Cybersecurity
Backdoor
Definition
A backdoor in a computer system is any method for bypassing normal authentication or encryption. It is a hidden entry point that can be used to gain access to a system.
Why It Matters
A backdoor provides an attacker with a persistent and easy way to re-enter a compromised system, even if the initial vulnerability they used is patched. It allows for long-term control and data exfiltration.
Contextual Example
After an attacker gains initial access to a server by exploiting a vulnerability, they might install a backdoor. This could be a simple program that listens on a secret network port, allowing them to log back in whenever they want, bypassing the normal login process.
Common Misunderstandings
- Backdoors can be intentionally created by developers for legitimate purposes (e.g., for maintenance), but this is a very risky practice.
- Trojans are a common way to install a backdoor on a victim's system.