Discuss how confidentiality, integrity and availability are affected by interruption, interception, modification, and fabrication. Give an example to elaborate your point identifying the threats, attacks, vulnerabilities and controls in your example.
Availability, Integrity and Confidentiality are factors of the CIA triad where it’s considered the critical components of security. The CIA triad is a model deigned to monitor guidelines in the information security field.
Availability is the guarantee of the reliable access to the information by authorized people. When talking about availability the biggest threat is interruption where it’s not always caused by attacks, such as: technical glitches, bugs, environmental disasters. Other than these examples, there are the interruption attack where it’s defined as the network service is made unavailable for valid use. Examples of this are: overloading the server host to not respond (Denial of Service Attack, DoS), cutting the communication line, blocking the access to the server by overloading the intermediate network, destructing the software or the hardware involved. On the other hand, the interception attack does not have a huge impact here, however it is used to target smaller attacks as accessing unauthorized or invalid data which could cause for the system to for example lock the account or simply packet sniffing. Modification attacks does not affect hugely here since it’s related to modifying and alternating the code or data which is more targeted to the integrity aspect. However, an example could be when an attack modifies or deletes important files in the system. Fabrication attacks usually targets the authenticity, which is why it doesn’t affect the availability since the attacker is interested in inserting new information to files to access data or service.
Integrity is the guarantee of the information to not be modified in an unauthorized way. When talking about integrity the biggest threats are modification as the idea of the threat is to modify the message and sent to the destination by an unauthorized user and fabrication attack which differs than modification in the case that the attacker creates a fake message and insert it to the network. Interruption attacks could create invalid data or damaging the data, since this attack is more targeted to the availability aspect, it doesn’t create a big threat here. Interception attacks is targeted more to the confidentiality aspect; however, it could appear in the modification of the data if it’s show in the attacker’s side.
Confidentiality is the protection of the information from the unauthorized people. When talking about the confidentiality the biggest threats is the interception attacks, where the message or the data is intercepted by the attacker. Interruption attacks, in this attack the communication between the two or more systems is interrupted and the attacker could do anything with that such as; inserting, deleting messages or data where it violated the confidentiality factor. Modification attacks usually targets the integrity aspect; however, it could happen here such as in the man-in-the-middle or eavesdropping attack where the attacker could modify the message received. Fabrication attacks could appear when the attacker imitate a message or data for unauthorized information or system.
An example of such attacks is one that happened in 2016 is the Bangladesh Bank Heist, where the attacker successfully obtained the user’s credentials and the system’s (interruption) and then transferring money to the attackers (modification & fabrication), when the bank hired cyber-security experts they found out the attackers were still in the network (packet sniffing, targets confidentiality). However, after the experts searching they found out the attackers did not compromise the system directly, they used many things one of them was a malware that was installed into the network to prevent them from discovering it which was successful since they installed it in January and didn’t get discover until February.