Open in app

Sign in

Write

Sign in

Ethical Hacking Part — I : Information Security

Ajay Nooji
3 min readAug 26, 2022

--

This is the first part of a three part write-up on ethical Hacking.

Cyber Security can be summed in one sentence — protecting CIA of data.

What is this CIA ? Take an example, that you are a user of an online shopping website like Flipkart. You want to purchase a smartphone, but the details must be known only to you and the company, nobody else. This is Confidentiality.

Suppose you buy a black smartphone and the delivered smartphone is blue or green or some other colour. Or it is delivered to wrong address. Thus your details and details of your product must not change unless the buyer changes it. This is Integrity.

Lastly, You must be able to log in to the Amazon website and buy the product any time you want, as long as the product is in stock. This is Availability.

Thus Confidentiality, Integrity and Availability are the pillars of Cyber security. Three of them are equally important, and must be balanced.

Expanding on the same idea, A company has many devices such as computers, printers, laptops, etc. It has lot of data stored in hard drives and servers. It also has a lot of employees. These are called Assets — Any thing of value to the company.

Thus it is the job of ethical hackers to protect the CIA of Assets of the company they work in.

We hear all the time that some company suffered a cyber attack, that cyber criminals demand so and so amount of bit coin in ransom and so on. These are Threats to the assets of the company. Anything and anybody that can cause damage to assets of company is a threat.

For any cyber attack to take place, there must exist a weakness. This weakness can in form of human error, an outdated software, broken devices etc. These are ideal paths to conduct cyber attack. These weaknesses are called Vulnerabilities.

Components necessary for cyber attack

Thus any cyber criminal requires at minimum three things to perform successful cyber attack — A vulnerability in the asset of a company and the knowledge to conduct cyber attack using that vulnerability.

Read on how to perform cyber attack in next part II of the series.

Image source :

https://pixabay.com/photos/code-html-digital-coding-web-1076536/

https://www.ibm.com/blogs/cloud-computing/wp-content/uploads/2018/01/TRIAD.png

https://www.securingpeople.com/wp-content/uploads/2020/07/ThreatVulnerabilityRisk.jpg

Ethical Hacking
Cybersecurity
Information Security
Hacking
Awareness

--

--

Ajay Nooji

Written by Ajay Nooji

4 Followers

Cyber Security Enthusiast.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams