0 1 00:00:00,000 --> 00:00:02,070 The CIA triad, and we're not talking 1 2 00:00:02,070 --> 00:00:04,259 about intelligence. So when we talk about the 2 3 00:00:04,259 --> 00:00:06,180 CIA triad and cybersecurity, we're 3 4 00:00:06,180 --> 00:00:07,649 talking about confidentiality, integrity, 4 5 00:00:07,649 --> 00:00:10,860 and availability. These three things make 5 6 00:00:10,860 --> 00:00:12,630 up the core of defense of our networks. 6 7 00:00:12,630 --> 00:00:14,670 If we can guarantee the confidentiality, 7 8 00:00:14,670 --> 00:00:16,440 integrity, and security of our networks, we 8 9 00:00:16,440 --> 00:00:18,510 will have a secure network for us to 9 10 00:00:18,510 --> 00:00:21,240 operate in. Now as a hacker, what we 10 11 00:00:21,240 --> 00:00:22,650 always focus on is how we can breach the 11 12 00:00:22,650 --> 00:00:24,060 confidentiality, integrity, and 12 13 00:00:24,060 --> 00:00:26,189 availability. So what is confidentiality? 13 14 00:00:26,189 --> 00:00:28,199 Well, confidentiality answers the 14 15 00:00:28,199 --> 00:00:29,310 question of how secure is the 15 16 00:00:29,310 --> 00:00:30,929 information, and how secure does it need 16 17 00:00:30,929 --> 00:00:33,300 to be. So if we have information like our 17 18 00:00:33,300 --> 00:00:35,100 social security number or date of birth, 18 19 00:00:35,100 --> 00:00:36,660 that's information that we want to keep 19 20 00:00:36,660 --> 00:00:38,100 private, because we don't want attackers 20 21 00:00:38,100 --> 00:00:40,350 to get that information. Conversely, if we 21 22 00:00:40,350 --> 00:00:41,730 look at something like my personal 22 23 00:00:41,730 --> 00:00:43,530 website, I want people to be able to see 23 24 00:00:43,530 --> 00:00:44,969 that, and so I have that out there 24 25 00:00:44,969 --> 00:00:47,190 without confidentiality attached to it. 25 26 00:00:47,190 --> 00:00:48,930 So it's not that you always need 26 27 00:00:48,930 --> 00:00:50,309 confidentiality, or you don't need 27 28 00:00:50,309 --> 00:00:51,600 confidentiality. It really depends on 28 29 00:00:51,600 --> 00:00:54,210 your use case. So what are some good ways 29 30 00:00:54,210 --> 00:00:56,129 to protect your confidentiality? Well 30 31 00:00:56,129 --> 00:00:58,079 some ways that we do this is for physical 31 32 00:00:58,079 --> 00:00:59,879 things. For instance, if I have a file 32 33 00:00:59,879 --> 00:01:01,559 that I want to keep confidential, I might 33 34 00:01:01,559 --> 00:01:03,660 put it in a safe and lock it up. If I 34 35 00:01:03,660 --> 00:01:04,799 have information I want to keep 35 36 00:01:04,799 --> 00:01:06,299 confidential, I might use that as 36 37 00:01:06,299 --> 00:01:08,220 encryption and I'll scramble up that 37 38 00:01:08,220 --> 00:01:10,020 data and save in a different format so 38 39 00:01:10,020 --> 00:01:11,100 that people can't read that information. 39 40 00:01:11,100 --> 00:01:12,869 These are two ways that we can use 40 41 00:01:12,869 --> 00:01:15,060 confidentiality, and as an attacker we 41 42 00:01:15,060 --> 00:01:16,380 look for the weakest part of the 42 43 00:01:16,380 --> 00:01:18,180 confidentiality train so that we can 43 44 00:01:18,180 --> 00:01:19,409 break into it and get the information 44 45 00:01:19,409 --> 00:01:21,330 that we want. So what is a failure of 45 46 00:01:21,330 --> 00:01:23,790 confidentiality? Well, simply put, if 46 47 00:01:23,790 --> 00:01:25,140 someone can read the information that 47 48 00:01:25,140 --> 00:01:27,030 you've tried to hide, that is going to be a 48 49 00:01:27,030 --> 00:01:28,920 breach of confidentiality. The second 49 50 00:01:28,920 --> 00:01:30,930 part of the CIA triad is integrity, and 50 51 00:01:30,930 --> 00:01:33,360 integrity is all about has the data been 51 52 00:01:33,360 --> 00:01:35,400 changed. So the way we actually keep 52 53 00:01:35,400 --> 00:01:36,930 track of whether data has been changed, 53 54 00:01:36,930 --> 00:01:38,520 generally is by the use of something 54 55 00:01:38,520 --> 00:01:40,140 called a hash. And we create this 55 56 00:01:40,140 --> 00:01:41,880 checksum that actually looks at the data 56 57 00:01:41,880 --> 00:01:43,350 and create a unique fingerprint of that 57 58 00:01:43,350 --> 00:01:44,939 data, so we'll know if it's been changed. 58 59 00:01:44,939 --> 00:01:46,740 If you change even a single bit inside 59 60 00:01:46,740 --> 00:01:48,420 that data stream, the hash will become 60 61 00:01:48,420 --> 00:01:50,040 vastly different. To ensure we have 61 62 00:01:50,040 --> 00:01:51,689 integrity means that the data has not 62 63 00:01:51,689 --> 00:01:53,759 been changed in retrieval, in storage, 63 64 00:01:53,759 --> 00:01:56,070 or in transit. If we can do that, we can 64 65 00:01:56,070 --> 00:01:57,689 ensure that we have good integrity of 65 66 00:01:57,689 --> 00:02:00,180 our data. A failure of integrity is what 66 67 00:02:00,180 --> 00:02:01,710 happens when we have data that gets 67 68 00:02:01,710 --> 00:02:03,840 changed. So for instance, if you look at 68 69 00:02:03,840 --> 00:02:05,040 your account balance and you have one 69 70 00:02:05,040 --> 00:02:07,049 thousand dollars, and I change that to be 70 71 00:02:07,049 --> 00:02:09,030 ten dollars, that would be a failure of 71 72 00:02:09,030 --> 00:02:11,160 integrity. The third part of the security 72 73 00:02:11,160 --> 00:02:13,500 triad is availability. And availability 73 74 00:02:13,500 --> 00:02:13,920 really 74 75 00:02:13,920 --> 00:02:15,959 focuses on "is the data available to be 75 76 00:02:15,959 --> 00:02:17,640 retrieved when you want it to be 76 77 00:02:17,640 --> 00:02:20,459 retrieved." So if a server is up, that's 77 78 00:02:20,459 --> 00:02:22,709 good. If a server is down, it has no 78 79 00:02:22,709 --> 00:02:24,540 availability. The way that we can get 79 80 00:02:24,540 --> 00:02:25,980 availability, is that we can have 80 81 00:02:25,980 --> 00:02:27,840 redundancy in our networks. So if I have 81 82 00:02:27,840 --> 00:02:29,190 two servers performing the function of 82 83 00:02:29,190 --> 00:02:31,110 one, if one went down the second one 83 84 00:02:31,110 --> 00:02:32,610 would take the load, there will be still, 84 85 00:02:32,610 --> 00:02:35,130 there'd still be good availability. One 85 86 00:02:35,130 --> 00:02:36,090 of the most important things in 86 87 00:02:36,090 --> 00:02:37,680 availability is having good backups, and 87 88 00:02:37,680 --> 00:02:40,050 good disaster recovery. For example, if 88 89 00:02:40,050 --> 00:02:41,730 I'm an attacker, and I go after a server 89 90 00:02:41,730 --> 00:02:43,530 with a denial of service attack, and I 90 91 00:02:43,530 --> 00:02:45,239 take down the server, can the company 91 92 00:02:45,239 --> 00:02:47,220 restore to another server in a very 92 93 00:02:47,220 --> 00:02:48,900 short amount of time? If they can, they 93 94 00:02:48,900 --> 00:02:50,730 can keep their availability up, and keep 94 95 00:02:50,730 --> 00:02:52,680 your customers happy. But if they can't, 95 96 00:02:52,680 --> 00:02:54,299 then I can actually take this network 96 97 00:02:54,299 --> 00:02:55,980 offline by doing my denial of service, 97 98 00:02:55,980 --> 00:02:58,080 their availability it does suffer. So the 98 99 00:02:58,080 --> 00:02:59,130 last thing we want to talk about when we 99 100 00:02:59,130 --> 00:03:02,069 talk about our CIA triad is that it's 100 101 00:03:02,069 --> 00:03:04,170 not actually a perfect triangle. So 101 102 00:03:04,170 --> 00:03:05,850 really what comes down to is, each of 102 103 00:03:05,850 --> 00:03:07,230 these things are important but they're 103 104 00:03:07,230 --> 00:03:08,940 always important in different amounts 104 105 00:03:08,940 --> 00:03:10,620 depending on your use case scenario. 105 106 00:03:10,620 --> 00:03:12,660 Sometimes you'll have people who try to 106 107 00:03:12,660 --> 00:03:14,370 get this perfect balance of all three, 107 108 00:03:14,370 --> 00:03:15,750 and honestly that just doesn't happen 108 109 00:03:15,750 --> 00:03:17,700 most of the time. Let's look at a couple 109 110 00:03:17,700 --> 00:03:20,340 of examples. So in this example I have a 110 111 00:03:20,340 --> 00:03:23,040 high confidentiality, high integrity, low 111 112 00:03:23,040 --> 00:03:24,870 availability. Now what would be a good 112 113 00:03:24,870 --> 00:03:26,850 example that. Well let's say I have 113 114 00:03:26,850 --> 00:03:28,440 something that's really, really secret, 114 115 00:03:28,440 --> 00:03:30,239 and really, really important, and I don't 115 116 00:03:30,239 --> 00:03:32,010 want to be changed. Like let's say I have 116 117 00:03:32,010 --> 00:03:35,220 some top-secret plans for the new Death 117 118 00:03:35,220 --> 00:03:37,079 Star. I wouldn't want the rebels to get 118 119 00:03:37,079 --> 00:03:38,310 ahold of that, so therefore I'm going to 119 120 00:03:38,310 --> 00:03:39,480 take that, and i'm going to encrypt that 120 121 00:03:39,480 --> 00:03:41,489 data giving confidentiality. I'm going to 121 122 00:03:41,489 --> 00:03:42,989 do hash checking, so that if somebody 122 123 00:03:42,989 --> 00:03:44,370 makes a change in the plans i'd be able 123 124 00:03:44,370 --> 00:03:46,530 to detect that. But I might lock that 124 125 00:03:46,530 --> 00:03:48,420 inside a safe, and put that safe inside 125 126 00:03:48,420 --> 00:03:50,040 of a locked room, and that room inside of a 126 127 00:03:50,040 --> 00:03:51,840 locked building, and so it's really hard 127 128 00:03:51,840 --> 00:03:53,670 to get to. So my availability might be 128 129 00:03:53,670 --> 00:03:54,540 low, but I'll have very good 129 130 00:03:54,540 --> 00:03:55,980 confidentiality and very good integrity. 130 131 00:03:55,980 --> 00:03:57,540 That's really important if you have 131 132 00:03:57,540 --> 00:03:59,400 important data that needs to be kept 132 133 00:03:59,400 --> 00:04:01,109 safe. Another way to look at this is 133 134 00:04:01,109 --> 00:04:02,880 where we have low confidentiality but 134 135 00:04:02,880 --> 00:04:04,650 high integrity and high availability. A 135 136 00:04:04,650 --> 00:04:07,230 good example that would be a website. For 136 137 00:04:07,230 --> 00:04:09,420 example if you go to my website, I want 137 138 00:04:09,420 --> 00:04:10,829 you to be able to see the images and the 138 139 00:04:10,829 --> 00:04:12,600 text that I put up there. Meaning that it 139 140 00:04:12,600 --> 00:04:13,859 has good integrity that it hasn't been 140 141 00:04:13,859 --> 00:04:15,540 changed, but I also want to be highly 141 142 00:04:15,540 --> 00:04:17,100 available. I want anyone to be able to 142 143 00:04:17,100 --> 00:04:18,959 get to it. There's no usernames needed, 143 144 00:04:18,959 --> 00:04:20,220 there's no password needed, because I 144 145 00:04:20,220 --> 00:04:21,900 just want you to be able to view it. So 145 146 00:04:21,900 --> 00:04:22,860 in this case I have very low 146 147 00:04:22,860 --> 00:04:24,750 confidentiality, but high integrity and 147 148 00:04:24,750 --> 00:04:26,020 high availability. 148 149 00:04:26,020 --> 00:04:27,669 So the last thing we want to talk about 149 150 00:04:27,669 --> 00:04:29,680 is this trade-off that occurs. We have 150 151 00:04:29,680 --> 00:04:30,699 this trade-off that happens between 151 152 00:04:30,699 --> 00:04:33,699 operations and security, and it always 152 153 00:04:33,699 --> 00:04:35,229 happens. If you look in your workplace 153 154 00:04:35,229 --> 00:04:37,360 environment, you will want to have high 154 155 00:04:37,360 --> 00:04:38,560 operations because you want to be 155 156 00:04:38,560 --> 00:04:40,150 productive and make a lot of money in 156 157 00:04:40,150 --> 00:04:42,039 your company. But you also want good 157 158 00:04:42,039 --> 00:04:43,960 security, and the problem is as you 158 159 00:04:43,960 --> 00:04:46,360 increase security often, the operations 159 160 00:04:46,360 --> 00:04:48,220 to end up suffering. And the reason for 160 161 00:04:48,220 --> 00:04:49,300 that is there's always this trade-off. 161 162 00:04:49,300 --> 00:04:51,849 For example if I require everyone to log 162 163 00:04:51,849 --> 00:04:54,310 in with a username and a password and a 163 164 00:04:54,310 --> 00:04:56,139 token that's a little bit harder on 164 165 00:04:56,139 --> 00:04:57,759 operation so it slows them down, but it 165 166 00:04:57,759 --> 00:05:00,400 gives me much better security. Conversely, 166 167 00:05:00,400 --> 00:05:02,830 if I let everyone just log onto the 167 168 00:05:02,830 --> 00:05:04,389 computer with a shared account that 168 169 00:05:04,389 --> 00:05:05,770 everybody's the same username password, I 169 170 00:05:05,770 --> 00:05:07,569 have zero security but it's very quick 170 171 00:05:07,569 --> 00:05:09,580 and efficient to do. So, it's always going 171 172 00:05:09,580 --> 00:05:10,840 to be this trade-off, and we have to 172 173 00:05:10,840 --> 00:05:12,610 consider that when we build our systems. Now, 173 174 00:05:12,610 --> 00:05:13,960 as an attacker we're always going to be looking 174 175 00:05:13,960 --> 00:05:15,430 at where are those places that 175 176 00:05:15,430 --> 00:05:17,110 operations has taken over and security 176 177 00:05:17,110 --> 00:05:20,050 has lapsed. For example, if five people are 177 178 00:05:20,050 --> 00:05:21,520 using the same username and password, I 178 179 00:05:21,520 --> 00:05:22,900 can go after any one of those five 179 180 00:05:22,900 --> 00:05:24,190 people using social engineering attacks, 180 181 00:05:24,190 --> 00:05:26,139 and be able to get that username or 181 182 00:05:26,139 --> 00:05:30,030 password, and now I can break that system.