Computer Security form the foundation for protecting systems, data, and networks from a wide range of threats.
- These concepts revolve around three core principles, known as the CIA triad:
1.) Confidentiality:
- Confidentiality ensures that sensitive information is only accessible to those who are authorized to view it, preventing unauthorized access and disclosure.
2.) Integrity:
- Integrity ensures the accuracy, consistency, and trustworthiness of data and systems, protecting them from unauthorized alterations or corruption.
3.) Availability:
- Availability guarantees that authorized users have continuous access to information and resources whenever needed, even in the face of attacks or failures.
4.) Authentication:
- Authentication is the process of verifying the identity of users or systems to ensure that access is granted only to legitimate entities.
5.) Authorization:
- Authorization determines what actions or resources a user or system can access, based on policies and permissions.
6.) Accountability:
- Accountability ensures that all actions performed on a system can be traced back to responsible individuals or entities, enforcing security policies and deterring misuse.
Threats
A threat is any potential cause that can exploit vulnerabilities to compromise the security of systems, networks, or data.
- Threats can originate from various sources, including malicious actors, accidental errors, and natural disasters.
Types of Threats:
- External Threats: These originate outside an organization, such as hackers, malware, or nation-state actors.
- Internal Threats: These come from within the organization, such as disgruntled employees, negligence, or accidental data leaks.
- Physical Threats: These include events like theft, vandalism, or natural disasters that can damage hardware or data centers.
- Cyber Threats: These involve attacks on digital systems, such as phishing, ransomware, or Distributed Denial of Service (DDoS) attacks.
Attacks
An attack is the actual realization of a threat, where an attempt is made to exploit vulnerabilities in systems, networks, or data to cause harm or gain unauthorized access.
- Attacks can vary in complexity and target specific assets or systems.
Types of Threats:
- Malware Attacks: These involve malicious software such as viruses, worms, Trojans, or ransomware designed to disrupt or gain control over systems.
- Phishing Attacks: These involve tricking users into revealing sensitive information like usernames, passwords, or credit card details by posing as a trustworthy entity.
- Denial of Service (DoS) and Distributed Denial of Service (DDoS): These attacks flood a target system with excessive traffic, rendering it unavailable to legitimate users.
- Man-in-the-Middle (MitM) Attacks: An attacker intercepts and manipulates communication between two parties without their knowledge.
- SQL Injection: This involves inserting malicious SQL code into a database query, allowing attackers to view or manipulate sensitive data.
- Zero-Day Attacks: These target software vulnerabilities that are unknown to the vendor, leaving systems exposed until a patch is released.
- Insider Attacks: Malicious actions taken by employees or trusted individuals within an organization to steal, destroy, or manipulate data.
Assets
An asset in computer security refers to any resource, data, or system that is valuable to an organization and needs protection from threats and attacks.
- Assets can be tangible or intangible, and their security is critical for operational success.
Components of Assets:
- Data: Sensitive or proprietary information such as customer data, intellectual property, or financial records.
- Hardware: Physical devices like servers, laptops, routers, and storage devices that support the organization’s operations.
- Software: Applications, operating systems, and utilities critical to business processes and services.
- Networks: Communication infrastructures such as the internet, intranets, or private networks that facilitate data exchange.
- People: Employees, customers, or other stakeholders who interact with and rely on the organization’s systems.
- Processes: Workflows, policies, and procedures that govern how resources are used and secured.