What’s behind the curtain? Part I - Targets (Page 4 of 6 )
All of these attacks aim to compromise one of the following:
- Authentication is the process of identifying someone as a legitimate user of a system. An attacker aims to compromise the authentication and gain access to a system as an authorized user. For example, compromising the system might be accomplished by discovering the credentials of a legitimate user and then using them for malicious reasons.
- Integrity ensures that information has not been altered in unexpected ways. If information is maliciously modified or destroyed, it can result in loss of revenue. An attacker that aims at a company's integrity wishes to cause severe damage; the consequences of using inaccurate information can be disastrous.
- Availability means that information and resources are available when required. It is often the most important element in a service-oriented business that depends on information. Loss of availability is often accomplished using the very well-known denial of service attack, which I will discuss later on. These attacks aim to temporarily disable access or bringing down the entire system, and are motivated by economical or political considerations.
- Non-repudiation is a significant concept for any personal or business transaction made using electronic means. By this term we mean that every party involved in a transaction cannot later deny their participation. Attackers try to impersonate legitimate users to deceive the other party in an attempt to steal or cause severe damage.
Next: Malicious Code >>
More Security Articles
More By Eliana Stavrou
