Intelligence is the set of activities to obtain information in the economic, labor, commercial, financial, military, personal, family, and social fields, among others, of an objective human organization (cooperative or adversary), turning it into knowledge (a useful report for leaders decide on a course of action), to cause harm or take preventive measures. Counterintelligence is protecting yourself from these activities.
Computer security protects a computer system's assets by shielding it against deliberate threats from adversary agents. On the other hand, computer safety shields against accidents, mishaps, and external organizational disasters. We consider cybersecurity an Intelligence subfield and computer safety reliability engineering**.**
Computer security analyzes computer-based systems comprising hardware, software, product vendors, algorithms, programs, interfaces, software processes, databases, communication protocols, and designs. The goal is to identify their vulnerabilities and associated threats and prevent incidents by implementing control activities.
A vulnerability refers to a weakness in the system, while a threat is a condition that can exploit that vulnerability. An incident occurs when someone takes advantage of the vulnerability using the danger. Control activities are policies, mechanisms, and extra system design considerations taken to prevent and respond to such incidents. TODO: Zero days, known, unknown, apt.
Availability, integrity, confidentiality, authentication, non-repudiation (or accountability), and audibility measure the system's security because they enable us to measure the value of information that parties share.
Confidentiality, Integrity, and Availability ensure that an asset can be viewed, modified, or used only by authorized parties [AND73]. These properties together form the Security Triad or CIA Triad. ISO 7498-2 added authentication and nonrepudiation. The former confirms a sender's identity, while the latter ensures that a sender cannot convincingly dispute their authorship. The U.S. Department of Defense added audibility. It traces all actions related to some interested asset.
Contrary to security concepts, fabrication, interception, modification, and interruption are considered harmful actions. A fabrication attack introduces illegitimate information into the system, while an interception attack gains access to confidential information. An interruption attack degrades a system or renders it unavailable for legitimate use. A modification attack threatens the integrity of the information.
<aside> 💡 It is possible to tighten security to the point where the system is unusable. Security and convenience must be balanced. The trick is to create a secure and useful system. https://wiki.archlinux.org/title/security
</aside>
Terrorists, hackers, criminal-for-hire, individuals, governments, organized crime members, and loosely connected groups.
Geopolitics
https://www.youtube.com/watch?v=k_zz3239DA0&ab_channel=JohnnyHarris