286 lines
13 KiB
JSON
286 lines
13 KiB
JSON
{
|
|
"values": [
|
|
{
|
|
"entry": [
|
|
{
|
|
"description": "Fraud committed by humans.",
|
|
"expanded": "Fraud",
|
|
"value": "fraud"
|
|
},
|
|
{
|
|
"description": "Fraud committed by employees or others that are in relation with entities, who have access to entities' information and IT assets.",
|
|
"expanded": "Fraud committed by employees",
|
|
"value": "fraud-by-employees"
|
|
},
|
|
{
|
|
"description": "Intentional actions (non-fulfilment or defective fulfilment of personal duties) aimed to cause disruption or damage to IT assets.",
|
|
"expanded": "Sabotage",
|
|
"value": "sabotage"
|
|
},
|
|
{
|
|
"description": "Act of physically damaging IT assets.",
|
|
"expanded": "Vandalism",
|
|
"value": "vandalism"
|
|
},
|
|
{
|
|
"description": "Stealing information or IT assets. Robbery.",
|
|
"expanded": "Theft (of devices, storage media and documents)",
|
|
"value": "theft"
|
|
},
|
|
{
|
|
"description": "Taking away another person's property in the form of mobile devices, for example smartphones, tablets.",
|
|
"expanded": "Theft of mobile devices (smartphones/ tablets)",
|
|
"value": "theft-of-mobile-devices"
|
|
},
|
|
{
|
|
"description": "Taking away another person's hardware property (except mobile devices), which often contains business-sensitive data.",
|
|
"expanded": "Theft of fixed hardware",
|
|
"value": "theft-of-fixed-hardware"
|
|
},
|
|
{
|
|
"description": "Stealing documents from private/company archives, often for the purpose of re-sale or to achieve personal benefits.",
|
|
"expanded": "Theft of documents",
|
|
"value": "theft-of-documents"
|
|
},
|
|
{
|
|
"description": "Stealing media devices, on which copies of essential information are kept.",
|
|
"expanded": "Theft of backups",
|
|
"value": "theft-of-backups"
|
|
},
|
|
{
|
|
"description": "Sharing information with unauthorised entities. Loss of information confidentiality due to intentional human actions (e.g., information leak may occur due to loss of paper copies of confidential information).",
|
|
"expanded": "Information leak /sharing",
|
|
"value": "information-leak-or-unauthorised-sharing"
|
|
},
|
|
{
|
|
"description": "Unapproved access to facility.",
|
|
"expanded": "Unauthorized physical access / Unauthorised entry to premises",
|
|
"value": "unauthorised-physical-access-or-unauthorised-entry-to-premises"
|
|
},
|
|
{
|
|
"description": "Actions following acts of coercion, extortion or corruption.",
|
|
"expanded": "Coercion, extortion or corruption",
|
|
"value": "coercion-or-extortion-or-corruption"
|
|
},
|
|
{
|
|
"description": "Threats of direct impact of warfare activities.",
|
|
"expanded": "Damage from the warfare",
|
|
"value": "damage-from-the-wafare"
|
|
},
|
|
{
|
|
"description": "Threats from terrorists.",
|
|
"expanded": "Terrorist attack",
|
|
"value": "terrorist-attack"
|
|
}
|
|
],
|
|
"predicate": "physical-attack"
|
|
},
|
|
{
|
|
"entry": [
|
|
{
|
|
"description": "Information leak / sharing caused by humans, due to their mistakes.",
|
|
"expanded": "Information leak /sharing due to human error",
|
|
"value": "information-leak-or-sharing-due-to-human-error"
|
|
},
|
|
{
|
|
"value": "accidental-leaks-or-sharing-of-data-by-employees",
|
|
"expanded": "Accidental leaks/sharing of data by employees",
|
|
"description": "Unintentional distribution of private or sensitive data to an unauthorized entity by a staff member."
|
|
},
|
|
{
|
|
"value": "leaks-of-data-via-mobile-applications",
|
|
"expanded": "Leaks of data via mobile applications",
|
|
"description": "Threat of leaking private data (a result of using applications for mobile devices)."
|
|
},
|
|
{
|
|
"value": "leaks-of-data-via-web-applications",
|
|
"expanded": "Leaks of data via Web applications",
|
|
"description": "Threat of leaking important information using web applications."
|
|
},
|
|
{
|
|
"value": "leaks-of-information-transferred-by-network",
|
|
"expanded": "Leaks of information transferred by network",
|
|
"description": "Threat of eavesdropping of unsecured network traffic."
|
|
},
|
|
{
|
|
"value": "erroneous-use-or-administration-of-devices-and-systems",
|
|
"expanded": "Erroneous use or administration of devices and systems",
|
|
"description": "Information leak / sharing / damage caused by misuse of IT assets (lack of awareness of application features) or wrong / improper IT assets configuration or management."
|
|
},
|
|
{
|
|
"value": "loss-of-information-due-to-maintenance-errors-or-operators-errors",
|
|
"expanded": "Loss of information due to maintenance errors / operators' errors",
|
|
"description": "Threat of loss of information by incorrectly performed maintenance of devices or systems or other operator activities."
|
|
},
|
|
{
|
|
"value": "loss-of-information-due-to-configuration-or-installation error",
|
|
"expanded": "Loss of information due to configuration/ installation error",
|
|
"description": "Threat of loss of information due to errors in installation or system configuration."
|
|
},
|
|
{
|
|
"value": "increasing-recovery-time",
|
|
"expanded": "Increasing recovery time",
|
|
"description": "Threat of unavailability of information due to errors in the use of backup media and increasing information recovery time."
|
|
},
|
|
{
|
|
"value": "lost-of-information-due-to-user-errors",
|
|
"expanded": "Loss of information due to user errors",
|
|
"description": "Threat of unavailability of information or damage to IT assets caused by user errors (using IT infrastructure) or IT software recovery time."
|
|
},
|
|
{
|
|
"value": "using-information-from-an-unreliable-source",
|
|
"expanded": "Using information from an unreliable source",
|
|
"description": "Bad decisions based on unreliable sources of information or unchecked information."
|
|
},
|
|
{
|
|
"value": "unintentional-change-of-data-in-an-information-system",
|
|
"expanded": "Unintentional change of data in an information system",
|
|
"description": "Loss of information integrity due to human error (information system user mistake)."
|
|
},
|
|
{
|
|
"value": "inadequate-design-and-planning-or-improper-adaptation",
|
|
"expanded": "Inadequate design and planning or improper adaptation",
|
|
"description": "Threats caused by improper IT assets or business processes design (inadequate specifications of IT products, inadequate usability, insecure interfaces, policy/procedure flows, design errors)."
|
|
},
|
|
{
|
|
"value": "damage-caused-by-a-third-party",
|
|
"expanded": "Damage caused by a third party",
|
|
"description": "Threats of damage to IT assets caused by third party."
|
|
},
|
|
{
|
|
"value": "security-failure-caused-by-third-party",
|
|
"expanded": "Security failure caused by third party",
|
|
"description": "Threats of damage to IT assets caused by breach of security regulations by third party."
|
|
},
|
|
{
|
|
"value": "damages-resulting-from-penetration-testing",
|
|
"expanded": "Damages resulting from penetration testing",
|
|
"description": "Threats to information systems caused by conducting IT penetration tests inappropriately."
|
|
},
|
|
{
|
|
"value": "loss-of-information-in-the-cloud",
|
|
"expanded": "Loss of information in the cloud",
|
|
"description": "Threats of losing information or data stored in the cloud."
|
|
},
|
|
{
|
|
"value": "loss-of-(integrity-of)-sensitive-information",
|
|
"expanded": "Loss of (integrity of) sensitive information",
|
|
"description": "Threats of losing information or data, or changing information classified as sensitive."
|
|
},
|
|
{
|
|
"value": "loss-of-integrity-of-certificates",
|
|
"expanded": "Loss of integrity of certificates",
|
|
"description": "Threat of losing integrity of certificates used for authorisation services"
|
|
},
|
|
{
|
|
"value": "loss-of-devices-and-storage-media-and-documents",
|
|
"expanded": "Loss of devices, storage media and documents",
|
|
"description": "Threats of unavailability (losing) of IT assets and documents."
|
|
},
|
|
{
|
|
"value": "loss-of-devices-or-mobile-devices",
|
|
"expanded": "Loss of devices/ mobile devices",
|
|
"description": "Threat of losing mobile devices."
|
|
},
|
|
{
|
|
"value": "loss-of-storage-media",
|
|
"expanded": "Loss of storage media",
|
|
"description": "Threat of losing data-storage media."
|
|
},
|
|
{
|
|
"value": "loss-of-documentation-of-IT-Infrastructure",
|
|
"expanded": "Loss of documentation of IT Infrastructure",
|
|
"description": "Threat of losing important documentation."
|
|
},
|
|
{
|
|
"value": "destruction-of-records",
|
|
"expanded": "Destruction of records",
|
|
"description": "Threats of unavailability (destruction) of data and records (information) stored in devices and storage media."
|
|
},
|
|
{
|
|
"value": "infection-of-removable-media",
|
|
"expanded": "Infection of removable media",
|
|
"description": "Threat of loss of important data due to using removable media, web or mail infection."
|
|
},
|
|
{
|
|
"value": "abuse-of-storage",
|
|
"expanded": "Abuse of storage",
|
|
"description": "Threat of loss of records by improper /unauthorised use of storage devices."
|
|
}
|
|
],
|
|
"predicate": "unintentional-damage"
|
|
},
|
|
{
|
|
"predicate": "disaster",
|
|
"entry": [
|
|
{
|
|
"value": "disaster",
|
|
"expanded": "Disaster (natural earthquakes, floods, landslides, tsunamis, heavy rains, heavy snowfalls, heavy winds)",
|
|
"description": "Large scale natural disasters."
|
|
},
|
|
{
|
|
"value": "fire",
|
|
"expanded": "Fire",
|
|
"description": "Threat of fire."
|
|
},
|
|
{
|
|
"value": "pollution-dust-corrosion",
|
|
"expanded": "Pollution, dust, corrosion",
|
|
"description": "Threat of disruption of work of IT systems (hardware) due to pollution, dust or corrosion (arising from the air)."
|
|
},
|
|
{
|
|
"value": "thunderstrike",
|
|
"expanded": "Thunderstrike",
|
|
"description": "Threat of damage to IT hardware caused by thunder strike (overvoltage)."
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"predicates": [
|
|
{
|
|
"description": "Threats of intentional, hostile human actions.",
|
|
"expanded": "Physical attack (deliberate/intentional).",
|
|
"value": "physical-attack"
|
|
},
|
|
{
|
|
"description": "Threats of unintentional human actions or errors.",
|
|
"expanded": "Unintentional damage / loss of information or IT assets.",
|
|
"value": "unintentional-damage"
|
|
},
|
|
{
|
|
"description": "Threats of damage to information assets caused by natural or environmental factors.",
|
|
"expanded": "Disaster (natural, environmental).",
|
|
"value": "disaster"
|
|
},
|
|
{
|
|
"description": "Threat of failure/malfunction of IT supporting infrastructure (i.e. degradation of quality, improper working parameters, jamming). The cause of a failure is mostly an internal issue (e.g.. overload of the power grid in a building).",
|
|
"expanded": "Failures/ Malfunction.",
|
|
"value": "failures-malfunction"
|
|
},
|
|
{
|
|
"description": "Threat of complete lack or loss of resources necessary for IT infrastructure. The cause of an outage is mostly an external issue (i.e electricity blackout in the whole city).",
|
|
"expanded": "Outages.",
|
|
"value": "outages"
|
|
},
|
|
{
|
|
"description": "Threats that alter communication between two parties. These attacks do not have to install additional tools/software on a victim's site.",
|
|
"expanded": "Eavesdropping/ Interception/ Hijacking",
|
|
"value": "eavesdropping-interception-hijacking"
|
|
},
|
|
{
|
|
"description": "Threats of nefarious activities that require use of tools by the attacker. These attacks require installation of additional tools/software or performing additional steps on the victim's IT infrastructure/software.",
|
|
"expanded": "Nefarious Activity/ Abuse",
|
|
"value": "nefarious-activity-abuse"
|
|
},
|
|
{
|
|
"description": "Threat of financial or legal penalty or loss of trust of customers and collaborators due to legislation.",
|
|
"expanded": "Legal",
|
|
"value": "legal"
|
|
}
|
|
],
|
|
"version": 1,
|
|
"description": "The present threat taxonomy is an initial version that has been developed on the basis of available ENISA material. This material has been used as an ENISA-internal structuring aid for information collection and threat consolidation purposes. It emerged in the time period 2012-2015.",
|
|
"expanded": "ENISA Threat Taxonomy",
|
|
"namespace": "enisa"
|
|
}
|