    • Service Providers
      • Secure Connectivity
      • Managed Security for MSSPs
      • Managed IT for MSPs
    •  
    • Become a partner
  • Free Trial Signup
  • Umbrella Login
  • Cloudlock Login
  • Contact Us
Security

Honeypots, Botnets, and Spyware, Oh My!

By Kara Drapala
Posted on June 2, 2014
Updated on April 15, 2020

Share

Facebook0Tweet0LinkedIn0

Sometimes, it feels like there’s a language barrier between technical and non-technical people. Terms like backdoor, rootkit, or zero-day, which may be commonplace to a security professional, often leave users in the dark.

At OpenDNS, we #SpeakSecurity every day – and you can too! In this post, we define 20 key terms everyone should know:

Threats

Backdoor: A backdoor is an access point designed to allow quick and undetected entrance to a program or system, usually for malevolent purposes.

Botnet: A botnet is a robot network – think hivemind – a collection of infected machines that are used for any number of nefarious activities, from bitcoin mining to DDoS attacks. (Looking for more details? Our Community Moderator, Vinny, recently published a fantastic blog all about botnets.)

Denial of Service (DoS) Attack: This attack consumes all resources of a target so that it can no longer be used or reached, effectively taking it down. DoS attacks are designed to take a website or server offline, whether for monetary, political, or other reasons. (A DDoS, or Distributed Denial of Service attack, is carried out using two or more hosts.)

Drive-by download: A drive-by download often installs malware and happens invisibly in the background, when the user visits a malicious webpage, without the user’s knowledge or consent. Often, drive-by downloads take advantage of browser or browser plug-in vulnerabilities that accept the download under the assumption that it’s a benign activity.

Exploit: An exploit is an attack that takes advantage of a weakness in your system, utilizing software, bits of data, and even social engineering. To minimize exploits, it’s important to keep your software up-to-date and to be aware of social engineering attempts.

Malware: Malware is a general term for any program installed on a system with the intent to corrupt, damage, or disable that system. STUXNET, Conficker, and Flashback are a few famous examples. Common types of malware include:

Rootkits: A rootkit is a malicious piece of code that hides itself, prevents detection, and enables bad actors continued access to your system. If attackers gain full access to your system, they can use rootkits to continue that access over a long period of time.

Trojans: A trojan is a seemingly innocuous program that acts as a front for malicious code hiding within. Trojans can do any number of things, from stealing data to allowing remote system control.  These malignant programs take their name from the famous Grecian “Trojan Horse”.

Viruses: Often used as a blanket term, a virus is a piece of code – a form of malware that attaches itself to files, such as email attachments or random things you download online. The purpose of a virus is to mess with your system, whether that means deleting files or corrupting your data. Computer viruses also replicate – just like viruses in the physical world.

Worms: A worm is a type of malware that clones itself in order to spread to other computers, performing various damaging actions on whatever system it infects. Unlike a virus, a worm exists as a standalone entity.

Spyware: Malicious code that gathers information about you and your browsing habits, and then sends that information to a third party.

MitM or Man-in-the-Middle Attack: A MitM attack is pretty much what it sounds like. An attacker will intercept, relay, and potentially change messages between two parties without their knowledge.

Phishing: Phishing is is a technique that uses a trustworthy-looking communication to steal sensitive information. Like fishermen with a lure, attackers will attempt to take your personal information by phishing it from you through the use of falsified emails, forms, and web pages.

Spear phishing is a form of phishing that targets one specific individual. (Think you can spot a phish in the wild? Test yourself with our quiz!)

Social Engineering: A general term for any activity in which an attacker is trying to manipulate you into revealing information. Passwords, account credentials, social security numbers – we often don’t think twice about giving this information away, but who’s really on the other end of the line? Protect yourself, and think twice before sharing.

Zero-day (0day): A zero day attack is when a bad actor exploits a new, previously unknown software vulnerability, for which there is no patch. Security is a cat and mouse game, and it’s a constant struggle to stay ahead of attackers.

Solutions

Anti-malware: Anti-malware software is designed to block, root out, and destroy viruses, worms, and other nasty things that are described in this list. It’s important to remember that this isn’t set-it-and-forget-it; updating regularly will ensure that it remains effective against new threats.

Encryption: The process of scrambling messages so that they cannot be read until they are decrypted by the intended recipient.

Firewall: Imagine, if you dare, all the nasty, malicious stuff on the Internet. Now imagine it’s all in your network – yikes! A firewall stands between your trusted entities and whatever lies beyond, controlling access based on security rules.

Honeypot: A honeypot is essentially a trap for bad actors – a decoy machine seemingly connected to a network, just waiting to be accessed. These are monitored closely by security professionals, as they can collect valuable information about malicious activity.

SIEM: An acronym made by combining two acronyms, SIEM is an umbrella term for products that deal with security information management (SIM) and security event management (SEM). This allows for aggregation of information and events into a single “pane of glass” for security teams to use.

Previous Post:

Previous Article

Next Post:

Next Article

Follow Us

  • Twitter
  • Facebook
  • LinkedIn
  • YouTube

Footer Sections

What we make

  • Cloud Security Service
  • DNS-Layer Network Security
  • Secure Web Gateway
  • Security Packages

Who we are

  • Cisco Umbrella Blog
  • Cloud Network Status
  • Cloud Network Activity
  • OpenDNS is now Cisco Umbrella

Learn more

  • Events
  • Careers
  • Support
  • Cisco Umbrella Live Demo
  • Contact Sales
Umbrella by Cisco
208.67.222.222+208.67.220.220
2620:119:35::35+2620:119:53::53
Sign up for a Free Trial
  • Cisco Online Privacy Statement
  • Terms of Service
  • Sitemap

© 2021 Cisco Umbrella