Information Assurance - 6 Flashcards
It refers to an incident in which an unauthorized party gains access to confidential, sensitive, or protected information or resources. Typically, it occurs when an intruder is able to bypass security mechanisms.
Security Breach
Nature of Breaches
- DATA THEFT
- MALWARE ATTACK
- UNAUTHORIZED ACCESS
Type of breach where unauthorized individuals gain access to sensitive information, such as personal data, financial records, or intellectual property, with the intention of using it for malicious purposes or financial gain.
DATA THEFT
when individuals or entities gain entry to a system, network, or application without proper authorization. This could involve exploiting weak passwords, bypassing authentication measures, or taking advantage of misconfigured permissions.
UNAUTHORIZED ACCESS
- refers to software designed to disrupt, damage, or gain unauthorized access to computer systems. Malware attacks can take many forms, such as viruses, worms, ransomware, or spyware.
- These attacks often exploit vulnerabilities in software or trick users into downloading infected files
MALWARE ATTACK
occurs when individuals or entities gain entry to a system, network, or application without proper authorization. This could involve exploiting weak passwords, bypassing authentication measures, or taking advantage of misconfigured permissions.
UNAUTHORIZED ACCESS
Common Vulnerabilities of Security Breach
- Weak Authentication
- Lack of Encryption
- Unpatched Software
- Misconfigured Systems
- Vulnerable Third-party Software
Different Platforms Affected by security breach
- NETWORK INFRASTRACTURE
- DATABASE SYSTEMS
- APPLICATIONS AND SOFTWARE
- CLOUD SERVICES
- ENDPOINT DEVICES
- This can lead to unauthorized access to internal systems and data, as well as interception of network traffic (Cisco, 2024).
- Breaches may target the organization’s network infrastructure, compromising routers, switches, firewalls, and other networking components.
NETWORK INFRASTRACTURE
- Refers to any unauthorized access, disclosure, or manipulation of data stored within a database.
- occur due to various factors, including vulnerabilities in the database software, weak authentication mechanisms, misconfigurations, insider threats, or external cyber attacks.
DATABASE SYSTEMS
Platforms affected by security breaches refer to computing environments or systems that have experienced unauthorized access, disclosure, or manipulation of data. This could include various types of platforms such as operating systems (e.g., Windows, Linux), cloud computing platforms (e.g., AWS, Azure), web hosting services, or even specific hardware platforms.
APPLICATIONS AND SOFTWARE
Organizations increasingly rely on cloud services for storage, computing, and other business functions. Breaches targeting cloud services can compromise data stored in the cloud, affecting multiple users or organizations that share the same cloud infrastructure (Citrix).
CLOUD SERVICES
- Breaches may target endpoint devices, such as desktop computers, laptops, smartphones, and tablets, either through malware infections, phishing attacks, or physical theft.
- Compromised endpoint devices can provide attackers with access to sensitive data and resources within the organization’s network. (TechTarget, 2023).
ENDPOINT DEVICES
Causes of the Breach
- WEAKNESSES IN SECURITY MEASURES
- HUMAN ERROR / NEGLIGENCE
- SOPHISTICATION OF THE ATTACK
Weaknesses in security measures refer to gaps or vulnerabilities in the organization’s security infrastructure that could be exploited by attackers to gain unauthorized access or compromise sensitive information.
WEAKNESSES IN SECURITY MEASURES