4. The Need for Cybersecurity: Cyber Attacks 89 access control and cryptography are the main ways we keep attackers out and “lock up” data to make it inaccessible. 4.2.2 Integrity Integrity means preventing, or at least detecting, the unauthorized writing of data. Like with the term “reading” in the definition for confidentiality, “writing” is used in the technical sense—it means modifying data. This includes creating data, changing data, and deleting data. Data integrity is vital to cybersecurity. When attackers are able to modify data without authorization, they can wreak havoc on an individual or organization. They can create fraudulent records. They can encrypt data so that its owners cannot access it. They can delete data to revise history. They can modify software or install malicious programs. The definition of integrity is fundamentally different from the definition of confidentiality because it contains the “at least detecting” clause. This clause is necessary because in some cyberspace contexts it is not possible to prevent hackers from modifying data. For example, as we learned in Chapter 2, data passes through many computers as it traverses between endpoints on the Internet. Once the data is “on the wire” it is outside of the data owner’s control. Intermediaries have the opportunity and the ability to modify the data— this cannot be prevented. But the I of the CIA triad is still intact if, when this happens, the recipient of the data knows that the data has been tampered with. Integrity does not require that the exact modifications be known—it only requires that data cannot be modified without being detected. The success of some attacks depend on modifying data undetectably. When hackers modify software to make it do something malicious they are counting on nobody noticing. Confidentiality and integrity usually go together but not always. They are two different concerns. It is possible to violate one while not violating the other. For example, if hackers access encrypted data, and they cannot break the encryption, then the confidentiality of the data is still intact. However, the hackers may still be able to modify encrypted data even though they cannot read it. If the tampering of the data is not detected, then the I of the CIA triad would be violated but not the C. Also, sometimes it is not important that data remain confidential, but it is important that it does maintain integrity. If a person wants to make an important public statement, they do not need confidentiality—they want people to read their statement. But they may want to ensure that their message is not changed in any way. Their concern is integrity, not confidentiality. Like with confidentiality, access control and cryptography are the main tools used to ensure integrity. It seems counterintuitive that message tampering can be detected even when the recipient has no way of knowing what the original message was, but we will see in Chapter 7 how this is achieved with cryptography.
RkJQdWJsaXNoZXIy MTM4ODY=