Code Target

·         Integrity:

Integrity assures that the data or information system can be trusted. Ensures that it is edited by only authorized persons and remains in its original state when at rest. Data encryption and hashing algorithms are key processes in providing integrity

Integrity means the data in transit/rest is not modified and is accurate. Accuracy and consistency of data should always be maintained.

For example, when you send some data to client it should reach them as it is. If any other person is able to modify the contents and forwards it to the client then the integrity of the data is lost. Data encryption and hashing algorithms are key processes in providing integrity.

·         Availability:

Data and information systems are available when required. Hardware maintenance, software patching/upgrading and network optimization ensures availability

Availability means the data is always available and accessible to the right people at the right time. i.e. When needed.

For example, when your hard disk crash, you don’t have access to the data in it. i.e. it is unavailable to you. Hardware maintenance, software patching/upgrading and network optimization ensures availability.

Authentication :

 

Definition: Authorization is a security mechanism to determine access levels or user/client privileges related to system resources including files, services, computer programs, data and application features. This is the process of granting or denying access to a network resource which allows the user access to various resources based on the user's identity.

Description: Most web security systems are based on a two-step process. The first step is authentication, which ensures about the user identity and the second stage is authorization, which allows the user to access the various resources based on the user's identity. Modern operating systems depend on effectively designed authorization processes to facilitate application deployment and management. Key factors contain user type, number and credentials, requiring verification and related actions and roles.

Access control in computer systems and networks relies on access policies and it is divided into two phases:

1) Policy definition phase where access is authorized.

2) Policy enforcement phase where access requests are permitted or not permitted.

Thus authorization is the function of the policy definition phase which precedes the policy enforcement phase where access requests are permitted or not permitted based on the previously defined authorizations. Access control also uses authentication to check the identity of consumers. When a consumer attempts to access a resource, the access control process investigates that the consumer has been authorized to use that resource. Authorization services are implemented by the Security Server which can control access at the level of individual files or programs.

Risk:

Definition: Risk implies future uncertainty about deviation from expected earnings or expected outcome. Risk measures the uncertainty that an investor is willing to take to realize a gain from an investment. 

Description: Risks are of different types and originate from different situations. We have liquidity risk, sovereign risk, insurance risk, business risk, default risk, etc. Various risks originate due to the uncertainty arising out of various factors that influence an investment or a situation.

attack surface

An attack surface is the total sum of the vulnerabilities in a given computing device or network that are accessible to a hacker.

Anyone trying to break into a system generally starts by scanning the target’s attack surface for possible attack vectors, whether for an active attack or passive attack, ethical hacking or a hacking competition.

 Attack surfaces can be divided in to a few categories: 

• The network attack surface. 
•  The software attack surface.
•  The physical attack surface.

Every point of network interaction is a potential part of the network attack surface. A network attack surface can be reduced by closing unnecessarily open ports and limiting the resources that are available to untrusted users and to the Internet in general, through methods like MAC address filtering. Limiting  network attack vectors can also limit the exposure of existing software vulnerabilities by blocking access to them.

 As all running code has the possibility of having exploitable vulnerabilities, one of the first and simplest ways to limit software attack surface is to reduce the amount of running code. The more a piece of malware can use various exploits, the more chance it can get in via a hole in a target system’s attack surface.

Physical access also constitutes an attack surface, which overlaps with the social engineering attack surface. This surface is exploitable by inside vectors such as rogue employees or hired workers. External risks include password retrieval from carelessly discarded hardware or from password sticky notes. Best practices for physical attack surface remediation include enforcing strong authentication, destroying hard drives before throwing them out and refraining from leaving hard copy access data -- like sticky note passwords – in proximity to a computer.  

Knowledge of all elements of an organization’s attack surface is crucial to proper setup of breach detection systems (BDS), firewalls, intrusion prevention systems, data policies and other security measures.
Malware:

Malware” is short for “malicious software” - computer programs designed to infiltrate and damage computers without the users consent. “Malware” is the general term covering all the different types of threats to your computer safety such as viruses, spyware, worms, trojans, rootkits and so on.

•    malicious softwareMalware is the shortened form of
• Malware is an umbrella term used to refer to a variety of forms of hostile or intrusive software including Ransom wares, Computer Viruses, Worms, Trojan Horses, Spyware, Adware, Scareware etc. 
•   This is any program or file that is harmful to a computer user.
•  The term refers to software that is deployed with malicious intent. 
•   Malware can be deployed even remotely, and tracking the source of malware is hard

• It can take the form of executable code, scripts, active content, and other software.

•  These malicious programs can perform a variety of functions, including stealing, encrypting or deleting sensitive data, altering or hijacking core computing functions and monitoring users’ computer activity without their permission.

• This combination has enabled commercial malware providers to supply sophisticated black markets for both malware and the information that it collects.

 

What is the purpose of creating a Malware?

1.      Initially, it started as a prank among software developers. However, later on, malware converted into a full-fledged industry of black and white market.

2.      It may be used by black hat hackers or even some governments for monitoring their targets.

3.      Demand for sophisticated malware is created primarily by organised crime syndicates and state-sponsored espionage agents.

Malware is typically used:

1.      To steal information that can be readily monetized, such as login credentials, credit card and bank account numbers,

2.      And intellectual property such as computer software, financial algorithms, and trade secrets.

3.      To ransom money in Bitcoin, for example, WannacryRansomware.

4.      Spy on computer users for an extended period without their knowledge, for example, Reign Malware.

5.      It may be designed to cause harm, often as sabotage for example Stuxnet.

6.      Extort payment for example Cryptolocker.