{ "values": [ { "entry": [ { "description": "Fraud committed by humans.", "expanded": "Fraud", "value": "fraud" }, { "description": "Fraud committed by employees or others that are in relation with entities, who have access to entities' information and IT assets.", "expanded": "Fraud committed by employees", "value": "fraud-by-employees" }, { "description": "Intentional actions (non-fulfilment or defective fulfilment of personal duties) aimed to cause disruption or damage to IT assets.", "expanded": "Sabotage", "value": "sabotage" }, { "description": "Act of physically damaging IT assets.", "expanded": "Vandalism", "value": "vandalism" }, { "description": "Stealing information or IT assets. Robbery.", "expanded": "Theft (of devices, storage media and documents)", "value": "theft" }, { "description": "Taking away another person's property in the form of mobile devices, for example smartphones, tablets.", "expanded": "Theft of mobile devices (smartphones/ tablets)", "value": "theft-of-mobile-devices" }, { "description": "Taking away another person's hardware property (except mobile devices), which often contains business-sensitive data.", "expanded": "Theft of fixed hardware", "value": "theft-of-fixed-hardware" }, { "description": "Stealing documents from private/company archives, often for the purpose of re-sale or to achieve personal benefits.", "expanded": "Theft of documents", "value": "theft-of-documents" }, { "description": "Stealing media devices, on which copies of essential information are kept.", "expanded": "Theft of backups", "value": "theft-of-backups" }, { "description": "Sharing information with unauthorised entities. Loss of information confidentiality due to intentional human actions (e.g., information leak may occur due to loss of paper copies of confidential information).", "expanded": "Information leak /sharing", "value": "information-leak-or-unauthorised-sharing" }, { "description": "Unapproved access to facility.", "expanded": "Unauthorized physical access / Unauthorised entry to premises", "value": "unauthorised-physical-access-or-unauthorised-entry-to-premises" }, { "description": "Actions following acts of coercion, extortion or corruption.", "expanded": "Coercion, extortion or corruption", "value": "coercion-or-extortion-or-corruption" }, { "description": "Threats of direct impact of warfare activities.", "expanded": "Damage from the warfare", "value": "damage-from-the-wafare" }, { "description": "Threats from terrorists.", "expanded": "Terrorist attack", "value": "terrorist-attack" } ], "predicate": "physical-attack" }, { "entry": [ { "description": "Information leak / sharing caused by humans, due to their mistakes.", "expanded": "Information leak /sharing due to human error", "value": "information-leak-or-sharing-due-to-human-error" }, { "value": "accidental-leaks-or-sharing-of-data-by-employees", "expanded": "Accidental leaks/sharing of data by employees", "description": "Unintentional distribution of private or sensitive data to an unauthorized entity by a staff member." }, { "value": "leaks-of-data-via-mobile-applications", "expanded": "Leaks of data via mobile applications", "description": "Threat of leaking private data (a result of using applications for mobile devices)." }, { "value": "leaks-of-data-via-web-applications", "expanded": "Leaks of data via Web applications", "description": "Threat of leaking important information using web applications." }, { "value": "leaks-of-information-transferred-by-network", "expanded": "Leaks of information transferred by network", "description": "Threat of eavesdropping of unsecured network traffic." }, { "value": "erroneous-use-or-administration-of-devices-and-systems", "expanded": "Erroneous use or administration of devices and systems", "description": "Information leak / sharing / damage caused by misuse of IT assets (lack of awareness of application features) or wrong / improper IT assets configuration or management." }, { "value": "loss-of-information-due-to-maintenance-errors-or-operators-errors", "expanded": "Loss of information due to maintenance errors / operators' errors", "description": "Threat of loss of information by incorrectly performed maintenance of devices or systems or other operator activities." }, { "value": "loss-of-information-due-to-configuration-or-installation error", "expanded": "Loss of information due to configuration/ installation error", "description": "Threat of loss of information due to errors in installation or system configuration." }, { "value": "increasing-recovery-time", "expanded": "Increasing recovery time", "description": "Threat of unavailability of information due to errors in the use of backup media and increasing information recovery time." }, { "value": "lost-of-information-due-to-user-errors", "expanded": "Loss of information due to user errors", "description": "Threat of unavailability of information or damage to IT assets caused by user errors (using IT infrastructure) or IT software recovery time." }, { "value": "using-information-from-an-unreliable-source", "expanded": "Using information from an unreliable source", "description": "Bad decisions based on unreliable sources of information or unchecked information." }, { "value": "unintentional-change-of-data-in-an-information-system", "expanded": "Unintentional change of data in an information system", "description": "Loss of information integrity due to human error (information system user mistake)." }, { "value": "inadequate-design-and-planning-or-improper-adaptation", "expanded": "Inadequate design and planning or improper adaptation", "description": "Threats caused by improper IT assets or business processes design (inadequate specifications of IT products, inadequate usability, insecure interfaces, policy/procedure flows, design errors)." }, { "value": "damage-caused-by-a-third-party", "expanded": "Damage caused by a third party", "description": "Threats of damage to IT assets caused by third party." }, { "value": "security-failure-caused-by-third-party", "expanded": "Security failure caused by third party", "description": "Threats of damage to IT assets caused by breach of security regulations by third party." }, { "value": "damages-resulting-from-penetration-testing", "expanded": "Damages resulting from penetration testing", "description": "Threats to information systems caused by conducting IT penetration tests inappropriately." }, { "value": "loss-of-information-in-the-cloud", "expanded": "Loss of information in the cloud", "description": "Threats of losing information or data stored in the cloud." }, { "value": "loss-of-(integrity-of)-sensitive-information", "expanded": "Loss of (integrity of) sensitive information", "description": "Threats of losing information or data, or changing information classified as sensitive." }, { "value": "loss-of-integrity-of-certificates", "expanded": "Loss of integrity of certificates", "description": "Threat of losing integrity of certificates used for authorisation services" }, { "value": "loss-of-devices-and-storage-media-and-documents", "expanded": "Loss of devices, storage media and documents", "description": "Threats of unavailability (losing) of IT assets and documents." }, { "value": "loss-of-devices-or-mobile-devices", "expanded": "Loss of devices/ mobile devices", "description": "Threat of losing mobile devices." }, { "value": "loss-of-storage-media", "expanded": "Loss of storage media", "description": "Threat of losing data-storage media." }, { "value": "loss-of-documentation-of-IT-Infrastructure", "expanded": "Loss of documentation of IT Infrastructure", "description": "Threat of losing important documentation." }, { "value": "destruction-of-records", "expanded": "Destruction of records", "description": "Threats of unavailability (destruction) of data and records (information) stored in devices and storage media." }, { "value": "infection-of-removable-media", "expanded": "Infection of removable media", "description": "Threat of loss of important data due to using removable media, web or mail infection." }, { "value": "abuse-of-storage", "expanded": "Abuse of storage", "description": "Threat of loss of records by improper /unauthorised use of storage devices." } ], "predicate": "unintentional-damage" }, { "predicate": "disaster", "entry": [ { "value": "disaster", "expanded": "Disaster (natural earthquakes, floods, landslides, tsunamis, heavy rains, heavy snowfalls, heavy winds)", "description": "Large scale natural disasters." }, { "value": "fire", "expanded": "Fire", "description": "Threat of fire." }, { "value": "pollution-dust-corrosion", "expanded": "Pollution, dust, corrosion", "description": "Threat of disruption of work of IT systems (hardware) due to pollution, dust or corrosion (arising from the air)." }, { "value": "thunderstrike", "expanded": "Thunderstrike", "description": "Threat of damage to IT hardware caused by thunder strike (overvoltage)." }, { "value": "water", "expanded": "Water", "description": "Threat of damage to IT hardware caused by water." }, { "value": "explosion", "expanded": "Explosion", "description": "Threat of damage to IT hardware caused by explosion." }, { "value": "dangerous-radiation-leak", "expanded": "Dangerous radiation leak", "description": "Threat of damage to IT hardware caused by radiation leak." }, { "value": "unfavourable-climatic-conditions", "expanded": "Unfavourable climatic conditions", "description": "Threat of disruption of work of IT systems due to climatic conditions that have a negative effect on hardware." }, { "value": "loss-of-data-or-accessibility-of-IT-infrastructure-as-a-result-of-heightened-humidity", "expanded": "Loss of data or accessibility of IT infrastructure as a result of heightened humidity", "description": "Threat of disruption of work of IT systems due to high humidity." }, { "value": "lost-of-data-or-accessibility-of-IT-infrastructure-as-a-result-of-very-high-temperature", "expanded": "Lost of data or accessibility of IT infrastructure as a result of very high temperature", "description": "Threat of disruption of work of IT systems due to high or low temperature." }, { "value": "threats-from-space-or-electromagnetic-storm", "expanded": "Threats from space / Electromagnetic storm", "description": "Threats of the negative impact of solar radiation to satellites and radio wave communication systems - electromagnetic storm." }, { "value": "wildlife", "expanded": "Wildlife", "description": "Threat of destruction of IT assets caused by animals: mice, rats, birds." } ] }, { "predicate": "failures-malfunction", "entry": [ { "value": "failure-of-devices-or-systems", "expanded": "Failure of devices or systems", "description": "Threat of failure of IT hardware and/or software assets or its parts." }, { "value": "failure-of-data-media", "expanded": "Failure of data media", "description": "Threat of failure of data media." }, { "value": "hardware-failure", "expanded": "Hardware failure", "description": "Threat of failure of IT hardware." }, { "value": "failure-of-applications-and-services", "expanded": "Failure of applications and services", "description": "Threat of failure of software/applications or services." }, { "value": "failure-of-parts-of-devices-connectors-plug-ins", "expanded": "Failure of parts of devices (connectors, plug-ins)", "description": "Threat of failure of IT equipment or its part." }, { "value": "failure-or-disruption-of-communication-links-communication networks", "expanded": "Failure or disruption of communication links (communication networks)", "description": "Threat of failure or malfunction of communications links." }, { "value": "failure-of-cable-networks", "expanded": "Failure of cable networks", "description": "Threat of failure of communications links due to problems with cable network." }, { "value": "failure-of-wireless-networks", "expanded": "Failure of wireless networks", "description": "Threat of failure of communications links due to problems with wireless networks." }, { "value": "failure-of-mobile-networks", "expanded": "Failure of mobile networks", "description": "Threat of failure of communications links due to problems with mobile networks." }, { "value": "failure-or-disruption-of-main-supply", "expanded": "Failure or disruption of main supply", "description": "Threat of failure or disruption of supply required for information systems." }, { "value": "failure-or-disruption-of-power-supply", "expanded": "Failure or disruption of power supply", "description": "Threat of failure or malfunction of power supply." }, { "value": "failure-of-cooling-infrastructure", "expanded": "Failure of cooling infrastructure", "description": "Threat of failure of IT assets due to improper work of cooling infrastructure." }, { "value": "failure-or-disruption-of-service-providers-supply-chain", "expanded": "Failure or disruption of service providers (supply chain)", "description": "Threat of failure or disruption of third party services required for proper operation of information systems." }, { "value": "malfunction-of-equipment-devices-or-systems", "expanded": "Malfunction of equipment (devices or systems)", "description": "Threat of malfunction of IT hardware and/or software assets or its parts (i.e. improper working parameters, jamming, rebooting)." } ] }, { "predicate": "outages", "entry": [ { "value": "absence-of-personnel", "expanded": "Absence of personnel", "description": "Unavailability of key personnel and their competences." }, { "value": "strike", "expanded": "Strike", "description": "Unavailability of staff due to a strike (large scale absence of personnel)." }, { "value": "loss-of-support-services", "expanded": "Loss of support services", "description": "Unavailability of support services required for proper operation of the information system." }, { "value": "internet-outage", "expanded": "Internet outage", "description": "Unavailability of the Internet connection." }, { "value": "network-outage", "expanded": "Network outage", "description": "Unavailability of communication links." }, { "value": "outage-of-cable-networks", "expanded": "Outage of cable networks", "description": "Threat of lack of communications links due to problems with cable network." }, { "value": "Outage-of-short-range-wireless-networks", "expanded": "Outage of short-range wireless networks", "description": "Threat of lack of communications links due to problems with wireless networks (802.11 networks, Bluetooth, NFC etc.)." }, { "value": "outages-of-long-range-wireless-networks", "expanded": "Outages of long-range wireless networks", "description": "Threat of lack of communications links due to problems with mobile networks like cellular network (3G, LTE, GSM etc.) or satellite links." } ] } ], "predicates": [ { "description": "Threats of intentional, hostile human actions.", "expanded": "Physical attack (deliberate/intentional).", "value": "physical-attack" }, { "description": "Threats of unintentional human actions or errors.", "expanded": "Unintentional damage / loss of information or IT assets.", "value": "unintentional-damage" }, { "description": "Threats of damage to information assets caused by natural or environmental factors.", "expanded": "Disaster (natural, environmental).", "value": "disaster" }, { "description": "Threat of failure/malfunction of IT supporting infrastructure (i.e. degradation of quality, improper working parameters, jamming). The cause of a failure is mostly an internal issue (e.g.. overload of the power grid in a building).", "expanded": "Failures/ Malfunction.", "value": "failures-malfunction" }, { "description": "Threat of complete lack or loss of resources necessary for IT infrastructure. The cause of an outage is mostly an external issue (i.e electricity blackout in the whole city).", "expanded": "Outages.", "value": "outages" }, { "description": "Threats that alter communication between two parties. These attacks do not have to install additional tools/software on a victim's site.", "expanded": "Eavesdropping/ Interception/ Hijacking", "value": "eavesdropping-interception-hijacking" }, { "description": "Threats of nefarious activities that require use of tools by the attacker. These attacks require installation of additional tools/software or performing additional steps on the victim's IT infrastructure/software.", "expanded": "Nefarious Activity/ Abuse", "value": "nefarious-activity-abuse" }, { "description": "Threat of financial or legal penalty or loss of trust of customers and collaborators due to legislation.", "expanded": "Legal", "value": "legal" } ], "version": 1, "description": "The present threat taxonomy is an initial version that has been developed on the basis of available ENISA material. This material has been used as an ENISA-internal structuring aid for information collection and threat consolidation purposes. It emerged in the time period 2012-2015.", "expanded": "ENISA Threat Taxonomy", "namespace": "enisa" }