"description":"Fraud committed by employees or others that are in relation with entities, who have access to entities' information and IT assets.",
"expanded":"Fraud committed by employees",
"value":"fraud-by-employees"
},
{
"description":"Intentional actions (non-fulfilment or defective fulfilment of personal duties) aimed to cause disruption or damage to IT assets.",
"expanded":"Sabotage",
"value":"sabotage"
},
{
"description":"Act of physically damaging IT assets.",
"expanded":"Vandalism",
"value":"vandalism"
},
{
"description":"Stealing information or IT assets. Robbery.",
"expanded":"Theft (of devices, storage media and documents)",
"value":"theft"
},
{
"description":"Taking away another person's property in the form of mobile devices, for example smartphones, tablets.",
"expanded":"Theft of mobile devices (smartphones/ tablets)",
"value":"theft-of-mobile-devices"
},
{
"description":"Taking away another person's hardware property (except mobile devices), which often contains business-sensitive data.",
"expanded":"Theft of fixed hardware",
"value":"theft-of-fixed-hardware"
},
{
"description":"Stealing documents from private/company archives, often for the purpose of re-sale or to achieve personal benefits.",
"expanded":"Theft of documents",
"value":"theft-of-documents"
},
{
"description":"Stealing media devices, on which copies of essential information are kept.",
"expanded":"Theft of backups",
"value":"theft-of-backups"
},
{
"description":"Sharing information with unauthorised entities. Loss of information confidentiality due to intentional human actions (e.g., information leak may occur due to loss of paper copies of confidential information).",
"expanded":"Erroneous use or administration of devices and systems",
"description":"Information leak / sharing / damage caused by misuse of IT assets (lack of awareness of application features) or wrong / improper IT assets configuration or management."
"expanded":"Loss of information due to configuration/ installation error",
"description":"Threat of loss of information due to errors in installation or system configuration."
},
{
"value":"increasing-recovery-time",
"expanded":"Increasing recovery time",
"description":"Threat of unavailability of information due to errors in the use of backup media and increasing information recovery time."
},
{
"value":"lost-of-information-due-to-user-errors",
"expanded":"Loss of information due to user errors",
"description":"Threat of unavailability of information or damage to IT assets caused by user errors (using IT infrastructure) or IT software recovery time."
"expanded":"Inadequate design and planning or improper adaptation",
"description":"Threats caused by improper IT assets or business processes design (inadequate specifications of IT products, inadequate usability, insecure interfaces, policy/procedure flows, design errors)."
},
{
"value":"damage-caused-by-a-third-party",
"expanded":"Damage caused by a third party",
"description":"Threats of damage to IT assets caused by third party."
},
{
"value":"security-failure-caused-by-third-party",
"expanded":"Security failure caused by third party",
"description":"Threats of damage to IT assets caused by breach of security regulations by third party."
"expanded":"Outages of long-range wireless networks",
"description":"Threat of lack of communications links due to problems with mobile networks like cellular network (3G, LTE, GSM etc.) or satellite links."
"expanded":"Information leakage due to unsecured Wi-Fi, rogue access points",
"description":"Threat of obtaining important information by insecure network rogue access points etc."
},
{
"value":"interfering-radiation",
"expanded":"Interfering radiation",
"description":"Threat of failure of IT hardware or transmission connection due to electromagnetic induction or electromagnetic radiation emitted by an outside source."
},
{
"value":"replay-of-messages",
"expanded":"Replay of messages",
"description":"Threat in which valid data transmission is maliciously or fraudulently repeated or delayed."
"expanded":"Failure to meet contractual requirements by third party",
"description":"Threat of financial penalty or loss of trust of customers and collaborators due to a third party's failure to meet contractual requirements"
"expanded":"Unauthorized use of IPR protected resources",
"description":"Threat of financial or legal penalty or loss of trust of customers and collaborators due to improper/illegal use of IPR protected material (IPR- Intellectual Property Rights."
},
{
"value":"illegal-usage-of-file-sharing-services",
"expanded":"Illegal usage of File Sharing services",
"description":"Threat of financial or legal penalty or loss of trust of customers and collaborators due to improper/illegal use of file sharing services."
},
{
"value":"abuse-of-personal-data",
"expanded":"Abuse of personal data",
"description":"Threat of illegal use of personal data."
},
{
"value":"judiciary-decisions-or-court-order",
"expanded":"Judiciary decisions/court order",
"description":"Threat of financial or legal penalty or loss of trust of customers and collaborators due to judiciary decisions/court order."
"expanded":"Exploitation of fake trust of social media",
"description":"Threat of malicious activities making use of trusted social media."
},
{
"value":"worms-trojans",
"expanded":"Worms/ Trojans",
"description":"Threat of malware computer programs (trojans/worms)."
},
{
"value":"rootkits",
"expanded":"Rootkits",
"description":"Threat of stealthy types of malware software."
},
{
"value":"mobile-malware",
"expanded":"Mobile malware",
"description":"Threat of mobile malware programs."
},
{
"value":"infected-trusted-mobile-apps",
"expanded":"Infected trusted mobile apps",
"description":"Threat of using mobile malware software that is recognised as trusted one."
},
{
"value":"elevation-of-privileges",
"expanded":"Elevation of privileges",
"description":"Threat of exploiting bugs, design flaws or configuration oversights in an operating system or software application to gain elevated access to resources."
"description":"Threat of utilizing custom web applications embedded within social media sites, which can lead to installation of malicious code onto computers to be used to gain unauthorized access."
},
{
"value":"spyware-or-deceptive-adware",
"expanded":"Spyware or deceptive adware",
"description":"Threat of using software that aims to gather information about a person or organization without their knowledge."
"description":"Threat of internet fraud or malicious software that mislead users into believing there is a virus on their computer, and manipulates them to pay money for fake removal tool."
},
{
"value":"ransomware",
"expanded":"Ransomware",
"description":"Threat of infection of computer system or device by malware that restricts access to it and demands that the user pay a ransom to remove the restriction."
},
{
"value":"exploits-exploit-kits",
"expanded":"Exploits/Exploit Kits",
"description":"Threat to IT assets due to the use of web available exploits or exploits software."
},
{
"value":"social-engineering",
"expanded":"Social Engineering",
"description":"Threat of social engineering type attacks (target: manipulation of personnel behaviour)."
},
{
"value":"phishing-attacks",
"expanded":"Phishing attacks",
"description":"Threat of an email fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients. Typically, the messages appear to come from well-known and trustworthy websites."
},
{
"value":"spear-phishing-attacks",
"expanded":"Spear phishing attacks",
"description":"Spear-phishing is a targeted e-mail message that has been crafted to create fake trust and thus lure the victim to unveil some business or personal secrets that can be abused by the adversary."
},
{
"value":"abuse-of-information-leakage",
"expanded":"Abuse of Information Leakage",
"description":"Threat of leaking important information."
"expanded":"Access of web sites through chains of HTTP Proxies (Obfuscation)",
"description":"Threat of bypassing the security mechanism using HTTP proxies (bypassing the website blacklist)."
},
{
"value":"access-to-device-software",
"expanded":"Access to device software",
"description":"Threat of unauthorised manipulation by access to device software."
},
{
"value":"alternation-of-software",
"expanded":"Alternation of software",
"description":"Threat of unauthorized modifications to code or data, attacking its integrity."
},
{
"value":"rogue-hardware",
"expanded":"Rogue hardware",
"description":"Threat of manipulation due to unauthorized access to hardware."
},
{
"value":"manipulation-of-information",
"expanded":"Manipulation of information",
"description":"Threat of intentional data manipulation to mislead information systems or somebody or to cover other nefarious activities (loss of integrity of information)."
},
{
"value":"repudiation-of-actions",
"expanded":"Repudiation of actions",
"description":"Threat of intentional data manipulation to repudiate action."
},
{
"value":"address-space-hijacking-IP-prefixes",
"expanded":"Address space hijacking (IP prefixes)",
"description":"Threat of the illegitimate takeover of groups of IP addresses."
},
{
"value":"routing-table-manipulation",
"expanded":"Routing table manipulation",
"description":"Threat of route packets of network to IP addresses other than that was intended via sender by unauthorised manipulation of routing table."
"expanded":"Compromising confidential information (data breaches)",
"description":"Threat of data breach."
},
{
"value":"hoax",
"expanded":"Hoax",
"description":"Threat of loss of IT assets security due to cheating."
},
{
"value":"false-rumour-and-or-fake-warning",
"expanded":"False rumour and/or fake warning",
"description":"Threat of disruption of work due to rumours and/or a fake warning."
},
{
"value":"remote-activity-execution",
"expanded":"Remote activity (execution)",
"description":"Threat of nefarious action by attacker remote activity."
},
{
"value":"remote-command-execution",
"expanded":"Remote Command Execution",
"description":"Threat of nefarious action due to remote command execution."
},
{
"value":"remote-access-tool",
"expanded":"Remote Access Tool (RAT)",
"description":"Threat of infection of software that has a remote administration capabilities allowing an attacker to control the victim's computer."
},
{
"value":"botnets-remote-activity",
"expanded":"Botnets / Remote activity",
"description":"Threat of penetration by software from malware distribution."
},
{
"value":"targeted-attacks",
"expanded":"Targeted attacks (APTs etc.)",
"description":"Threat of sophisticated, targeted attack which combine many attack techniques."
},
{
"value":"mobile-malware",
"expanded":"Mobile malware",
"description":"Threat of mobile software that aims to gather information about a person or organization without their knowledge."
},
{
"value":"spear-phishing-attacks",
"expanded":"Spear phishing attacks",
"description":"Threat of attack focused on a single user or department within an organization, coming from someone within the company in a position of trust and requesting information such as login, IDs and passwords."
"description":"Threat of failure/malfunction of IT supporting infrastructure (i.e. degradation of quality, improper working parameters, jamming). The cause of a failure is mostly an internal issue (e.g.. overload of the power grid in a building).",
"description":"Threat of complete lack or loss of resources necessary for IT infrastructure. The cause of an outage is mostly an external issue (i.e electricity blackout in the whole city).",
"description":"Threats that alter communication between two parties. These attacks do not have to install additional tools/software on a victim's site.",
"description":"Threats of nefarious activities that require use of tools by the attacker. These attacks require installation of additional tools/software or performing additional steps on the victim's IT infrastructure/software.",
"description":"The present threat taxonomy is an initial version that has been developed on the basis of available ENISA material. This material has been used as an ENISA-internal structuring aid for information collection and threat consolidation purposes. It emerged in the time period 2012-2015.",