jump to navigation

Exclusive Infographic: all Cyber Attacks on Military Aviation and Aerospace Industry February 21, 2012

Posted by Paolo Passeri in Information Security.
Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
add a comment

2011 has been an annus horribilis for information security, and aviation has not been an exception to this rule: not only in 2011 the corporate networks of several aviation and aerospace industries have been targeted by digital storms (not a surprise in the so-called hackmageddon) but, above all, last year will be probably remembered for the unwelcome record of two alleged hacking events targeting drones (“alleged” because in the RQ-170 Sentinel downed in Iran episode, several doubts surround the theory according to which GPS hacking could have been the real cause of the crash landing).

But, if Information Security professionals are quite familiar with the idea that military contractors are primary and preferred targets of the current Cyberwar as the following infographic shows, realizing that malware can be used to target a drone is still considered an isolated episode, and even worse, the idea of a malware targeting the multirole Joint Strike Fighter is still something hard to accept.

However, things are about change dramatically. And quickly.

The reason is simple: the latest military and civil airplanes are literally full of electronics, which play a primary role in managing avionics, onboard systems, flight surfaces, communcation equipment and armament.

For instance an F-22 Raptor owns about 1.7 millions od line of codes , an F-35 Joint Strike Fighter about 5.7 millions and a Boeing 787 Dreamliner about 6.5 millions. Everything with some built in code may be exploited, therefore, with plenty of code and much current and future vulnerabilities, one may not rule out a priori that these systems will be targeted with specific tailored or generic malware for Cyberwar, Cybercrime, or even hacktivism purposes.

Unfortunately it looks like the latter hypothesis is closer to reality since too often these systems are managed by standard Windows operating systems, and as a matter of fact a generic malware has proven to be capable to infect the most important U.S. robots flying in Afghanistan, Pakistan, Libya, and Indian Ocean: Predator and Reaper Drones.

As a consequence, it should not be surprising, nor it is a coincidence, that McAfee, Sophos and Trend Micro, three leading players for Endpoint Security, consider the embedded systems as one of the main security concerns for 2012.

Making networks more secure (and personnel more educated) to prevent the leak of mission critical documents and costly project plans (as happened in at least a couple of circumstances) will not be aviation and aerospace industry’s information security challenge; the real challenge will be to embrace the security-by-design paradigm and make secure and malware-proof products ab initio.

While you wait to see if an endpoint security solution becomes available for an F-35, scroll down the image below and enjoy the list of aviation and aerospace related cyber attacks occurred since the very first hack targeting the F-35 Lightning II in 2009.

Of course aviation and aerospace industries are not the only targets for hackers and cybercriminals. So, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated) at hackmageddon.com. And follow @pausparrows on Twitter for the latest updates.

(more…)

Global Hawk: Northrop Grumman launches campaign to save program. On Twitter. January 29, 2012

Posted by Richard Clements in Drones, Military Aviation.
Tags: , , , , , ,
add a comment

The Aviationist wrote a post the other day relating to the fact that industry insiders had leaked that the Pentagon was planning on cancelling the whole Global Hawk program not only not buying any further aircraft but to retire the fleet they already have.

This would actually appear to be true going by some of the unusual tweets posted by Northrop Grumman itself. In one, the company announced that they had been loaning parts for the U-2 program surveillance sensors to keep those aircraft in the air. They have also tweeted a link to a website urging visitors to lobby their member of congress, even having a box for the visitor to fill in their zip code so they could work out who that person is. If you would like to take a look at this website please look here.

All very unusual actvities, suggesting that this isn’t the last we have heard of this.

Northrop Grumman did release the following media statement on the Jan.26:

“The Pentagon announced today that it is planning to cancel the Global Hawk Block 30 program and plans to perform this mission with the U-2 aircraft. Northrop Grumman is disappointed with the Pentagon’s decision, and plans to work with the Pentagon to assess alternatives to program termination.

“The Global Hawk program has demonstrated its utility in U.S. military operations in Iraq, Afghanistan and Libya, as well as its utility in humanitarian operations in Japan and Haiti. Just a few months ago, the Pentagon published an acquisition decision memorandum regarding Global Hawk Block 30 that stated: ‘The continuation of the program is essential to the national security… there are no alternatives to the program which will provide acceptable capability to meet the joint military requirement at less cost.’

“Global Hawk is the modern solution to providing surveillance. It provides long duration persistent surveillance, and collects information using multiple sensors on the platform. In contrast, the aging U-2 program, first introduced in the 1950s, places pilots in danger, has limited flight duration, and provides limited sensor capacity. Extending the U-2′s service life also represents additional investment requirements for that program.

“Northrop Grumman is committed to working with our customers to provide the best solutions for our country and our allies. We are pleased with the continuing support for the Global Hawk Block 40 system, as well as for the Navy’s Broad Area Maritime Surveillance system and our other unmanned systems.”

It’s looking like North Grumman is going to fight this tooth and nail to try and reverse this decision.

Richard Clements for TheAviationist.com

RQ-4 Global Hawk in shock cancellation news: old planes better than new? January 27, 2012

Posted by Richard Clements in Military Aviation, Drones.
Tags: , , , , , , , , , , , ,
1 comment so far

Is new better than old?

It would seem not. Industry insiders have leaked that the Pentagon is to cancel the RQ-4 Global Hawk program not just stopping buying new aircraft but to retire the Air Force active fleet, in favor of keeping the U-2 flying into 2020.

Air force times writer Dave Majumdar wrote: “The Air Force had been planning to buy 42 Block 30 aircraft. According to 2011 budget documents, the cost of each aircraft was around $215 million. It was not immediately clear how many Global Hawks the Air Force has.”

The aircraft is being killed off due to its high cost to buy and to maintain; also the program hasn’t lived up to its early promise. A knowledgeable industry insider confirmed the project cancellation and said “Yes, this is accurate — been a lot of discussion on the possibility of this a long while,” said the source, who was not authorized to speak to the media. “There is a high probability it will come to pass now unless Congress takes a major exception.”

The industry source also said “I don’t think that’s likely in the economic environment of this year’s DoD budget, and there are no real ‘hawks’ in Congress from California,” he said. The aircraft is both built and based in the Golden State.

Majumdar said that Northrop Grumman declined to comment whilst Air Force officials would neither deny nor confirm the reports.

Oddly the US Navy is going to keep its version of the aircraft therefore keeping the option open that it could, if needed, be used by the air force.

Surely, Global Hawk has not enjoyed the best of safety records with three prototypes lost and a failure rate much higher than many manned planes facing lethal threats in combat.

However, the U.S. RQ-4Bs belonging to the 9th Operations Group/Detachment 4th of the U.S. Air Force, based at NAS Sigonella, in Sicily, the base of the NATO AGS (Air Ground Surveillance) Global Hawk program were the first drones to operate in the Libyan airspace where they performed high altitude Battle Damage Assessment sorties.

Anyway, all of this is good news for the U-2, a 50 year old program that has ironed out all its techncal issues many years ago.

Affectionately known as “Dragon Lady”, the U-2 entered service in 1957. Since then, it has undergone many upgrades and has become a relatively cheap viable platform during these harsh economic times. In what would normally be the types twilight years, a breath of fresh air has been breathed over the majestic old ‘Lady’ which will see the type in service for more years to come.

Actually, it has been a bad week for other new or recent aircraft types too.

Another rather embarrasing news (this time for Airbus) is that further cracks have been found in the wings of its much lauded A380 “Superjumbo”, after the famous uncontained engine failure of Nov. 4, 2010. Airbus did tweet “For those following reports on A380 wing rib findings we confirm inspection & repair process underway and aircraft are safe to fly”: a damage limitation message by the company’s PR rather than a reassuring statement.

The apparent win of obsolete technology on newer, supposed to replace it, does pose the usual question: are modern aircraft too complex?

One thing is sure: you can’t compare new planes with older types. Even if there can be programs free from major problems during their whole lifetime and much troubled ones, facing myriad issues since their birth, generally speaking, those that have survived for 3, 4 or 5 decades and are still flying today, were probably properly designed, maintained, fixed and upgraded during their career. So they are today much more reliable than those integrating cutting edge experimental technologies.

Written with The Aviationist’s Editor David Cenciotti

Above image: U.S. Air Force

F-35: flying on phased out fuel or programmed by a videogame freak? January 23, 2012

Posted by David Cenciotti in F-35.
Tags: , , , , , , , ,
1 comment so far

Soon after publishing the article about the “F-35 from the Cockpit” I’ve received some emails and comments about an interesting thing readers have noticed in one of the webminar slides used to show the Joint Strike Fighter glass cockpit’s symbology.

As the following image seems to suggest, the most advanced 5th generation combat plane, integrating the best stealth technologies, full sensor fusion and a futuristic X-ray-like capable helmet, flies on JP-4 fuel, a dangerous kind of propellant, quick to ignite and explode, that was largely used from 1951 to 1996, when it was phased out and replaced by the safer, kerosene-based, JP-8.

Image: Lockeed Martin (highlight mine)

As explained in the website of Air BP (“the specialised aviation division of BP, providing fuels, lubricants & services to our customers in over 50 countries worldwide”):

although JP-8 has replaced JP-4 in most every case, the potential need for JP-4 under emergency situations necessitates maintaining this grade in specifications MIL-DTL-5624 and Defence Standard 91-88.

However, unless the JP-4 was/is used for testing purposes, it is quite strange that while some combat planes are beginning to perform test flights on eco-friendly biofuel or synthetic fuel, the F-35 is flying on a type of jet propellant presumed to be phased-out or used only in emergency situations.

Unless, the F-35′s glass cockpit symbology, so “user friendly” to remind some early flight simulator games, was not only designed for a “videogame freak” as test pilots said during the webminar, but also by someone who used to play with arcade games with some simulation elements (as F/A-18 Interceptor or F-19 Stealth Fighter) in the  ’90s, when the JP-4 was still in use :)

F-35B Finally on track? January 22, 2012

Posted by Richard Clements in F-35, Military Aviation.
Tags: , , , , , ,
add a comment

Defense Secretary Leon E. Panetta visited NAS Patuxent River on Jan. 20 and announced the STOVL (Short Take Off Vertical Landing) version of the F-35 Joint Strike Fighter has been taken off probation.

“We need to make sure we are on the cutting edge” said Panetta when describing the Pentagon’s next generation war fighting technology which is to include the F-35 program.

The sigh of relief must have been palpable from the offices of Lockheed Martin after several tough dark years in which it looked in all probability that the STOVL (Short take off vertical landing) version was going to be scrapped after technical issue after technical issue along with massive cost over runs put the version at risk. The F-35B is a monumentally complex aircraft due to its remit of being stealthy and being able to operate from the back of a ship or from rough airstrips, but as Panetta himself stated that the F-35 was “absolutely vital to maintaining our air superiority,” but cautioned that it was important “to get this right.”

After hearing Panetta’s announcement Gen. James F. Amos, the Marine Corps commandant, made a statement in which he stated ““I welcome the secretary of defense’s announcement removing the F-35B Lightning II from ‘probation’ and granting it full status commensurate with the other two variants of the Joint Strike Fighter,” General Amos said. “I continue to be encouraged by the strong and steady progress that the F-35B team has made over the past year.”

With the survival of the STOVL variant the USMC can keep up with their plan to equip with a fixed wing aircraft their LHA (Landing Helicopter Assault) and LHD (Landing Helicopter Dock) to support a MEU (Marine Expeditionary Unit) in regional crisis. Moreover, the F-35B is expected to replace also the service’s F/A-18s to cover the full spectrum of modern warfare scenarios with their own resources.

Other program partners may have welcome the news that the F-35B was lifted from probation. Among them, the Italian Navy that needs the STOVL variant for the Cavour aircraft carrier. According to the original plan, 20 are supposed to be delivered to the Marina Militare as Harrier replacement, whereas the Italian Air Force was interested in some B planes to replace the AMX light bomber.

However, the initial plan will have to be revised as a consequence of the Defense budget review that the new Monti technocratic cabinet is about to lauch. Even if some political forces are urging the new Defense Minister Di Paola to quit the program and to renounce to the planned 131 examples, a cut is a more plausible hypothesis.

Although the final outcome of the Defense budget review is unpredictable a likely scenario sees the Italian Air Force receiving about 80 F-35s (A and B variants) and the Navy 20 F-35B STOVL (Short Take Off Vertical Landing) combat planes.

Anyway, it now looks like Lockheed Martin has finally turned a corner with regards to this very challenging project. As The Aviationist has already reported the other day following the Lockheed Martin F-35 webminar, the arrestor hook issue suffered by the ‘C’ variant was a minor problem and has been fixed and LM is awaiting the opportunity to test the new design out.

Historically the F-35 isn’t on its own with teething problems, the S-3 Viking springs to mind with its ejector seat issues for rear cabin aircrew that went on to a long and distinguished Naval career, the F-35 Lightning II will follow in its footsteps.

Written with The Aviationist’s Editor David Cenciotti

Related articles

Lockheed’s SecurID Breach Also Threatens Online Banking June 16, 2011

Posted by David Cenciotti in Information Security, Information Warfare.
Tags: , , , , , , , , , , , , , , , ,
add a comment

The same type of attack used recently to get around security measures at Lockheed Martin, and possibly other defense contractors as well, could also be used to hack international banking services, security experts say.

That’s because both the defense and banking industries rely heavily on RSA’s SecurID tokens, 40 million of which are in use around the world.

Small businesses and private users use SecurID tokens to access online banking services, while large corporations use them to authenticate employees who need to remotely or locally access internal networks and resources.

SecurID devices are small, tamper-resistant tokens that generate numeric codes every 30 or 60 seconds. The complex cryptographic algorithm combines three inputs: the token’s serial number, the internal seed (a secret key hard-coded in the token) and absolute computer time (which counts seconds from January 1, 1970 and never repeats).

The same computation is performed by the authentication server, which compares its code with the one provided by the user. If they correspond, the user is granted access.

The seemingly random sequences of numbers generated by SecurID tokens are technically called OTPs (One Time Passwords) — they can be used only once and expire even if never used.

An OTP can’t be modified, changed or altered, and a SecurID token can’t be fixed, opened or reprogrammed. If it’s compromised, a SecurID token must be replaced.

These tokens can also exist as software applications installed on a PC or a smartphone to perform the same function.

Theoretically, the physical possession of the token, PC or smartphone ensures the security of the authentication mechanism. The only circumstance under which an attacker could clone the token (and it would take some time) would be if seeds and token serial numbers had been stolen.

Unfortunately, that’s exactly what seems to have happened.

“On March 17, 2011, RSA, the security division of EMC Corporation, one of the most important players in the IT security market, publicly announced that information that could be used to reduce the effectiveness of their SecurID authentication implementation was compromised,” explained Paolo Passeri, an ICT (Information and Communication Technology) Security expert based in Rome, Italy.

Passeri was among the first to understand that the RSA security breach could be used to attack EMC Security Division’s corporate clients using SecurID tokens.

Two months later, Lockheed Martin, one of the world’s largest suppliers of military hardware to the U.S. and other countries, announced it had suffered a network intrusion. Lockheed Martin disabled all remote access to its internal networks and said it would replace every one of its RSA SecurID tokens – and that RSA would pay the replacement costs.

“Since the information stolen from RSA, alone, could not be used to successfully clone the tokens, in order to perpetrate the attacks, the hackers must have used keylogger malware and phishing campaigns to get the missing pieces of the puzzle (usernames and PINs — personal identification numbers),” Passeri surmised.

In fact, RSA has not publicly disclosed what was taken from its servers in March (it will tell only existing clients who sign a non-disclosure agreement), and Lockheed Martin has not said if or how its attackers had usernames or passwords.

But the problems for defense contractors may have just begun.

….

[Read the rest of my article on Tech News Daily]

RSA Security breach explained: why US defense programs could be compromised June 1, 2011

Posted by David Cenciotti in Information Security, Information Warfare.
Tags: , , , , , , , , , , , , , ,
add a comment

As almost everybody know by now, on Mar. 17, 2011, RSA (the Security Division of EMC Corporation and one of the most important IT Security vendors of the world) publicly announced that some information that could be used to reduce the effectiveness of one of their two-factor authentication implementations was compromised. In other words: their Database, mapping SecurID token serial numbers, to the token “seeds” was stolen.

What are we talking about?

To make it simple, SecurID devices are small tamper-resistant tokens (resembling calculators), which generate a numeric code at fixed intervals (usually 30 or 60 seconds before the displayed code is replaced by the next one). Even if they are usually pieces of hardware, they exist also as a software application that can be installed on a pc or smartphone to perform the same function. Those randomic sequences of numbers generated by SecurID tokens are authentication codes, technically called OTPs (One Time Passwords). The term One-Time means that they can be used for a single authentication process and they expire even if they are never used. Such tokens provide a OTP that can be used for both network or application/web authentication. Many use them to access their homebanking while companies use them to authenticate employees that need to (remotely or locally) access the internal network and resources.

Image: Wikipedia

These tokens generate the 6 or 8-digit OTP using an AES (Advanced Encryption Standard) algorithm to hash the token serial number, the internal seed and the Current Time (BTW: the server makes the same computation performed by the token devices and generates a OTP that is compared to that provided by the user).

Paolo Passeri studied the subject and in an interesting blog post dated Apr. 10 and provided some more information about the inputs that are used to generate  the OTP:

  • a 128-bit token-specific true-random seed,
  • a 64-bit standard ISO representation of Current Time (yr/mo/day/hour/min/second),
  • a 32-bit token-specific salt (the serial number of the token), and
  • another 32 bits of padding, which can be adapted for new functions or additional defensive layers in the future.

Since the AES-Hash operation is performed on 128 bit blocks, the latter two inputs are not a specific security feature but they are needed to pad the standard Current Time representation to fulfil the “rule” of 128 bit multiples.

As you can understand, both the seed and the serial number are unique for each token and, theoretically, the physical possession of the device ensures the security of the authentication mechanism. The only circumstance under which an attacker could be able to clone the token (and generate authentication codes on behalf of the legitimate user) was if seeds and token serial numbers had been stolen. That’s exactly what happened: an Advanced Persistent Threat (APT) was able (injecting a malware and using other vulnerabilities) to steal the database mapping seeds to serial numbers.

Even if the SecurID generates new strings of digits on a 30-60 second basis, some implementations require the user to enter the OTP along with a PIN (Personal Identification Number), a fixed code like the one used at ATMs. Even if the PIN represents an additional security layer that, for sure, was not stored in the RSA DB, such short codes are easier to hack and can be retrieved using malware, keyloggers and many other methods.

One last thing: the OTP can’t be modified/changed/altered and the token, and the SecurID, being tamper-proof, can’t be fixed, opened, reprogrammed. Therefore, if compromised, the SecurID must be replaced.

Targeting defense contractors

As analysts predicted, the RSA hack was not simply intended to discredit the EMC Security division. The actual targets were the corporate clients which use the SecurID token for user authentication and, among them, defense contractors.

Indeed, the first defense contractor to be known to have suffered a security violation was Lockheed Martin that on May 22 disabled all remote access to its internal network (“at least for a week”) and planned the replacement of all its RSA SecurID tokens after detecting an intrusion in the internal network. Needless to say Lockheed is one of  world’s largest defense contractors, “an American global aerospace, defense, security and advanced technology company” supplying hi-tech military hardware to US and worldwide military (F-16, C-130, F-22, F-35 to name but few interesting Lockheed “products”).

On May 31 Wired reported that another defence contractor, L-3, was targeted using SecurID stolen data even if it is not clear whether the hackers were successful in the penetration or not.

Both attacks show a certain interest for data managed by military contractors which manufacture some of the most sophisticated and sensitive US (and foreign) military equipment; weapon systems currently used in both Iraq, Afghanistan and Libya. However, as Paolo Passeri commented:

I wonder if military contractors are the only targets or if they have been the only ones capable to detect the attempts because of their strict security protocols and policies.

Certainly, defense contractors’ networks contain many classified data about current and future US projects. However, such data is usually secured in closed networks that are not interconnected with corporate LANs or that require additional authentication procedures. I have already explained, when I commented the hack into the F-35 Lightning II JSF (Joint Strike Fighter) project that network intrusions or data leakage not always imply a significant loss. It all depends on the information that is actually stolen.

Image: Lockheed Martin

For sure, Advanced Persistent Threats as well as RSA SecurID weakness, are something that, defense contractors and Government agencies, facing a huge and growing Cyber risk, must be able to deal with.  First of all, companies should follow the example of  Raytheon (another Defense Contractor) that has declared to have taken immediate companywide actions, as soon as the RSA incident information was made public, to prevent a widespread disruption of their network but, to enhance the effectiveness of their security countermeasure, I think, sooner or later, all corporates/agencies will have to consider the opportunity to use more costly biometric devices (usually seen in movies like Star Trek, Minority Report, X-Men, Planet of the Apes  and few others) that perform user authentication by means of voice analysis, face recognition, iris scan, keystroke dynamics identification, etc.

About the hack into the F-35 Lightning II JSF (Joint Strike Fighter) project April 23, 2009

Posted by David Cenciotti in Hacking, Information Security, Information Warfare, Military Aviation.
Tags: , , , , , , , , ,
2 comments

In the last couple of days, since I’m a Computer Engineer and Lead Auditor ISO27001 working in the Information Security field, I was asked by many friends and colleagues about the recent Wall Street Journal news that top secret details about the Lockheed F-35 JSF (Joint Strike Fighter) were stolen by hackers that were able to gain access to the Pentagon network. According to the reports, Information Leakage dealt with thousands of confidential files that were compromised over the past two years. The data related to the electronics systems and avionics of the JSF. Some sources claimed Terabytes (!) of data were stolen: design and performance statistics of the fighter, as well as the system used by the aircraft to conduct self-diagnostics during flight. The intruders were able to compromise the data by gaining access to the computers of Pentagon contractors in charge of designing and building the aircraft.
These were the facts, more or less reported the same way by many newspaper, agencies and web magazines, here in Italy too.
The first thing I thought was: “how was that possible?” If those files were so sensitive, they had to be protected by applying a series of countermeasures aimed to prevent Integrity, Confidentiality and Availability of information (i.e. data) from being compromised. The three attributes1 are the basis of Information Security. By evaluating the impact that the loss of any of those attributes for a particular type of asset (meaning information at the higher possible level = data, documents, personal computer, hardware, software, oral communication, people, company’s reputation, etc) you can understand which assets require particular countermeasures and which other are less critical and require “loose” security measures. For example, it is obvious that the file containing the office numbers of all the employees is less important than the file containing the detailed description of the weaknesses of the passive and active countermeasures of the F-22. So, you shouldn’t worry about the security of the group telephone and address book, but you should invest a lot (in terms of security devices, training, policies and procedures of course) to protect the survey about the weaknesses of the F-22 self-protection suite.
The entire process that goes from the evaluation of the Risk (Risk Analysis) to the ways to manage the Risk (Risk Treatment), is named Risk Management. You can’t say an asset is secure or not if you don’t put into relation the value of the asset (under the organisation’s perspective) and its peculiar threats.
Since Risk Management is paramount to address the investments on Information Security, organisations all around the world perform Risk Assessment and consequent Risk Treatment continuously. he Risk Management enables an organisation to manage the Risk’s lifecycle; after applying the countermeasures, an organisation is called to test their effectiveness and to fill the gap between the expected security level and the actual one (in accordance with the Plan Do Check Act or Deming Cycle paradigm).
Let’s get back to the presumed JSF hack. For sure, someone that was not authorized to, was able to gain access to particular file –> Confidentiality break. Even if I have no idea how the Pentagon network is protected I’m sure there are plenty of Firewalls, Authentication Servers, Intrusion Prevention Systems, Document Right Management and many other technical and procedural countermeasures to protect the sensitive information. If the stolen files were so critical, it is hard to believe they were so simply available on contractor’s computers.
So, there are three possibilities:
1) the information were not secured as they were not so critical
2) since the risk can’t be avoided but just reduced (you can’t ever be 100% secure), there were a series of breaches that enabled the information to be leaked despite data was protected in a (most probably) heavily defended network architecture.
3) Pentagon has no basic idea on how to deal with Information Security

I pick the first one, since the second one is simply less probable (but still possible) and I believe the third is just impossible for a nation where Network-Centric Warfare was pioneered. The second option is also possible but the more the information was critical, the less the possibilities that a security breach could remain undetected for 2 years (enabling leakeage of TB of data…).

Picture courtesy of LM

1 Let’s quickly explain the meaning of the attributes:
Confidentiality: Assurance that information is shared only among authorised persons. Breaches of Confidentiality can occur when data is disclosed in any way (for example, watching the content of a document, eavesdropping a conference call, accessing private records, and so on).
Integrity: Assurance that the information is authentic and complete. Therefore, this attribute refers to the need to keep the data as it is, without any change. Information must be trusted.
Availability: Assurance that the data is available when needed. Leak of availability occurs if any network failure prevent an authorized user to gain access to a file stored in a Server.