Cybersecurity

What is cybersecurity?

Secrecy, or confidentiality, means that only authorized people should be able to access or read specific computer systems and data.

Integrity means that only authorized people should be able to use or modify systems and data.

Cybersecurity helps minimize crime and harm in the virtual world. It’s a set of techniques used to protect the secrecy, integrity, and availability of computer systems and data against threats.

Authentication is the process by which a computer understands who it is interacting with. There are 3 types: what you know, what you have, and what you are.

Permissions, or Access Control Lists (ACLS) describe the access each user has to view or modify any file, or program, on a computer.

Malicious software (malware) can make a program or computing system vulnerable to attacks that copy user data and allow hackers to disguise as the user.

Some hack for amusement and curiosity, others for monetary gain (cybercriminals), and others hack to provide a social or political goal (hacktivists).

Black Hat hackers steal, exploit, and sell computer vulnerabilities and data. White Hat hackers are hired by companies and governments to perform security evaluations, hunt for bugs, and try to close security holes.

Attackers use bugs in a system to gain access to computer systems to overwrite data, steal user data, crash systems, or hijack the whole system.

Unresolved bugs on enough systems opens up the possibility of “worms,” programs that automatically jump from computer to computer.

Cryptography includes the most common forms of computer security. System architects employ them to make info secret and frustrate attackers.

A cipher is an algorithm that converts plain text into ciphertext that can’t be read unless you have a key to undo the cipher. Think encryption and decryption.

Cryptographic techniques rely on keys known by both sender and recipient.

Key exchange uses an algorithm that lets 2 computers agree on a key without sending one, using one-way functions (math operations) that are easy to do in one direction, but hard to reverse. Think paint mixtures.

Symmetric keys are the same on both sides and are used by the sender and receiver to encrypt and decrypt.

Asymmetric encryption uses two different keys (1 public, 1 private). Senders use the public key, recipient uses their own private key.