How to defend against attackers

  • 5 minutes

Defending against cybercriminals and hackers is a major part of cybersecurity. Cyberdefense includes gauging the risk, anticipating the attack, and then deciding how to defend against and outsmart the attackers or "hackers."

Three types of defenses against hackers are:

  • Cryptography
  • Encryption
  • Hashing

Cryptography

Foundational to protecting the CIA Triad of confidentiality, integrity, and availability of information, cryptography is an essential element in defending against cyberattacks.

The word cryptography means "hidden language." The prefix "crypt-" means "hidden", and the suffix "-graphy" means "language." In the technology world, cryptography is defined as the use of codes to convert data so only specific recipients can read it.

This concept isn't a new one. The Egyptian practice of hieroglyphics—using complex pictograms only known to an elite few—was probably the first use of cryptography.

Cryptography has its own language of terms and phrases. Two of the most important are:

  • Plaintext – any message (documents, music, pictures, movies, data) waiting to be cryptographically transformed.
  • Ciphertext – represents the encrypted/secured data.

Encryption

Encryption is the process of making data unreadable and unusable to unauthorized viewers. Using or reading encrypted data requires a secret key to decrypt the information. A secret key is a variable in cryptography that is used with an algorithm to encrypt and decrypt data.

The two top-level types of encryption are symmetric and asymmetric. Symmetric encryption uses the same key to encrypt and decrypt the data. Asymmetric encryption uses a public key and private key pair. Either key can encrypt data, but a single key can’t be used to decrypt encrypted data. To decrypt, a paired key is required.

Diagram of symmetric and asymmetric encryption. Symmetric: Shared key locks the lock, shared key to unlock the lock. Asymmetric: Shared key locks the lock, private key unlocks the lock.

Hashing

Hashing is different from encryption in that it doesn't use keys, and the hashed value isn't decrypted to the original. The process of hashing uses an algorithm that converts text to a unique fixed-length value called a "hash." Whenever text is hashed using the same algorithm, the same value is produced.

Hashing is often used to store passwords, which is more secure than storing passwords in plain text.

Diagram of hashing. On the left is a window containing a readable password. The password is sent through a hashing algorithm. The password becomes a long string of letters and numbers.