4. The Need for Cybersecurity: Cyber Attacks 89 date arrives, the malware may delete data or tamper with systems in another way. Some systems administrators have planted logic bombs on their employer’s network after they learned they were being fired but before they lost their administrative access. 4.2 Cybersecurity Goals “Genius is making complex ideas simple, not making simple ideas complex.” - Albert Einstein Now that we understand the cyber threat, we are in a position to characterize the goals of cybersecurity. Cybersecurity is difficult to simplify because it is massive, messy, and complicated. Knowing the essence of cybersecurity is helpful for prioritizing what to do and why it needs to be done. Cybersecurity’s primary concern is preventing hackers from achieving their objectives. As we have seen, hackers have different skills and motivations and employ different techniques, tactics, and procedures. Hacktivists might gain access to data to expose it (doxxing). Criminal hackers might encrypt their victim’s data so they can extort them (ransomware). Nation state hackers might gain access to spy on their adversaries (espionage). As the previous section shows, all the different types of cyber attacks can be generalized into the three main categories of disclosure, alteration, and denial. If these are the goals of hackers, the opposite of these are the goals of cybersecurity. The goals of cybersecurity are known as the CIA triad. This CIA is not the Central Intelligence Agency, but that is a helpful association. CIA is probably the most well-known acronym in cybersecurity. It stands for confidentiality, integrity, and availability. 4.2.1 Confidentiality Confidentiality means preventing the unauthorized reading of data. “Read” is used here in the technical sense—it means accessing. Reading may mean literally viewing data but oftentimes it involves copying or transmitting it. Cybersecurity entails keeping private data private. Users of the same computer should not be able to see one another’s data, and unauthorized users should not be able to see anyone’s data. If cyber defenders can ensure confidentiality, then they will avoid numerous types of attacks, including data breaches, data theft, spying, and more. In physical space, privacy is of utmost importance, and it is obtained with physical measures such as walls, locked doors, and safes. In cyberspace, access control and cryptography are the main ways we keep attackers out and “lock up” data to make it inaccessible. 4.2.2 Integrity Integrity means preventing, or at least detecting, the unauthorized writing of data. Like with the term “reading” in the definition for confidentiality, “writing” is used in the technical sense—it means modifying data. This includes creating data, changing data, and deleting data. Data integrity is vital to cybersecurity. When attackers are able to modify
RkJQdWJsaXNoZXIy MTM4ODY=