Information security
Table of Contents
Information security is a practice of protecting information, information systems from unauthorized access, use, modification, destruction and disclosure. In simple words Information security means keeping the data confidential, accurate and available to the authorized user when they want to access.
When you see elements of information security on higher level you will encounter with 3 main pillars which are know as CIA triad. We are going a little dipper and learn about 5 elements of information security.
(Number of elements may vary upon the depth, latest frameworks and classifications)
5 Elements of Information security
Confidentiality
Confidentiality is an element of information security which ensures that only authorized user have the access to the information. User without the permission shouldn't have the access to the information.
Example :
1. ATM pins ~ Only users having pins are authorized and can withdraw money.
2. Passwords and biometric locks ~ Only users having authority can access thing that are next to the lock.
Integrity
Integrity is an element of information security which ensures that only authorized user can change/modify the data. No unauthorized changes can be made by unauthorized user
Example :
1. ATM balance ~ After withdrawing money, system automatically updates the money without errors or tempering.
2. Checksums ~ Used to check that not a single bit of data of file was changed.
Availability
availability is an element of information security which ensures that information is available for access to the authorized user when he wants to access.
Example :
1. ATM uptime ~ ATM should available to its given time with cash when its user want to withdraw their cash.
2. Backups and power generators keeping servers available to its user all the time.
Authenticity
Authenticity is an element of information security which is used to confirm that the information, user, system are those which they claim to be. In short data, user and systems are not fake or impersonated.
Example :
1. ATM cards + Pin verifications ~ ATM cards and pins are used to identify the real user.
2. Multi factor authentications ~ MFA is used to verify that the user is real user what he claim to be.
Non-Repudiation
Non-repudiation is an element of information security which ensures that the actions can not be denied later. Each action is stored somewhere and somehow connected with someone.
Example :
1. Transaction receipts and logs ~ In transactions and transmission logs are created so that these actions can not get denied later.
2. Digital signature ~ Digital signature of sender get attached with the message or emails so that sender can not deny that he sended the message/email.
Classification of information security attacks
Passive attacks
In the world of information security, passive attacks are those attacks which doesn't involve direct interaction with the target. In this type of attack, generally publicly available informations are collected about the target.
Information can be collected from another person, services and sources. It doesn't damaging/changing the target directly.
Example :
1. Google dorking ~ Using google advance search filters to collect target specific informations.
2. Dumpster diving ~ Examining the dumps nearby the target to collect any possible information.
3. Capturing a picture of a screen, documents or any important information.
Footprinting, sniffing, network traffic analysis
Active attacks
In the world of information security, active attacks are the direct attack to a target. It involves changing, disrupting or destroying the information or system by directly interacting with it.
Example :
1. Denial of service (DoS) ~ Overloading the server by making a lot of requests.
2. Man in the middle (MITM) ~ Intercepting the transmission of the target.
3. Defacing the website ~ Changing the contents of main website of the target.
Spoofing, Session hijacking, Malware, Web based attacks
Close-in attacks
In the world of information security, close-in attacks are carried out by physically visiting the target to steal, modify or damage the information or systems.
It generally break the physical security (direct or loophole) for attack.
Example :
1. Shoulder surfing ~ Watching targets private informations from his surrounding, without his knowledge.
2. Installing spying devices in premises.
3. Unauthorized access ~ Breaking the physical security and damaging the infrastructure and systems.
Insider attacks
In the world of information security, insider attacks are carried by authorized entity, it can be an employee, contractor or any partner itself. These types of threats are harder to identify before the attack because they uses their trust and privileges.
Example :
1. Data theft ~ Stealing the confidential and secret informations.
2. Sharing the secret information with others for greed.
3. Sabotage ~ Threat actor destroys the informations or information systems.
Distribution/Supply-chain attacks
In the world of information security, supply chain attacks are done by inserting malicious code or hardware to the product before it reaches to the end user. It can either be with a new product or later updated.
Example :
1. Infected firmware from the factory.
2. Compromised software update from an official website.
3. Malicious USB drives sold online.
4. Malicious code changes to a library which is already used in a lot of other products.
Motive behind information security attacks
Every information security attacks have a motive of attacker. It can be various and depends upon situations, attacker's mood and other things. Some of the popular motives are listed below.
- To take revenge
- To take the reputation or financial condition down of the target
- To create fear
- For stealing some secret
- To take ransom
- Manipulating data
Frequently Asked Questions
What are the 5 elements of information security?➕
The 5 elements of information security are:
(1) Confidentiality - ensures only authorized users access information,
(2) Integrity - ensures only authorized users can modify data,
(3) Availability - ensures information is accessible when needed,
(4) Authenticity - confirms that information and users are genuine, and
(5) Non-Repudiation - ensures actions cannot be denied later.
What is the CIA triad in information security?➕
The CIA triad represents the 3 main pillars of information security:
Confidentiality (keeping data private), Integrity (ensuring data accuracy and preventing unauthorized changes), and Availability (making data accessible to authorized users when needed).
What are the types of information security attacks?➕
The main types of information security attacks are:
(1) Passive attacks - collect information without direct interaction (e.g., Google dorking).
(2) Active attacks - directly disrupt systems (e.g., DoS attacks)
(3) Close-in attacks - physical attacks on premises.
(4) Insider attacks - carried out by authorized employees.
(5) Supply-chain attacks - inserting malicious code into products.
What is the difference between active and passive attacks?➕
Passive attacks don't involve direct interaction with the target and focus on collecting publicly available information without damaging systems. Active attacks directly interact with the target to change, disrupt, or destroy information and systems, such as denial of service or man-in-the-middle attacks.
What are examples of information security threats?➕
Common information security threats include: shoulder surfing, phishing, malware, denial of service (DoS), man-in-the-middle (MITM) attacks, website defacing, data theft by insiders, unauthorized physical access, and compromised software updates from supply chain attacks.