INVITATION TO CYBERSECURITY 90 data without authorization, they can wreak havoc on an individual or organization. They can create fraudulent records. They can encrypt data so that its owners cannot access it. They can delete data to revise history. They can modify software or install malicious programs. The definition of integrity is fundamentally different from the definition of confidentiality because it contains the “at least detecting” clause. This clause is necessary because in some cyberspace contexts it is not possible to prevent hackers from modifying data. For example, as we learned in Chapter 2, data passes through many computers as it traverses between endpoints on the Internet. Once the data is “on the wire” it is outside of the data owner’s control. Intermediaries have the opportunity and the ability to modify the data— this cannot be prevented. But the I of the CIA triad is still intact if, when this happens, the recipient of the data knows that the data has been tampered with. Integrity does not require that the exact modifications be known—it only requires that data cannot be modified without being detected. The success of some attacks depend on modifying data undetectably. When hackers modify software to make it do something malicious they are counting on nobody noticing. Confidentiality and integrity usually go together but not always. They are two different concerns. It is possible to violate one while not violating the other. For example, if hackers access encrypted data, and they cannot break the encryption, then the confidentiality of the data is still intact. However, the hackers may still be able to modify encrypted data even though they cannot read it. If the tampering of the data is not detected, then the I of the CIA triad would be violated but not the C. Also, sometimes it is not important that data remain confidential, but it is important that it does maintain integrity. If a person wants to make an important public statement, they do not need confidentiality—they want people to read their statement. But they may want to ensure that their message is not changed in any way. Their concern is integrity, not confidentiality. Like with confidentiality, access control and cryptography are the main tools used to ensure integrity. It seems counterintuitive that message tampering can be detected even when the recipient has no way of knowing what the original message was, but we will see in Chapter 7 how this is achieved with cryptography. 4.2.3 Availability Availability means ensuring authorized users have access to their data and computer systems. We saw in the previous section on actions on objectives that some cyber attackers attempt to deny their targets access to data and computer systems. This can have a big impact because many times people cannot perform productive work if they cannot access their computers. Hackers that successfully attack availability can cause substantial financial harm.
RkJQdWJsaXNoZXIy MTM4ODY=