Chapter 2 Β· Helper 3

Real-World Examples

See the CIA Triad in action across real incidents and exam scenarios.

Breach

Target Data Breach (2013) β€” Confidentiality Failure

Attackers compromised HVAC vendor credentials to gain network access, then exfiltrated 40 million credit card numbers. This is a textbook confidentiality violation: sensitive data was disclosed to unauthorized parties. The failed controls included inadequate network segmentation (access control) and lack of encryption on point-of-sale data in transit.

Breach

Stuxnet Worm (2010) β€” Integrity Failure

The Stuxnet malware targeted Iranian nuclear centrifuges. It secretly modified the centrifuge control values while reporting normal readings to operators. This is an integrity violation: the data shown to operators was different from the actual system state. The modification was undetected because no integrity checking (hashing) was in place on the sensor data.

Breach

AWS Outage (2017) β€” Availability Failure

A misconfigured command during routine maintenance took down a large portion of AWS S3 in us-east-1. Thousands of websites became unavailable. This is an availability violation β€” authorized users could not access services. Organizations without redundancy across multiple AWS regions were completely offline. Recovery required restoring subsystems with full fault-tolerant design.

Exam Scenario

Is a DDoS Attack Confidentiality or Availability?

A DDoS attack floods a server with traffic until it goes offline. Which CIA principle is violated?

Answer: Availability. The attack doesn't expose or modify data β€” it prevents legitimate users from accessing the service. However, if the DDoS is a smokescreen while an attacker exfiltrates data in the background, it could simultaneously violate Confidentiality. Read exam questions carefully for what is actually described.

Exam Scenario

Encryption β€” Confidentiality or Integrity?

Encryption is primarily a Confidentiality mechanism β€” it prevents unauthorized parties from reading data. However, if encryption is combined with a digital signature (which includes a hash), it also protects Integrity.

On the exam: if a question says "encrypts data to prevent unauthorized reading" β†’ Confidentiality. If it says "uses a hash to verify data hasn't changed" β†’ Integrity.

Real-World

Hospital Patching Policy β€” Availability Control

A hospital maintains a strict patching schedule for all medical devices and servers, applying security updates within 72 hours of release. This is an Availability control because unpatched systems are vulnerable to exploits that could crash them or render them inaccessible. Regular patching also closes vulnerabilities used in ransomware attacks, which violate Availability by encrypting data and locking out users.