assigment modul question 3 cyber security bd308 alma dinatul mulya

question:

  1. Provide a real-world business example for a failure in Confidentiality, Integrity, and Availability?

Kasus: Tokopedia (2020)

Apa yang terjadi:
Data sekitar 91 juta akun pengguna bocor dan dijual di forum gelap.

Jenis data yang bocor:

  • Nama pengguna

  • Email

  • Nomor telepon

  • Password (terenkripsi)

Mengapa ini kegagalan kerahasiaan?
Karena informasi pribadi pelanggan yang seharusnya bersifat rahasia dapat diakses oleh pihak yang tidak berwenang.

Dampak bisnis:

  • Turunnya kepercayaan pelanggan

  • Risiko penyalahgunaan data

  • Kerugian reputasi perusahaan

Integritas (Integrity) – Manipulasi / Perubahan Data

📌 Kasus: Equifax (2017)

Apa yang terjadi:
Selain kebocoran data besar-besaran, sistem mereka diretas sehingga data kredit pelanggan bisa diubah atau dimanipulasi.

Mengapa ini kegagalan integritas?
Integritas berarti data harus akurat dan tidak diubah tanpa izin. Jika data kredit seseorang diubah, maka informasi tersebut tidak lagi dapat dipercaya.

Dampak bisnis:

  • Data menjadi tidak akurat

  • Potensi kesalahan skor kredit

  • Gugatan hukum besar (kerugian miliaran dolar)

Ketersediaan (Availability) – Sistem Tidak Bisa Diakses

📌 Kasus: Facebook (2021)

Apa yang terjadi:
Facebook, Instagram, dan WhatsApp mengalami gangguan global selama sekitar 6 jam.

Mengapa ini kegagalan ketersediaan?
Ketersediaan berarti sistem harus dapat diakses saat dibutuhkan. Saat server down, pengguna tidak dapat menggunakan layanan.

Dampak bisnis:

  • Kerugian finansial besar

  • Gangguan komunikasi global

  • Penurunan harga saham sementara

 

question:

2.  How might an e-commerce website prioritize one aspect of the CIA triad over the others for its product pages versus its payment processing system?                                                                                                                                                                  An e-commerce website may prioritize availability for product pages because customers need to access them anytime. If the website is unavailable, the company may lose sales. However, for the payment processing system, confidentiality and integrity are more important because it handles sensitive financial data. Customer information must be protected and transaction data must remain accurate and secure.

 

3.   Explain what a Distributed Denial-of-Service (DDoS) attack is and how it impacts business availability?

A Distributed Denial of Service (DDoS) attack is a cyberattack where many computers or devices are used to send a large amount of traffic to a website or server at the same time. The goal is to overload the system so that it cannot function properly or becomes unavailable to real users.A DDoS attack impacts business availability because the website or online service may slow down or completely crash. When this happens, customers cannot access the website, make purchases, or use the service. This can cause financial losses, damage to the company’s reputation, and decreased customer trust. In short, a DDoS attack directly affects the availability aspect of the CIA triad.

 

Previous Post Previous Post
Newer Post Newer Post

Leave a comment