WEBVTT

00:00.000 --> 00:05.325
>> Hi everybody. Continuing
with the CIA triad,

00:05.325 --> 00:07.050
let's look at integrity.

00:07.050 --> 00:09.510
When we talk about
threats to integrity,

00:09.510 --> 00:12.610
we are concerned about whether
a data has been modified.

00:12.610 --> 00:14.625
There are a couple of
ways that can happen.

00:14.625 --> 00:16.495
One way is through corruption,

00:16.495 --> 00:19.775
which is accidental or
unintentional modification.

00:19.775 --> 00:21.470
Maybe it happens because

00:21.470 --> 00:23.135
there is interference
on the line

00:23.135 --> 00:24.995
or something happens as data

00:24.995 --> 00:27.445
traverses great
lengths, for example.

00:27.445 --> 00:29.030
Another way is through

00:29.030 --> 00:32.375
malicious modification.
That's intentional.

00:32.375 --> 00:34.610
For example, an attacker inserts

00:34.610 --> 00:36.905
malware into a file
that gets downloaded,

00:36.905 --> 00:39.890
or somebody captures
a package in transit,

00:39.890 --> 00:41.800
and makes modifications to it.

00:41.800 --> 00:44.165
Or maybe they alter
communication

00:44.165 --> 00:47.080
and change a session
header or a source ID.

00:47.080 --> 00:51.100
All of that is threat
against integrity.

00:51.710 --> 00:53.840
Corruption is easier to

00:53.840 --> 00:56.205
detect than malicious
modification.

00:56.205 --> 00:58.805
When we're just looking to
protect against corruption,

00:58.805 --> 01:00.895
we use hashes or hashing.

01:00.895 --> 01:04.235
Another word for a hash
is a message digest,

01:04.235 --> 01:06.740
and another word is a checksum.

01:06.740 --> 01:09.185
Those three words might
be used together.

01:09.185 --> 01:10.910
They're all good methods to use

01:10.910 --> 01:12.875
for unintentional modification,

01:12.875 --> 01:15.065
but with malicious modification,

01:15.065 --> 01:18.200
we have to be more robust
with our security controls.

01:18.200 --> 01:21.335
That's because if an attacker
can modify the data,

01:21.335 --> 01:24.280
they may be able to modify
the security controls.

01:24.280 --> 01:28.400
For this, we have a MAC or a
message authentication code,

01:28.400 --> 01:30.515
or a digital signature.

01:30.515 --> 01:32.180
We'll cover all of
these things in

01:32.180 --> 01:35.280
more detail in the
cryptography chapter.

01:36.320 --> 01:38.810
If we want to protect
the integrity of

01:38.810 --> 01:40.775
log files and audit records,

01:40.775 --> 01:42.320
we can use write-once media

01:42.320 --> 01:44.225
to make sure they
can't be modified.

01:44.225 --> 01:47.630
Baseline images can be put
on write-once media also,

01:47.630 --> 01:50.880
and hashes can be used
with images as well.

01:51.380 --> 01:54.290
Then the last of the
security principles

01:54.290 --> 01:56.690
in the CIA triad
is availability.

01:56.690 --> 02:00.005
This means having timely
access to resources.

02:00.005 --> 02:01.760
The most common attack against

02:01.760 --> 02:04.495
availability is a denial
of service attack.

02:04.495 --> 02:07.160
A denial of service
DoS attack has

02:07.160 --> 02:09.650
to do with overwhelming
the servers that it is so

02:09.650 --> 02:12.170
busy responding to my
illegitimate requests

02:12.170 --> 02:14.570
that it can't respond to
a legitimate request.

02:14.570 --> 02:16.130
It could also be

02:16.130 --> 02:18.745
someone on [inaudible]
server in the server room,

02:18.745 --> 02:20.630
but the ones we're
going to look at

02:20.630 --> 02:23.015
have to do with the
resource overload.

02:23.015 --> 02:27.005
Now, if a single system can
cause a resource overload,

02:27.005 --> 02:29.600
what about if an
attacker took over 10

02:29.600 --> 02:32.410
or 100 or 10,000 systems?

02:32.410 --> 02:34.579
That's what happens
in a distributed

02:34.579 --> 02:37.835
denial-of-service
or DDoS attack.

02:37.835 --> 02:39.860
The attacker gets
malicious software

02:39.860 --> 02:41.030
on the systems without

02:41.030 --> 02:44.510
zombies or botnets which
launch downstream attacks,

02:44.510 --> 02:47.160
lots of attacks look like that.

02:47.860 --> 02:52.375
Another type of issue with
availability is just failure.

02:52.375 --> 02:55.265
Failure of devices or resources.

02:55.265 --> 02:57.440
It can be caused by
natural disaster

02:57.440 --> 02:59.630
like a fire or a
hurricane that causes

02:59.630 --> 03:02.060
power outages or even something

03:02.060 --> 03:04.835
like an employee strike
can affect availability.

03:04.835 --> 03:07.925
They can also have something
like a ransomware attack,

03:07.925 --> 03:10.610
which means your data
is not available.

03:10.610 --> 03:14.730
There are all sorts of ways
that availability can suffer.

03:15.080 --> 03:19.220
The answer to keeping
availability alive is redundancy.

03:19.220 --> 03:21.575
Along with that,
go with the ideas

03:21.575 --> 03:24.310
of resiliency and
fault tolerance.

03:24.310 --> 03:26.930
The idea there is to
withstand an attack and

03:26.930 --> 03:29.995
keep going on even if
you have been attacked.

03:29.995 --> 03:32.265
We also list backups here,

03:32.265 --> 03:34.085
but when you think
about availability,

03:34.085 --> 03:36.215
you have to be really
comprehensive,

03:36.215 --> 03:38.840
and backups only work for data.

03:38.840 --> 03:40.790
We'll talk about
other solutions for

03:40.790 --> 03:44.280
availability of hardware
and software later.