DDoS? Botnet? 2FA? What does it all mean? We can explain

Sometimes we get a little caught up in the verbiage of Cyber Safety. Despite the language of the trade, the concepts are actually easy to understand. 

Do you ever feel lost in a maze of cyber jargon? If you’ve ever tried to read a security threat report, an article about the latest virus protection, or maybe simply seen a movie or TV show where they talk about hacking, you’ve probably heard some terms that sent you running.

Let’s pull back the curtain on the mysticism behind cybersecurity terminology. Use this guide to sharpen your cyber jargon, and soon you’ll be able to read and understand security threat reports faster than a trojan virus moving through your Aunt Bertha’s inbox.

DDoS attacks – a digital traffic jam of epic proportions

Imagine yourself taking your dream car for a spin on a beautiful clear afternoon. You’re cruising down the highway (obeying all traffic laws), playing your favorite podcast or playlist, and everything just feels right.

Suddenly, out of nowhere, other cars come swarming in from every direction. They’re coming off onramps, out of fields next to you, and making U-turns from the other side of the highway. In seconds, the road ahead is nothing but red taillights, and you’re at a complete standstill.

That traffic jam is what a DDoS (Distributed Denial of Service) attack does to websites, servers, and other internet services. Threat actors launch this attack, flooding their targets with traffic, and making it so that real people can no longer get through to the website.

DDoS attacks, especially when they come from multiple hacker groups, intend to disrupt services and damage companies financially. The flood of traffic that cuts out their real users can cause significant financial and reputational harm, especially when scammers target online marketplaces, financial institutions, and social media websites.

Trojan attacks – the gift you didn’t ask for

If you know your Greek folklore, you know the story of the Trojan Horse. If you don’t know your Greek folklore, imagine someone gave you a really thoughtful gift. But, hidden inside that gift was something you really, really did not want—and that thing ultimately causes your city to be burned to the ground.

Trojan attacks are like that. In this case, the gift is a seemingly harmless software or file that you might download from the internet or receive as an attachment in an email. The unwelcome surprise is a malicious program that hitches a ride inside that file or program. When you unwrap the gift and activate the program, it infiltrates your device and wreaks havoc.

For extra credit, one of the most famous trojans was called, "I Love You.” It might sound sweet, but in the world of cybersecurity, it's a term to be wary of. This metaphorical love letter appeared to be filled with affection, but was actually a malicious trap. When it launched in 2000, it infected over fifty million computers, and cost $10-15 billion in damage worldwide.

The Botnet – it’s a cyber zombie army

If you’ve seen any zombie movie, you know that 1) zombies make more zombies and 2) zombies are most effective at that when they work together.

A botnet is an army of digital zombies being controlled by a hacker or a hacker group. Each zombie is a single computer that the hackers have taken control of. That individual computer or device coordinates with the other computers/zombies to take over other computers and make the army bigger. Once the army is big enough, the puppet masters can direct the army to create mass email spam, conduct DDoS attacks, or retrieve information from inside private networks.

The most nefarious part of botnets is that the people who own the computers often don’t know they’re part of the zombie army. If you want to be sure you’re not unknowingly affected, strong antivirus is a good idea.

Rootkits – invisible intruders in your home

Imagine waking up in the morning, heading down to the kitchen to start your morning routine, and discovering someone had been there already! Whoever it was drank all your coffee and used your nice plates. They left eggshells in the sink and didn’t put the milk back in the fridge. And they’ve borrowed one of your records.

Now imagine in this scenario that you don’t have a roommate, and that despite locking all the doors and windows and setting up security cameras, this invisible intruder keeps doing the same thing for weeks on end.

That’s what happens if your computer is infected with a Rootkit. Rootkits burrow deep inside your computer’s operating system, and they’re incredibly difficult to detect without the right antivirus software. Once infected, they give criminals persistent access to your device, allowing them to run programs and search files while you’re away from your computer. 

Ransomware – the digital kidnappers on the rise

Ransomware operates like a virtual kidnapper. But instead of taking a family member or a pet, they hold your computer and all its files hostage.

Imagine someone locking your work files, personal photos, and emails in a digital safe, and refusing to give you the combination unless you pay a ransom. Ransomware, which, by the way, usually gets into your system via trojan, encrypts your data, rendering it inaccessible until you pay off the hacker.

For 2024, ransomware is among the top concerns for our cyber security experts. Like with real ransoms, it’s best not to negotiate with these digital extortionists and instead focus on prevention.

Malware – a bug problem under the floorboards

Malware is like a collection of digital critters that have invaded the framework of your device.

These creepy crawlies include viruses, worms, spyware, and more, each with its unique way of causing havoc. Like unwanted bugs, malware programs can be hard to find while they damage your device, steal your data, or spy on your online activities.

One of the most common types of malware is adware. These are sneaky programs that often find their way onto your system by hitching a ride with media or software you’ve downloaded from the internet. Like bringing in an antique wardrobe you just picked up at a yard sale, the bugs hiding inside can quickly spread everywhere you look. They can cause unwanted pop-up advertisements, change your homepage, and even report your browser habits back to their home base. 

Two-Factor Authentication (2FA) – double lock the front door

You probably get into your home using a key. That’s an example of a single lock, or maybe a single authentication.

Imagine if you’re concerned about burglary, and you’re aware the bad guys know how to pick locks. It might be more secure if you add a fingerprint scanner to the front door, in addition to your key.

That's Two-Factor Authentication (2FA) in action, adding an extra layer of security to your digital accounts. There’s no need to fear - when you enable 2FA for your email accounts, financial service, or any other website, things won’t change much. You’ll go through the regular routine of going to the website or app and entering your username and password. With 2FA, the new step is that you’ll receive a text message or alert on your phone, asking you to confirm that you’re trying to log in.

2FA ensures that even if someone steals your password, they still can't get in without you confirming on your mobile that it’s really you trying to log in. Plus, it delivers the added benefit of alerting you any time your account is accessed. If it’s not you trying to log in, it’s time to update your password.

Cybersecurity is a complex subject, but its language need not be daunting. We hope to make this complex world a little more accessible for everyone. So, next time you encounter terms like DDoS, trojan, botnet, or rootkit, you’ll know the nature of the threat, and where to start looking to understand them. Remember to exercise healthy skepticism and be a safer cyber citizen!