The cybersecurity world is full of jargon and lingo. At TechCrunch, we have been writing about cybersecurity for years, and we frequently use technical terms and expressions to describe the nature of what is happening in the world. That’s why we have created this glossary, which includes some of the most common — and not so common — words and expressions that we use in our articles, and explanations of how, and why, we use them.
This is a developing compendium, and we will update it regularly. If you have any feedback or suggestions for this glossary, get in touch.
An advanced persistent threat (APT) is often categorized as a hacker, or group of hackers, which gains and maintains unauthorized access to a targeted system. The main aim of an APT intruder is to remain undetected for long periods of time, often to conduct espionage and surveillance, to steal data, or sabotage critical systems.
APTs are traditionally well-resourced hackers, including the funding to pay for their malicious campaigns, and access to hacking tools typically reserved by governments. As such, many of the long-running APT groups are associated with nation states, like China, Iran, North Korea, and Russia. In recent years, we’ve seen examples of non-nation state cybercriminal groups that are financially motivated (such as theft and money laundering) carrying out cyberattacks similar in terms of persistence and capabilities as some traditional government-backed APT groups.
(See: Hacker)
An adversary-in-the-middle (AitM) attack, traditionally known as a “man-in-the-middle” (MitM), is where someone intercepts network traffic at a particular point on the network in an attempt to eavesdrop or modify the data as it travels the internet. This is why encrypting data makes it more difficult for malicious actors to read or understand a person’s network traffic, which could contain personal information or secrets, like passwords. Adversary-in-the-middle attacks can be used legitimately by security …