We live in a world where all wars will begin as cyberwars… It’s the combination of hacking and massive, well-coordinated disinformation campaigns.

— Jared Cohen —

Cybersecurity and Ethical hacking

In this digital world, data is everything. You may an individual or an organization or the government, it is a big challenge nowadays to secure sensitive information from unauthorized access and theft. Nowadays most of the crimes are cybercrime. “Cybercrime is a crime committed using the means of technology and the internet”. Because the whole world system turned into digital, so the rate of traditional crime decreased, and the rate of cybercrime increased. Although we talk about cybercrime as a separate entity from traditional crime, it is carried out by the same types of criminals for the same type of reasons. For example, if someone wants to rob a bank they don’t have to do it in the traditional way, because most of the banking systems are online systems so if the robber has the information to access the bank system they can rob it easily. We called these cybercriminals hackers. But there are two types of hackers, we will discuss them below in detail. So how we can secure sensitive information from these cybercriminals? There are many security models to handle and secure the information.

Let’s understand how hackers manage to get access to our system.

This picture illustrates the Information security overview. Adversaries create threads and access the assets using the vulnerability or loophole in our security controls. They don’t use any external factors to break our system, they just use vulnerabilities in our system or software. We give them the opportunity to break our system. So we have to be more careful about the security controls. Security should come from the design phase of the software process life cycle, but many developers care about the security in the development stage that’s not good.

CIA triad

The CIA Triad is actually a security model that has been developed to help people think about various parts of Cybersecurity. CIA ensures Confidentiality, Integrity, Availability of data.

Confidentiality

It’s crucial in today’s world for people to protect their sensitive, private information from unauthorized access.

Protecting confidentiality is dependent on being able to define and enforce certain access levels for information. In some cases, doing this involves separating information into various collections that are organized by who needs access to the information and how sensitive that information actually is — i.e. the amount of damage suffered if the confidentiality was breached.

Some of the most common means used to manage confidentiality include access control lists, volume, and file encryption, and Unix file permissions.

Integrity

Data integrity is what the “I” in CIA Triad stands for. This is an essential component of the CIA Triad and designed to protect data from deletion or modification from any unauthorized party, and it ensures that when an authorized person makes a change that should not have been made the damage can be reversed.

Availability

This is the final component of the CIA Triad and refers to the actual availability of your data. Authentication mechanisms, access channels, and systems all have to work properly to protect and ensure it’s available when needed.

High availability systems are the computing resources that have architectures that are specifically designed to improve availability. Based on the specific HA system design, this may target hardware failures, upgrades, or power outages to help improve availability, or it may manage several network connections to route around various network outages.

Understanding the CIA triad

CIA Triad is all about information. While this is considered the core factor of the majority of IT security, it promotes a limited view of security that ignores other important factors. For example, even though availability may serve to make sure you don’t lose access to resources needed to provide information when it is needed, thinking about information security in itself doesn’t guarantee that someone else hasn’t used your hardware resources without authorization.

It’s important to understand what the CIA Triad is, how it is used to plan, and also to implement a quality security policy while understanding the various principles behind it. It’s also important to understand the limitations it presents. When you are informed, you can utilize the CIA Triad for what it has to offer and avoid the consequences that may come along by not understanding it.

Hacking(Black Hat Hackers) vs Ethical Hacking(White Hat Hackers)

The term hackers mean individuals with great technical and programming knowledge but they use it in the wrong direction. Ethical hackers, on the other hand, are people who work for the government or other organizations to protect data or deal with crime.

White Hat Hackers

  • Increases the security framework
  • Develops a high-security structure
  • Updates and regularly checks the security
  • Develops systems like firewall, ad blocker, etc.

Black Hat Hackers

  • Reduces security by stealing data
  • Gains access to accounts and sensitive data
  • Steals valuable data from the organization
  • Gains access to restricted areas, etc.

References:

BSc.(Hons) Software Engineering Undergraduate | University Of Kelaniya www.kln.ac.lk. | https://josiahprathaban.me

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

If you run a company — Plan for being taken out !!!

Roadmap: offences and enforcement actions

Bluzelle + IPFS Notary app

You Too Can Protect Your Funds

Safe Storage of Passwords, Private Keys, and Other Important Information

{UPDATE} Rugby: Hard Runner Hack Free Resources Generator

https://wn.nr/xCY6B9

Phishing Attack | Cloud Security

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
JOSIAH PRATHABAN

JOSIAH PRATHABAN

BSc.(Hons) Software Engineering Undergraduate | University Of Kelaniya www.kln.ac.lk. | https://josiahprathaban.me

More from Medium

My approach to CTF creation

Forge — HTB

HackTheBox CTF — Cyber Santa Is Coming To Town Writeups 2021

A simple entry point can lead to Server Compromise