A special report from   |  With support from


Botnet: Botnets are networks of computers infected by malware and are being used to commit cybercrimes.

Colonial Pipeline attack: Ransomware attack that led to the shutdown of a major pipeline system for 11 days in 2021, resulting in crippling fuel supply shortages in much of the eastern United States.

Critical infrastructure: Physical or virtual systems or assets that are so vital that the incapacity or destruction of such systems and assets would have a debilitating impact on economic and national security, public health or safety.

Cryptocurrency: Difficult-to-trace digital currencies such as Bitcoin sometimes used to pay the ransom in a ransomware attack.

Cyber hygiene: Analogous to flossing for computer and cybersecurity. Colloquial term covers security best practices, everything from installing antivirus software and properly configuring firewalls and routers, to using strong password management and two-factor/multifactor authentication.

Cyber threat hunting: A proactive attempt to thwart malicious cyber adversaries before a potential attack.

Denial of service (DoS): The actions of a malicious cyber threat actor to keep legitimate users from accessing information systems, devices or other network resources, frequently caused by flooding a network server with traffic or superfluous requests.

Distributed denial of service (DDoS): An attack when multiple machines operate together to attack one target, often leveraging the use of a botnet resulting in a denial of service attack.   

Group of Governmental Experts (GGE): A series of ad hoc United Nations working groups that was first established in 2004 and is now in its sixth iteration. The Group of Governmental Experts focuses on advancing responsible state behavior in cyberspace in the context of international security.

Hack back: Refers to counterstrikes in cyberspace, or the retaliatory, offensive actions that organizations or entities might take in response to a cyberattack in order to either steal back from, or cause harm to, the computer systems or networks of the attackers.  

Information and communication technologies (ICT): ICT is defined by the UN as a diverse set of technological tools and resources used to transmit, store, create, share or exchange information.

Intellectual property: A work, product, or creation of the human mind, protected by copyrights, patents, trademarks and trade secrets.

Internet Protocol (IP): The unique address or string of numbers that identifies a computer or other network hardware on the internet.

JBS attack: Large international meat processor and supplier hacked by Russian cybercriminals in 2021.

Malware: Catch-all phrase meaning “malicious software.” Among the many variations are viruses, ransomware, scareware, spyware, adware, worms and Trojans.

Nobelium: Microsoft’s designation for the Russian-based group behind the 2020 SolarWinds hack and other cyberattacks.

Ransomware: Ransomware is a specific kind of malicious software or “malware” used by cybercriminals to render data or systems inaccessible for the purposes of extortion – i.e., ransom.

SolarWinds: The name of the company whose software was attacked in 2020, resulting in hacks against US federal agencies and private companies that relied on the software. 

State-sponsored threat actor: A hacker or group of hackers working with or on behalf of a government that commits acts of cybercrime against another entity. State-sponsored threat activity can include advanced persistent threat (APT) groups.

Supply chain attacks: Also known as a value-chain attack or a third-party attack, a supply chain attack is a cyberattack method that seeks to damage an organization or user by compromising a device or service by corrupting an element along the ICT supply chain. Such attacks are particularly insidious because they take advantage of the trust that users and organizations place in the software, hardware and third-party services they rely on.

A special report from   |  With support from