// THREAT DETECTION AND DATA PRIVACY TERM
Backdoor
A backdoor is a hidden method for bypassing normal security or authentication to gain access to a computer system, network, or application. It's like a secret entrance that allows unauthorized individuals to get in without being detected.
TECHNICAL DEFINITION
A backdoor is a covert method in cybersecurity that bypasses normal authentication or encryption mechanisms, enabling a threat actor to gain remote, unauthorized access to a computer system, network, or software. Often installed via malware like a Remote Access Trojan (RAT) or sometimes built into legitimate software as a maintenance hook, it facilitates persistent access for data exfiltration, espionage, or system control.
BACKGROUND
Computer security is a subdiscipline within the field of information security. It focuses on protecting computer software, systems, and networks from threats that can lead to unauthorized information disclosure, theft, or damage to hardware, software, or data, as well as to the disruption or misdirection of the services they provide.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- trapdoor
- RAT
- covert channel
- maintenance hook
- secret entrance
- remote access trojan
USAGE NOTE
The term is often used to describe the method an attacker installs to maintain persistent access after an initial system compromise.
DEVELOPERS
Organizations developing technology related to Backdoor.
A United States intelligence agency responsible for global monitoring, collection, and processing of information and data for foreign and domestic intelligence and counterintelligence purposes, specializing in signals intelligence (SIGINT) and information assurance. The NSA's Tailored Access Operations (TAO) unit is known for developing and exploiting software and hardware backdoors for intelligence gathering.
An Israeli technology firm that develops and sells surveillance spyware, most notably 'Pegasus'. This spyware can be covertly installed on mobile phones and acts as a powerful backdoor, allowing the operator to gain complete access to the device's data and functions.
A leading cybersecurity firm specializing in incident response and threat intelligence. Mandiant analysts are experts at discovering and reverse-engineering sophisticated backdoors used by state-sponsored threat actors (APTs) to maintain persistent access to compromised networks.
A cybersecurity technology company whose Falcon platform provides cloud-native endpoint protection. A core function of their technology is to detect and neutralize malicious software, including various types of trojans and backdoors that attackers use to control compromised systems.
A global cybersecurity leader providing network security, cloud security, and endpoint protection. Its threat intelligence team, Unit 42, frequently researches and publishes analyses on new malware families and campaigns, detailing the functionality of novel backdoors used by cybercriminals and nation-states.
A multinational cybersecurity and anti-virus provider with a highly-regarded Global Research and Analysis Team (GReAT). This team is renowned for uncovering and dissecting complex, long-running cyber-espionage campaigns that often rely on custom, stealthy backdoors for data exfiltration.
The cyber and security division of the British defence contractor BAE Systems. They provide national security and cyber-defence solutions to governments, involving the detection of hostile backdoors in critical infrastructure and the development of intelligence-gathering capabilities.
A cybersecurity engineering and consulting firm that specializes in discovering vulnerabilities in software, hardware, and embedded systems for both defensive and offensive purposes. Their work includes identifying existing backdoors and understanding the techniques required to create or prevent them for government and commercial clients.