An illustrations shows cursors pointing toward a laptop.

A glossary of terms about cyberattacks, from ransomware to DDoS

If you read news about technology, you’re bound to run into some jargon. Here at Mozilla, we believe that information should be as accessible as possible regardless of your level of expertise. We want to help you approach stories about technology with more curiosity and with a little less head-scratching involved. We’ll break down headline-making topics through a glossary of terms often used to discuss them. Consider it your cheat sheet to all things tech.

This month, we’ll give you terms to know about cyberattacks.

First, let’s define a cyberattack

A cyberattack is an effort to target a computer network or remotely cause damage, whether that’s stealing information like credit card numbers or disabling systems. Everything from the websites we visit to the apps we use to our communications online are vulnerable. 

Other terms to know: 

Brute force attack

An attacker uses software to generate password combinations to get into an account or a system.

DoS and DDoS attacks

Let’s say you own a flower shop. A group of people, with no intention of buying flowers, crowds the entrance. Now, real customers can’t go inside. 

A denial-of-service attack, or DoS attack, works similarly. A hacker floods a server or network with useless traffic so a website becomes inaccessible to people who want to visit the site. A distributed denial-of-service attack, or DDoS attack, deploys traffic from thousands of different sources so it’s harder to stop.  


Short for malicious software, malware generally refers to any program designed to take harmful actions against a computer system or network. They steal data or money, bypass security systems and disrupt an organization’s operations. Malware can hit targets via phishing or taking advantage of vulnerabilities in a system. 

Monster-in-the-middle attack

A monster-in-the-middle attack intercepts data between two devices. A hacker could gain access to email accounts, or hijack a Wi-Fi connection or traffic between a computer and a website. 


Attackers pretend to be a trustworthy entity via email or a fake website to get you to provide personal information to access your accounts, like your bank or your work network. They may advantage of events like natural disasters (sham payouts after Hurricane Katrina), economic downturns (IRS scams) or holidays (fraudulent shopping deals). Clues of a phishing attack include suspicious email addresses and attachments, as well as spelling and grammatical errors in the copy.


Hackers use ransomware to encrypt files on a device or system so that they’re unusable until an entity or organization meets a demand, e.g. money. Attackers asks for a ransom in exchange for decrypting the files and may also threaten to sell or leak data..

SQL injections

A common hacker trick, a structured query language or SQL injection is used to steal usernames and passwords, credit card numbers and other data entered into a web form. The attacker inserts or modifies code in a vulnerable database to command access to the sensitive information.

Worms and viruses

Like in the 1988 Morris attack, worms are malware that can spread via a network connection. They don’t need a host to self-replicate, unlike viruses, which typically attach themselves to documents, email attachments and infected websites. Once the host is activated, viruses can destroy files and slow down systems. 

Related stories:

Device-level encryption from a name you can trust

Try Mozilla VPN

Share on Twitter