It's no secret that any computer connected to the Internet faces a wide array of security threats. These days, however, a business needs to be connected to the Internet just to do business. What can you do? Keep reading to learn more about risks you take, and what you can do to protect yourself and your company.
All of these attacks aim to compromise one of the following:
Authentication is the process of identifying someone as a legitimate user of a system. An attacker aims to compromise the authentication and gain access to a system as an authorized user. For example, compromising the system might be accomplished by discovering the credentials of a legitimate user and then using them for malicious reasons.
Integrity ensures that information has not been altered in unexpected ways. If information is maliciously modified or destroyed, it can result in loss of revenue. An attacker that aims at a company's integrity wishes to cause severe damage; the consequences of using inaccurate information can be disastrous.
Availability means that information and resources are available when required. It is often the most important element in a service-oriented business that depends on information. Loss of availability is often accomplished using the very well-known denial of service attack, which I will discuss later on. These attacks aim to temporarily disable access or bringing down the entire system, and are motivated by economical or political considerations.
Non-repudiation is a significant concept for any personal or business transaction made using electronic means. By this term we mean that every party involved in a transaction cannot later deny their participation. Attackers try to impersonate legitimate users to deceive the other party in an attempt to steal or cause severe damage.