C
Cybersecurity Fundamentals/Module 2: The CIA Triad

Video coming soon

BEGINNERModule 2Lesson 5

Mapping Threats

15 min read+50 XP
Module progress5 of 6 lessons

Visual · threat_mapping_cia

A tactical holographic map connecting various red cyberattack icons to three glowing pillars labeled C, I, and A.

Connecting the Dots

You now understand the three pillars of security: Confidentiality, Integrity, and Availability. However, in the field of cybersecurity, identifying an attack is only half the battle. To defend a network properly, you must be able to instantly look at an incoming threat and map it to the specific pillar it is trying to destroy. This process is called "Threat Mapping," and it is a critical skill for any security analyst.

1. Attacks Against Confidentiality

When a threat actor's primary goal is to steal secrets or spy on communications, they are attacking Confidentiality. Common methods include:

  • Man-in-the-Middle (MitM)

    An attacker secretly intercepts the Wi-Fi traffic between your laptop and a router to read your private messages.

  • Credential Stuffing

    Using lists of stolen passwords from previous breaches to log into private user accounts.

  • Spyware

    Malicious software that hides on your device, silently recording your keystrokes and taking screenshots of your private data.

2. Attacks Against Integrity

When the goal is to alter, corrupt, or forge data, the attacker is targeting Integrity. These attacks are often more subtle and harder to detect.

  • Website Defacement

    Hackers breach a corporate website and change the homepage to display a political message or a fake news story.

  • SQL Injection

    An attacker types malicious code into a website's search bar, forcing the backend database to alter or delete crucial records.

  • Tampering

    A student intercepts an electronic report card and changes a "C" grade to an "A" before it reaches their parents.

3. Attacks Against Availability

If the attacker simply wants to cause chaos, halt business operations, or hold a company hostage by taking systems offline, they are targeting Availability.

  • DDoS (Distributed Denial of Service)

    Overwhelming a web server with so much junk traffic that it crashes.

  • Resource Exhaustion

    Writing a script that purposefully consumes 100% of a server's CPU, freezing the entire system.

  • Physical Destruction

    Literally cutting the fiber-optic cables outside a data center or causing physical damage to server hardware.

Pro-Tip: Why Mapping Matters

Incident Response teams use threat mapping to prioritize their actions during a crisis. If you detect a DDoS attack (Availability), you reroute network traffic. But if you detect spyware (Confidentiality), you immediately freeze passwords and lock down sensitive files. Knowing how you are being attacked tells you how to respond.

Knowledge Check

A hacker breaches a local news website and subtly changes the numbers in an election poll to favor a different candidate, without taking the website offline. Which pillar of the CIA Triad has been directly compromised?\n\nA) Confidentiality\nB) Integrity\nC) Availability

← PreviousNext lesson →
Guest mode — log in to track XPFinish the knowledge check to complete.