A “trojanized document” hides malware inside itself, but rarely do we call a webpage doing the same a “trojanized webpage”.  The word Trojan, derived from Homer’s epic poem, intended to describe a seemingly innocuous object containing damaging material, now describes almost all cyber threat delivery vectors.  The term “Trojan” in cybersecurity has become diluted to the point of nonsense.

Trojan is just one example in a diluted language space now including other terms like virus, rootkit, targeted, etc.  As the community grows in both terms of depth and breadth, it will carry with it historical baggage and loose terminology.  Poor phraseology will infect those writing on the topic not familiar with nuances further contributing to the problem.  Lastly, as cyber threats grow and change the language must evolve as well causing further issues.  For example, increased modularization of capabilities challenge attempts to clearly categorize with existing language.

This is a problem for effective threat intelligence communication.  Good threat intelligence accurately communicates the context of the threat relativizing it to a risk environment.  A reliance on diluted language increases ambiguity therefore decreasing accuracy and effectiveness.

My message to those responsible for communicating cyber threats: consider language dilution, both your own actions contributing to dilution but also leveraging diluted language and its effect on your customers.  Language dilution is a fact-of-life for any discipline, but how it’s addressed makes the difference.