Computer Security Concepts

Computer Security form the foundation for protecting systems, data, and networks from a wide range of threats.

Thank you for reading this post, don't forget to subscribe!

• These concepts revolve around three core principles, known as the CIA triad:

1.) Confidentiality:

• Confidentiality ensures that sensitive information is only accessible to those who are authorized to view it, preventing unauthorized access and disclosure.

2.) Integrity:

• Integrity ensures the accuracy, consistency, and trustworthiness of data and systems, protecting them from unauthorized alterations or corruption.

3.) Availability:

• Availability guarantees that authorized users have continuous access to information and resources whenever needed, even in the face of attacks or failures.

Additional Concepts:

4.) Authentication:

• Authentication is the process of verifying the identity of users or systems to ensure that access is granted only to legitimate entities.

5.) Authorization:

• Authorization determines what actions or resources a user or system can access, based on policies and permissions.

6.) Accountability:

• Accountability ensures that all actions performed on a system can be traced back to responsible individuals or entities, enforcing security policies and deterring misuse.

Threats

A threat is any potential cause that can exploit vulnerabilities to compromise the security of systems, networks, or data.

• Threats can originate from various sources, including malicious actors, accidental errors, and natural disasters.

Types of Threats:

• External Threats: These originate outside an organization, such as hackers, malware, or nation-state actors.
• Internal Threats: These come from within the organization, such as disgruntled employees, negligence, or accidental data leaks.
• Physical Threats: These include events like theft, vandalism, or natural disasters that can damage hardware or data centers.
• Cyber Threats: These involve attacks on digital systems, such as phishing, ransomware, or Distributed Denial of Service (DDoS) attacks.

Attacks

An attack is the actual realization of a threat, where an attempt is made to exploit vulnerabilities in systems, networks, or data to cause harm or gain unauthorized access.

• Attacks can vary in complexity and target specific assets or systems.

Purpose and Impact of Attacks:

• Steal sensitive information (e.g., passwords, financial data)
• Disrupt services (e.g., taking a website offline)
• Damage systems or reputations
• Demand ransom (e.g., through ransomware)
• Manipulate or corrupt data

Types of Attacks:

1.) Malware Attacks:

• These attacks involve malicious software (malware) intentionally designed to disrupt, damage, or gain unauthorized control over a computer system.

• These involve malicious software such as viruses, worms, Trojans, or ransomware designed to disrupt or gain control over systems.

2.) Phishing Attacks:

• These attacks deceive users into revealing sensitive information (e.g., passwords, credit card details) by pretending to be a trusted entity, often via email, SMS, or fake websites.

3.) Denial of Service (DoS) and Distributed Denial of Service (DDoS):

• These attacks flood a target system with excessive traffic, rendering it unavailable to legitimate users.

4.) Man-in-the-Middle (MitM) Attacks:

• An attacker intercepts and possibly alters communication between two parties without their knowledge, often during data transmission over insecure networks.

5.) SQL Injection:

• This involves inserting malicious SQL code into a database query, allowing attackers to view or manipulate sensitive data.

6.) Zero-Day Attacks:

• These target software vulnerabilities that are unknown to the vendor, leaving systems exposed until a patch is released.

7.) Insider Attacks:

• Malicious actions taken by employees or trusted individuals within an organization to steal, destroy, or manipulate data.

Assets:

An asset in computer security refers to any resource, data, or system that is valuable to an organization and needs protection from threats and attacks.

• The protection of assets is crucial for ensuring business continuity, maintaining trust, and safeguarding sensitive information.

Components of Assets:

1.) Data:

• It is one of the most critical assets in any organization. It includes sensitive or proprietary information such as customer records, intellectual property, financial data, and business strategies.

• Examples: Customer names, credit card information, employee records, patents, and trade secrets

2.) Hardware:

• It refers to the physical devices and equipment used to support an organization’s operations.

• This includes servers, laptops, routers, storage devices, and any other physical infrastructure that stores or processes critical data.

3.) Software:

• It encompasses applications, operating systems, utilities, and all the programs required to perform tasks within an organization.

• It is essential for running business operations and providing services to users.

4.) Networks:

• It represents the communication infrastructures through which data is transmitted. They connect systems within an organization and with external entities, such as customers, vendors, and partners.

• Examples: The internet, local area networks (LANs), virtual private networks (VPNs), and intranets.

5.) People:

• They are the human resources involved in an organization’s operations. Employees, contractors, customers, and other stakeholders all interact with systems and data, making them an essential part of asset protection.

• Examples: IT staff, end-users, customers, third-party vendors.

6.) Processes:

• It refers to the established workflows, policies, and procedures that dictate how resources (data, hardware, software, etc.) are utilized and protected within the organization.

• Examples: Incident response procedures, backup protocols, and encryption standards.