{"id":7684,"date":"2018-12-13T01:13:36","date_gmt":"2018-12-13T01:13:36","guid":{"rendered":"http:\/\/blog.nsfocusglobal.com\/?p=769"},"modified":"2018-12-13T01:13:36","modified_gmt":"2018-12-13T01:13:36","slug":"missing-leg-integrity-cia-triad","status":"publish","type":"post","link":"https:\/\/nsfocusglobal.com\/pt-br\/missing-leg-integrity-cia-triad\/","title":{"rendered":"The missing leg \u2013 integrity in the CIA triad"},"content":{"rendered":"

Linkedin<\/p>\n

Eric Vanderburg<\/a><\/h2>\n

Information security is often described using the\u00a0CIA Triad<\/a>. The CIA stands for Confidentiality, Integrity, and Availability and these are the three elements of data that\u00a0information security<\/a>\u00a0tries to protect. If we look at the CIA triad from the attacker\u2019s viewpoint, they would seek to compromise confidentiality by stealing data, integrity by manipulating data and availability by deleting data or taking down the systems that host the data.<\/p>\n

By and far, most attacks have been focused on disrupting confidentiality or availability so defense mechanisms and training has also been focused there. The number of data breaches has skyrocketed and there is a flourishing market for stolen data including personal health information, credit card numbers, social security numbers, advertising lists, and proprietary technology. We also see many attacks on availability through\u00a0Denial of Service<\/a>.<\/p>\n

Integrity attacks are much less commonplace, but they still represent a threat. Organizations must protect more than just confidentiality to be secure (see\u00a0Overly and Howell\u2019s Myth #3<\/a>).<\/p>\n

So what does an attack on integrity look like? Let\u2019s look at three examples<\/p>\n

1) Enticing an opponent to make a bad decision<\/strong><\/p>\n

There is a software development saying that goes, \u201cGarbage in, garbage out,\u201d meaning if you let junk data into your program, it will produce junk for output. Similarly, junk data used in decision making will result in bad decisions. Integrity attacks of this sort aim to sabotage competitors or opponents by poisoning information stores that their competitors use to make critical decisions.<\/p>\n

2) Exploiting temporary data inconsistencies<\/strong><\/p>\n

Attackers modify the time on a Network Time Protocol server so that door access control systems think it is the middle of the day instead of the middle of the night. Consequently, the doors unlock or require only a pin instead of multi-factor authentication.<\/p>\n

In another example, thieves momentarily inflate the balance of accounts before performing a wire transfer or stock ticker symbols are changed in a trading company database resulting in many incorrect stock transactions and inflated or deflated stock valuation by the market.<\/p>\n

3) Online Vandalism<\/strong><\/p>\n

Hacktivists or cyber activists often employ online vandalism to spread their message and others vandalize sites for fun or to hurt brand image. For example, the\u00a0FBI issued a warning<\/a>\u00a0in April that ISIL was mass-defacing WordPress websites using known vulnerabilities.<\/p>\n

The good news is that many of the technical controls organizations already have in place to protect the confidentiality and availability of data can also be used to protect its integrity since attackers must exploit similar vulnerabilities or access the same systems on which they perform other attacks. However, procedures and training may need to be updated so that employees are aware of such threats and how to recognize them. Furthermore, the data that goes into critical decisions should be validated through alternate sources. Consider the following:<\/p>\n