C
Cybersecurity Fundamentals/Module 2: The CIA Triad

Video coming soon

BEGINNERModule 2Lesson 4

Real-world Applications

15 min read+50 XP
Module progress4 of 6 lessons

Visual · ransomware_screen

A dark computer screen displaying a glowing red lock, a countdown timer, and a ransom demand in cryptocurrency.

Theory Meets Reality

Up until now, we have discussed the CIA Triad (Confidentiality, Integrity, and Availability) as individual concepts. But in the real world, cybercriminals do not neatly target just one pillar. To understand how these principles work together, we need to look at the most devastating digital threat of our modern era: Ransomware. It is the perfect storm that attacks all three pillars simultaneously.

1. The Anatomy of Ransomware

Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid. It typically starts with a simple human error—an employee clicks a bad link in a phishing email. Once inside, the malware silently moves through the network, finding all the critical files, databases, and backups, and encrypts them using military-grade math. Suddenly, the entire company is locked out of its own data.

2. The Immediate Strike on Availability

The most obvious and immediate impact of ransomware is on the "A" (Availability). If a hospital is hit by ransomware, doctors cannot access patient medical records, life-saving equipment might go offline, and emergency rooms shut down. The data is still physically there, but because it is encrypted by the attacker, it is completely unavailable to the authorized users who desperately need it.

3. The Modern Threat: Double Extortion

A few years ago, ransomware only impacted Availability. But attackers evolved. Today, they use a tactic called "Double Extortion." Before they lock the files, they secretly download terabytes of the victim's private data to their own servers.

  • The Hit on Confidentiality

    Now, the attacker threatens to leak sensitive customer data (like credit cards or private messages) onto the public internet if the ransom isn't paid. The "C" is compromised.

  • The Hit on Integrity

    To cause maximum panic, attackers may also alter records or threaten to permanently destroy the decryption key, meaning the original data can never be trusted or restored. The "I" is compromised.

Pro-Tip: To Pay or Not to Pay?

Law enforcement and security experts strongly advise against paying ransoms. Paying funds criminal organizations, and there is absolutely no guarantee the attackers will actually give you the decryption key. The only true defense against ransomware is having a solid, disconnected backup strategy (which we will build in Module 6!).

Knowledge Check

A hacker infiltrates a corporate network, encrypts all the financial databases so the accountants cannot work, and threatens to post the CEO's private emails on Twitter unless \$1 million is paid. Which pillars of the CIA Triad are actively being weaponized in this attack?\n\nA) Only Availability\nB) Only Confidentiality\nC) Both Availability and Confidentiality

← PreviousNext lesson →
Guest mode — log in to track XPFinish the knowledge check to complete.