In the lecture we had yesterday “Offences against the CIA og Computer Data and Systems” were the topic, and I wanted to reflect a bit on this topic. Offenses against CIA is one of the four different types of offences, where the others are computer-related offences, content-related offences and copyright-offences.
First of all, CIA is an acronym for Confidentiality, Integrity and Availability, and is central in all information security. Not to be confused with the Central Intelligence Agency. In this context (infosec), confidentiality is a set of rules that limits access to information, integrity is the assurance that the information is trustworthy and accurate, and availability is a guarantee of reliable access to the information by authorized people (Rouse, 2017).
Offences against CIA can be a number of things, such as hacking, espionage, interference or in other ways compromising either of the three components. Where DDoS attacks will affect the Availability of data, having unauthorized users on your system is a breach of Confidentiality – and with the right access, it can also compromise the Integrity.
The recent cryptolock attacks are also an example of breach of the CIA, where the malware encrypts your data and making it unavailable until you pay a ransom.
Rouse, M. (2017) What is CIA?
Accessed online: http://whatis.techtarget.com/definition/Confidentiality-integrity-and-availability-CIA