2016-05-20 07:43:26 +02:00
{
2016-05-23 08:54:35 +02:00
"values" : [
{
"entry" : [
{
"description" : "Fraud committed by humans." ,
"expanded" : "Fraud" ,
"value" : "fraud"
} ,
{
"description" : "Fraud committed by employees or others that are in relation with entities, who have access to entities' information and IT assets." ,
"expanded" : "Fraud committed by employees" ,
"value" : "fraud-by-employees"
} ,
{
"description" : "Intentional actions (non-fulfilment or defective fulfilment of personal duties) aimed to cause disruption or damage to IT assets." ,
"expanded" : "Sabotage" ,
"value" : "sabotage"
} ,
{
"description" : "Act of physically damaging IT assets." ,
"expanded" : "Vandalism" ,
"value" : "vandalism"
} ,
{
"description" : "Stealing information or IT assets. Robbery." ,
"expanded" : "Theft (of devices, storage media and documents)" ,
"value" : "theft"
} ,
{
"description" : "Taking away another person's property in the form of mobile devices, for example smartphones, tablets." ,
"expanded" : "Theft of mobile devices (smartphones/ tablets)" ,
"value" : "theft-of-mobile-devices"
} ,
{
"description" : "Taking away another person's hardware property (except mobile devices), which often contains business-sensitive data." ,
"expanded" : "Theft of fixed hardware" ,
"value" : "theft-of-fixed-hardware"
} ,
{
"description" : "Stealing documents from private/company archives, often for the purpose of re-sale or to achieve personal benefits." ,
"expanded" : "Theft of documents" ,
"value" : "theft-of-documents"
} ,
{
"description" : "Stealing media devices, on which copies of essential information are kept." ,
"expanded" : "Theft of backups" ,
"value" : "theft-of-backups"
} ,
{
"description" : "Sharing information with unauthorised entities. Loss of information confidentiality due to intentional human actions (e.g., information leak may occur due to loss of paper copies of confidential information)." ,
"expanded" : "Information leak /sharing" ,
"value" : "information-leak-or-unauthorised-sharing"
} ,
{
"description" : "Unapproved access to facility." ,
"expanded" : "Unauthorized physical access / Unauthorised entry to premises" ,
"value" : "unauthorised-physical-access-or-unauthorised-entry-to-premises"
} ,
{
"description" : "Actions following acts of coercion, extortion or corruption." ,
"expanded" : "Coercion, extortion or corruption" ,
"value" : "coercion-or-extortion-or-corruption"
} ,
{
"description" : "Threats of direct impact of warfare activities." ,
"expanded" : "Damage from the warfare" ,
"value" : "damage-from-the-wafare"
} ,
{
"description" : "Threats from terrorists." ,
"expanded" : "Terrorist attack" ,
"value" : "terrorist-attack"
}
] ,
"predicate" : "physical-attack"
} ,
{
"entry" : [
{
"description" : "Information leak / sharing caused by humans, due to their mistakes." ,
"expanded" : "Information leak /sharing due to human error" ,
"value" : "information-leak-or-sharing-due-to-human-error"
} ,
{
"value" : "accidental-leaks-or-sharing-of-data-by-employees" ,
"expanded" : "Accidental leaks/sharing of data by employees" ,
"description" : "Unintentional distribution of private or sensitive data to an unauthorized entity by a staff member."
} ,
{
"value" : "leaks-of-data-via-mobile-applications" ,
"expanded" : "Leaks of data via mobile applications" ,
"description" : "Threat of leaking private data (a result of using applications for mobile devices)."
} ,
{
"value" : "leaks-of-data-via-web-applications" ,
"expanded" : "Leaks of data via Web applications" ,
"description" : "Threat of leaking important information using web applications."
} ,
{
"value" : "leaks-of-information-transferred-by-network" ,
"expanded" : "Leaks of information transferred by network" ,
"description" : "Threat of eavesdropping of unsecured network traffic."
2016-05-24 07:45:27 +02:00
} ,
{
"value" : "erroneous-use-or-administration-of-devices-and-systems" ,
"expanded" : "Erroneous use or administration of devices and systems" ,
"description" : "Information leak / sharing / damage caused by misuse of IT assets (lack of awareness of application features) or wrong / improper IT assets configuration or management."
} ,
{
"value" : "loss-of-information-due-to-maintenance-errors-or-operators-errors" ,
"expanded" : "Loss of information due to maintenance errors / operators' errors" ,
"description" : "Threat of loss of information by incorrectly performed maintenance of devices or systems or other operator activities."
} ,
{
"value" : "loss-of-information-due-to-configuration-or-installation error" ,
"expanded" : "Loss of information due to configuration/ installation error" ,
"description" : "Threat of loss of information due to errors in installation or system configuration."
} ,
{
"value" : "increasing-recovery-time" ,
"expanded" : "Increasing recovery time" ,
"description" : "Threat of unavailability of information due to errors in the use of backup media and increasing information recovery time."
} ,
{
"value" : "lost-of-information-due-to-user-errors" ,
"expanded" : "Loss of information due to user errors" ,
"description" : "Threat of unavailability of information or damage to IT assets caused by user errors (using IT infrastructure) or IT software recovery time."
} ,
{
"value" : "using-information-from-an-unreliable-source" ,
"expanded" : "Using information from an unreliable source" ,
"description" : "Bad decisions based on unreliable sources of information or unchecked information."
} ,
{
"value" : "unintentional-change-of-data-in-an-information-system" ,
"expanded" : "Unintentional change of data in an information system" ,
"description" : "Loss of information integrity due to human error (information system user mistake)."
} ,
{
"value" : "inadequate-design-and-planning-or-improper-adaptation" ,
"expanded" : "Inadequate design and planning or improper adaptation" ,
"description" : "Threats caused by improper IT assets or business processes design (inadequate specifications of IT products, inadequate usability, insecure interfaces, policy/procedure flows, design errors)."
} ,
{
"value" : "damage-caused-by-a-third-party" ,
"expanded" : "Damage caused by a third party" ,
"description" : "Threats of damage to IT assets caused by third party."
} ,
{
"value" : "security-failure-caused-by-third-party" ,
"expanded" : "Security failure caused by third party" ,
"description" : "Threats of damage to IT assets caused by breach of security regulations by third party."
} ,
{
"value" : "damages-resulting-from-penetration-testing" ,
"expanded" : "Damages resulting from penetration testing" ,
"description" : "Threats to information systems caused by conducting IT penetration tests inappropriately."
} ,
{
"value" : "loss-of-information-in-the-cloud" ,
"expanded" : "Loss of information in the cloud" ,
"description" : "Threats of losing information or data stored in the cloud."
} ,
{
"value" : "loss-of-(integrity-of)-sensitive-information" ,
"expanded" : "Loss of (integrity of) sensitive information" ,
"description" : "Threats of losing information or data, or changing information classified as sensitive."
} ,
{
"value" : "loss-of-integrity-of-certificates" ,
2016-05-24 07:49:55 +02:00
"expanded" : "Loss of integrity of certificates" ,
2016-05-24 07:45:27 +02:00
"description" : "Threat of losing integrity of certificates used for authorisation services"
} ,
{
"value" : "loss-of-devices-and-storage-media-and-documents" ,
"expanded" : "Loss of devices, storage media and documents" ,
"description" : "Threats of unavailability (losing) of IT assets and documents."
} ,
{
"value" : "loss-of-devices-or-mobile-devices" ,
"expanded" : "Loss of devices/ mobile devices" ,
"description" : "Threat of losing mobile devices."
} ,
{
"value" : "loss-of-storage-media" ,
"expanded" : "Loss of storage media" ,
"description" : "Threat of losing data-storage media."
} ,
{
"value" : "loss-of-documentation-of-IT-Infrastructure" ,
"expanded" : "Loss of documentation of IT Infrastructure" ,
"description" : "Threat of losing important documentation."
} ,
{
"value" : "destruction-of-records" ,
"expanded" : "Destruction of records" ,
"description" : "Threats of unavailability (destruction) of data and records (information) stored in devices and storage media."
} ,
{
"value" : "infection-of-removable-media" ,
"expanded" : "Infection of removable media" ,
"description" : "Threat of loss of important data due to using removable media, web or mail infection."
} ,
{
"value" : "abuse-of-storage" ,
"expanded" : "Abuse of storage" ,
"description" : "Threat of loss of records by improper /unauthorised use of storage devices."
2016-05-23 08:54:35 +02:00
}
] ,
"predicate" : "unintentional-damage"
2016-05-24 07:49:55 +02:00
} ,
{
"predicate" : "disaster" ,
"entry" : [
{
"value" : "disaster" ,
"expanded" : "Disaster (natural earthquakes, floods, landslides, tsunamis, heavy rains, heavy snowfalls, heavy winds)" ,
"description" : "Large scale natural disasters."
2016-05-24 07:53:05 +02:00
} ,
{
"value" : "fire" ,
"expanded" : "Fire" ,
"description" : "Threat of fire."
} ,
{
"value" : "pollution-dust-corrosion" ,
"expanded" : "Pollution, dust, corrosion" ,
"description" : "Threat of disruption of work of IT systems (hardware) due to pollution, dust or corrosion (arising from the air)."
} ,
{
"value" : "thunderstrike" ,
"expanded" : "Thunderstrike" ,
"description" : "Threat of damage to IT hardware caused by thunder strike (overvoltage)."
2016-05-25 15:50:25 +02:00
} ,
{
"value" : "water" ,
"expanded" : "Water" ,
"description" : "Threat of damage to IT hardware caused by water."
} ,
{
"value" : "explosion" ,
"expanded" : "Explosion" ,
"description" : "Threat of damage to IT hardware caused by explosion."
} ,
{
"value" : "dangerous-radiation-leak" ,
"expanded" : "Dangerous radiation leak" ,
"description" : "Threat of damage to IT hardware caused by radiation leak."
} ,
{
"value" : "unfavourable-climatic-conditions" ,
"expanded" : "Unfavourable climatic conditions" ,
"description" : "Threat of disruption of work of IT systems due to climatic conditions that have a negative effect on hardware."
} ,
{
"value" : "loss-of-data-or-accessibility-of-IT-infrastructure-as-a-result-of-heightened-humidity" ,
"expanded" : "Loss of data or accessibility of IT infrastructure as a result of heightened humidity" ,
"description" : "Threat of disruption of work of IT systems due to high humidity."
} ,
{
"value" : "lost-of-data-or-accessibility-of-IT-infrastructure-as-a-result-of-very-high-temperature" ,
"expanded" : "Lost of data or accessibility of IT infrastructure as a result of very high temperature" ,
"description" : "Threat of disruption of work of IT systems due to high or low temperature."
} ,
{
"value" : "threats-from-space-or-electromagnetic-storm" ,
"expanded" : "Threats from space / Electromagnetic storm" ,
"description" : "Threats of the negative impact of solar radiation to satellites and radio wave communication systems - electromagnetic storm."
} ,
{
"value" : "wildlife" ,
"expanded" : "Wildlife" ,
"description" : "Threat of destruction of IT assets caused by animals: mice, rats, birds."
2016-05-24 07:49:55 +02:00
}
]
2016-06-03 22:27:08 +02:00
} ,
{
"predicate" : "failures-malfunction" ,
"entry" : [
{
"value" : "failure-of-devices-or-systems" ,
"expanded" : "Failure of devices or systems" ,
"description" : "Threat of failure of IT hardware and/or software assets or its parts."
} ,
{
"value" : "failure-of-data-media" ,
"expanded" : "Failure of data media" ,
"description" : "Threat of failure of data media."
} ,
{
"value" : "hardware-failure" ,
"expanded" : "Hardware failure" ,
"description" : "Threat of failure of IT hardware."
} ,
{
"value" : "failure-of-applications-and-services" ,
"expanded" : "Failure of applications and services" ,
"description" : "Threat of failure of software/applications or services."
} ,
{
"value" : "failure-of-parts-of-devices-connectors-plug-ins" ,
"expanded" : "Failure of parts of devices (connectors, plug-ins)" ,
"description" : "Threat of failure of IT equipment or its part."
} ,
{
"value" : "failure-or-disruption-of-communication-links-communication networks" ,
"expanded" : "Failure or disruption of communication links (communication networks)" ,
"description" : "Threat of failure or malfunction of communications links."
} ,
{
"value" : "failure-of-cable-networks" ,
"expanded" : "Failure of cable networks" ,
"description" : "Threat of failure of communications links due to problems with cable network."
2016-06-06 07:39:25 +02:00
} ,
{
"value" : "failure-of-wireless-networks" ,
"expanded" : "Failure of wireless networks" ,
"description" : "Threat of failure of communications links due to problems with wireless networks."
} ,
{
"value" : "failure-of-mobile-networks" ,
"expanded" : "Failure of mobile networks" ,
"description" : "Threat of failure of communications links due to problems with mobile networks."
} ,
{
"value" : "failure-or-disruption-of-main-supply" ,
"expanded" : "Failure or disruption of main supply" ,
"description" : "Threat of failure or disruption of supply required for information systems."
} ,
{
"value" : "failure-or-disruption-of-power-supply" ,
"expanded" : "Failure or disruption of power supply" ,
"description" : "Threat of failure or malfunction of power supply."
} ,
{
"value" : "failure-of-cooling-infrastructure" ,
"expanded" : "Failure of cooling infrastructure" ,
"description" : "Threat of failure of IT assets due to improper work of cooling infrastructure."
} ,
{
"value" : "failure-or-disruption-of-service-providers-supply-chain" ,
"expanded" : "Failure or disruption of service providers (supply chain)" ,
"description" : "Threat of failure or disruption of third party services required for proper operation of information systems."
} ,
{
"value" : "malfunction-of-equipment-devices-or-systems" ,
"expanded" : "Malfunction of equipment (devices or systems)" ,
"description" : "Threat of malfunction of IT hardware and/or software assets or its parts (i.e. improper working parameters, jamming, rebooting)."
2016-06-03 22:27:08 +02:00
}
]
2016-06-06 07:39:25 +02:00
} ,
{
"predicate" : "outages" ,
"entry" : [
{
"value" : "absence-of-personnel" ,
"expanded" : "Absence of personnel" ,
"description" : "Unavailability of key personnel and their competences."
} ,
{
"value" : "strike" ,
"expanded" : "Strike" ,
"description" : "Unavailability of staff due to a strike (large scale absence of personnel)."
} ,
{
"value" : "loss-of-support-services" ,
"expanded" : "Loss of support services" ,
"description" : "Unavailability of support services required for proper operation of the information system."
} ,
{
"value" : "internet-outage" ,
"expanded" : "Internet outage" ,
"description" : "Unavailability of the Internet connection."
} ,
{
"value" : "network-outage" ,
"expanded" : "Network outage" ,
"description" : "Unavailability of communication links."
} ,
{
"value" : "outage-of-cable-networks" ,
"expanded" : "Outage of cable networks" ,
"description" : "Threat of lack of communications links due to problems with cable network."
} ,
{
"value" : "Outage-of-short-range-wireless-networks" ,
"expanded" : "Outage of short-range wireless networks" ,
"description" : "Threat of lack of communications links due to problems with wireless networks (802.11 networks, Bluetooth, NFC etc.)."
} ,
{
"value" : "outages-of-long-range-wireless-networks" ,
"expanded" : "Outages of long-range wireless networks" ,
"description" : "Threat of lack of communications links due to problems with mobile networks like cellular network (3G, LTE, GSM etc.) or satellite links."
}
]
2016-06-06 07:58:59 +02:00
} ,
{
"predicate" : "eavesdropping-interception-hijacking" ,
"entry" : [
{
"value" : "war-driving" ,
"expanded" : "War driving" ,
"description" : "Threat of locating and possibly exploiting connection to the wireless network."
} ,
{
"value" : "intercepting-compromising-emissions" ,
"expanded" : "Intercepting compromising emissions" ,
"description" : "Threat of disclosure of transmitted information using interception and analysis of compromising emission."
} ,
{
"value" : "interception-of-information" ,
"expanded" : "Interception of information" ,
"description" : "Threat of interception of information which is improperly secured in transmission or by improper actions of staff."
} ,
{
"value" : "corporate-espionage" ,
"expanded" : "Corporate espionage" ,
"description" : "Threat of obtaining information secrets by dishonest means."
} ,
{
"value" : "nation-state-espionage" ,
"expanded" : "Nation state espionage" ,
"description" : "Threats of stealing information by nation state espionage (e.g. China based governmental espionage, NSA from USA)."
} ,
{
"value" : "information-leakage-due-to-unsecured-wi-fi-like-rogue-access-points" ,
"expanded" : "Information leakage due to unsecured Wi-Fi, rogue access points" ,
"description" : "Threat of obtaining important information by insecure network rogue access points etc."
} ,
{
"value" : "interfering-radiation" ,
"expanded" : "Interfering radiation" ,
"description" : "Threat of failure of IT hardware or transmission connection due to electromagnetic induction or electromagnetic radiation emitted by an outside source."
} ,
{
"value" : "replay-of-messages" ,
"expanded" : "Replay of messages" ,
"description" : "Threat in which valid data transmission is maliciously or fraudulently repeated or delayed."
} ,
{
"value" : "network-reconnaissance-network-traffic-manipulation-and-information-gathering" ,
"expanded" : "Network Reconnaissance, Network traffic manipulation and Information gathering" ,
"description" : "Threat of identifying information about a network to find security weaknesses."
} ,
{
"value" : "man-in-the-middle-session-hijacking" ,
"expanded" : "Man in the middle/ Session hijacking" ,
"description" : "Threats that relay or alter communication between two parties."
}
]
} ,
{
"predicate" : "nefarious-activity-abuse" ,
"entry" : [
{
"value" : "identity-theft-identity-fraud-account)" ,
"expanded" : "Identity theft (Identity Fraud/ Account)" ,
"description" : "Threat of identity theft action."
} ,
{
"value" : "credentials-stealing-trojans" ,
"expanded" : "Credentials-stealing trojans" ,
"description" : "Threat of identity theft action by malware computer programs."
} ,
{
"value" : "receiving-unsolicited-e-mail" ,
"expanded" : "Receiving unsolicited E-mail" ,
"description" : "Threat of receiving unsolicited email which affects information security and efficiency."
2016-06-08 08:47:10 +02:00
} ,
{
"value" : "spam" ,
"expanded" : "SPAM" ,
"description" : "Threat of receiving unsolicited, undesired, or illegal email messages."
} ,
{
"value" : "unsolicited-infected-e-mails" ,
"expanded" : "Unsolicited infected e-mails" ,
"description" : "Threat emanating from unwanted emails that may contain infected attachments or links to malicious / infected web sites."
} ,
{
"value" : "denial-of-service" ,
"expanded" : "Denial of service" ,
"description" : "Threat of service unavailability due to massive requests for services."
} ,
{
"value" : "distributed-denial-of-network-service-network-layer-attack" ,
"expanded" : "Distributed denial of network service (DDoS) (network layer attack i.e. Protocol exploitation / Malformed packets / Flooding / Spoofing)" ,
"description" : "Threat of service unavailability due to a massive number of requests for access to network services from malicious clients."
} ,
{
"value" : "distributed-denial-of-network-service-application-layer-attack" ,
"expanded" : "Distributed denial of application service (DDoS) (application layer attack i.e. Ping of Death / XDoS / WinNuke / HTTP Floods)" ,
"description" : "Threat of service unavailability due to massive requests sent by multiple malicious clients."
} ,
{
"value" : "distributed-denial-of-network-service-amplification-reflection-attack" ,
"expanded" : "Distributed DoS (DDoS) to both network and application services (amplification/reflection methods i.e. NTP/ DNS /.../ BitTorrent)" ,
"description" : "Threat of creating a massive number of requests, using multiplication/amplification methods."
} ,
{
"value" : "malicious-code-software-activity" ,
"expanded" : "Malicious code/ software/ activity"
} ,
{
"value" : "search-engine-poisoning" ,
"expanded" : "Search Engine Poisoning" ,
"description" : "Threat of deliberate manipulation of search engine indexes."
2016-06-06 07:58:59 +02:00
}
]
2016-05-23 08:54:35 +02:00
}
] ,
2016-05-20 07:43:26 +02:00
"predicates" : [
{
2016-05-23 08:54:35 +02:00
"description" : "Threats of intentional, hostile human actions." ,
2016-05-20 07:43:26 +02:00
"expanded" : "Physical attack (deliberate/intentional)." ,
2016-05-23 08:54:35 +02:00
"value" : "physical-attack"
2016-05-20 07:43:26 +02:00
} ,
{
2016-05-23 08:54:35 +02:00
"description" : "Threats of unintentional human actions or errors." ,
2016-05-20 07:43:26 +02:00
"expanded" : "Unintentional damage / loss of information or IT assets." ,
2016-05-23 08:54:35 +02:00
"value" : "unintentional-damage"
2016-05-20 07:43:26 +02:00
} ,
{
2016-05-23 08:54:35 +02:00
"description" : "Threats of damage to information assets caused by natural or environmental factors." ,
2016-05-20 07:43:26 +02:00
"expanded" : "Disaster (natural, environmental)." ,
2016-05-23 08:54:35 +02:00
"value" : "disaster"
2016-05-20 07:43:26 +02:00
} ,
{
2016-05-23 08:54:35 +02:00
"description" : "Threat of failure/malfunction of IT supporting infrastructure (i.e. degradation of quality, improper working parameters, jamming). The cause of a failure is mostly an internal issue (e.g.. overload of the power grid in a building)." ,
2016-05-20 07:43:26 +02:00
"expanded" : "Failures/ Malfunction." ,
2016-05-23 08:54:35 +02:00
"value" : "failures-malfunction"
2016-05-20 07:43:26 +02:00
} ,
{
2016-05-23 08:54:35 +02:00
"description" : "Threat of complete lack or loss of resources necessary for IT infrastructure. The cause of an outage is mostly an external issue (i.e electricity blackout in the whole city)." ,
2016-05-20 07:43:26 +02:00
"expanded" : "Outages." ,
2016-05-23 08:54:35 +02:00
"value" : "outages"
2016-05-20 07:43:26 +02:00
} ,
{
2016-05-23 08:54:35 +02:00
"description" : "Threats that alter communication between two parties. These attacks do not have to install additional tools/software on a victim's site." ,
2016-05-20 07:43:26 +02:00
"expanded" : "Eavesdropping/ Interception/ Hijacking" ,
2016-05-23 08:54:35 +02:00
"value" : "eavesdropping-interception-hijacking"
2016-05-20 07:43:26 +02:00
} ,
{
2016-05-23 08:54:35 +02:00
"description" : "Threats of nefarious activities that require use of tools by the attacker. These attacks require installation of additional tools/software or performing additional steps on the victim's IT infrastructure/software." ,
2016-05-20 07:43:26 +02:00
"expanded" : "Nefarious Activity/ Abuse" ,
2016-05-23 08:54:35 +02:00
"value" : "nefarious-activity-abuse"
2016-05-20 07:43:26 +02:00
} ,
{
2016-05-23 08:54:35 +02:00
"description" : "Threat of financial or legal penalty or loss of trust of customers and collaborators due to legislation." ,
2016-05-20 07:43:26 +02:00
"expanded" : "Legal" ,
2016-05-23 08:54:35 +02:00
"value" : "legal"
2016-05-20 07:43:26 +02:00
}
] ,
2016-05-23 08:54:35 +02:00
"version" : 1 ,
"description" : "The present threat taxonomy is an initial version that has been developed on the basis of available ENISA material. This material has been used as an ENISA-internal structuring aid for information collection and threat consolidation purposes. It emerged in the time period 2012-2015." ,
"expanded" : "ENISA Threat Taxonomy" ,
"namespace" : "enisa"
2016-05-20 07:43:26 +02:00
}
