936 lines
46 KiB
JSON
936 lines
46 KiB
JSON
{
|
|
"values": [
|
|
{
|
|
"entry": [
|
|
{
|
|
"description": "Fraud committed by humans.",
|
|
"expanded": "Fraud",
|
|
"value": "fraud"
|
|
},
|
|
{
|
|
"description": "Fraud committed by employees or others that are in relation with entities, who have access to entities' information and IT assets.",
|
|
"expanded": "Fraud committed by employees",
|
|
"value": "fraud-by-employees"
|
|
},
|
|
{
|
|
"description": "Intentional actions (non-fulfilment or defective fulfilment of personal duties) aimed to cause disruption or damage to IT assets.",
|
|
"expanded": "Sabotage",
|
|
"value": "sabotage"
|
|
},
|
|
{
|
|
"description": "Act of physically damaging IT assets.",
|
|
"expanded": "Vandalism",
|
|
"value": "vandalism"
|
|
},
|
|
{
|
|
"description": "Stealing information or IT assets. Robbery.",
|
|
"expanded": "Theft (of devices, storage media and documents)",
|
|
"value": "theft"
|
|
},
|
|
{
|
|
"description": "Taking away another person's property in the form of mobile devices, for example smartphones, tablets.",
|
|
"expanded": "Theft of mobile devices (smartphones/ tablets)",
|
|
"value": "theft-of-mobile-devices"
|
|
},
|
|
{
|
|
"description": "Taking away another person's hardware property (except mobile devices), which often contains business-sensitive data.",
|
|
"expanded": "Theft of fixed hardware",
|
|
"value": "theft-of-fixed-hardware"
|
|
},
|
|
{
|
|
"description": "Stealing documents from private/company archives, often for the purpose of re-sale or to achieve personal benefits.",
|
|
"expanded": "Theft of documents",
|
|
"value": "theft-of-documents"
|
|
},
|
|
{
|
|
"description": "Stealing media devices, on which copies of essential information are kept.",
|
|
"expanded": "Theft of backups",
|
|
"value": "theft-of-backups"
|
|
},
|
|
{
|
|
"description": "Sharing information with unauthorised entities. Loss of information confidentiality due to intentional human actions (e.g., information leak may occur due to loss of paper copies of confidential information).",
|
|
"expanded": "Information leak /sharing",
|
|
"value": "information-leak-or-unauthorised-sharing"
|
|
},
|
|
{
|
|
"description": "Unapproved access to facility.",
|
|
"expanded": "Unauthorized physical access / Unauthorised entry to premises",
|
|
"value": "unauthorised-physical-access-or-unauthorised-entry-to-premises"
|
|
},
|
|
{
|
|
"description": "Actions following acts of coercion, extortion or corruption.",
|
|
"expanded": "Coercion, extortion or corruption",
|
|
"value": "coercion-or-extortion-or-corruption"
|
|
},
|
|
{
|
|
"description": "Threats of direct impact of warfare activities.",
|
|
"expanded": "Damage from the warfare",
|
|
"value": "damage-from-the-wafare"
|
|
},
|
|
{
|
|
"description": "Threats from terrorists.",
|
|
"expanded": "Terrorist attack",
|
|
"value": "terrorist-attack"
|
|
}
|
|
],
|
|
"predicate": "physical-attack"
|
|
},
|
|
{
|
|
"entry": [
|
|
{
|
|
"description": "Information leak / sharing caused by humans, due to their mistakes.",
|
|
"expanded": "Information leak /sharing due to human error",
|
|
"value": "information-leak-or-sharing-due-to-human-error"
|
|
},
|
|
{
|
|
"value": "accidental-leaks-or-sharing-of-data-by-employees",
|
|
"expanded": "Accidental leaks/sharing of data by employees",
|
|
"description": "Unintentional distribution of private or sensitive data to an unauthorized entity by a staff member."
|
|
},
|
|
{
|
|
"value": "leaks-of-data-via-mobile-applications",
|
|
"expanded": "Leaks of data via mobile applications",
|
|
"description": "Threat of leaking private data (a result of using applications for mobile devices)."
|
|
},
|
|
{
|
|
"value": "leaks-of-data-via-web-applications",
|
|
"expanded": "Leaks of data via Web applications",
|
|
"description": "Threat of leaking important information using web applications."
|
|
},
|
|
{
|
|
"value": "leaks-of-information-transferred-by-network",
|
|
"expanded": "Leaks of information transferred by network",
|
|
"description": "Threat of eavesdropping of unsecured network traffic."
|
|
},
|
|
{
|
|
"value": "erroneous-use-or-administration-of-devices-and-systems",
|
|
"expanded": "Erroneous use or administration of devices and systems",
|
|
"description": "Information leak / sharing / damage caused by misuse of IT assets (lack of awareness of application features) or wrong / improper IT assets configuration or management."
|
|
},
|
|
{
|
|
"value": "loss-of-information-due-to-maintenance-errors-or-operators-errors",
|
|
"expanded": "Loss of information due to maintenance errors / operators' errors",
|
|
"description": "Threat of loss of information by incorrectly performed maintenance of devices or systems or other operator activities."
|
|
},
|
|
{
|
|
"value": "loss-of-information-due-to-configuration-or-installation error",
|
|
"expanded": "Loss of information due to configuration/ installation error",
|
|
"description": "Threat of loss of information due to errors in installation or system configuration."
|
|
},
|
|
{
|
|
"value": "increasing-recovery-time",
|
|
"expanded": "Increasing recovery time",
|
|
"description": "Threat of unavailability of information due to errors in the use of backup media and increasing information recovery time."
|
|
},
|
|
{
|
|
"value": "lost-of-information-due-to-user-errors",
|
|
"expanded": "Loss of information due to user errors",
|
|
"description": "Threat of unavailability of information or damage to IT assets caused by user errors (using IT infrastructure) or IT software recovery time."
|
|
},
|
|
{
|
|
"value": "using-information-from-an-unreliable-source",
|
|
"expanded": "Using information from an unreliable source",
|
|
"description": "Bad decisions based on unreliable sources of information or unchecked information."
|
|
},
|
|
{
|
|
"value": "unintentional-change-of-data-in-an-information-system",
|
|
"expanded": "Unintentional change of data in an information system",
|
|
"description": "Loss of information integrity due to human error (information system user mistake)."
|
|
},
|
|
{
|
|
"value": "inadequate-design-and-planning-or-improper-adaptation",
|
|
"expanded": "Inadequate design and planning or improper adaptation",
|
|
"description": "Threats caused by improper IT assets or business processes design (inadequate specifications of IT products, inadequate usability, insecure interfaces, policy/procedure flows, design errors)."
|
|
},
|
|
{
|
|
"value": "damage-caused-by-a-third-party",
|
|
"expanded": "Damage caused by a third party",
|
|
"description": "Threats of damage to IT assets caused by third party."
|
|
},
|
|
{
|
|
"value": "security-failure-caused-by-third-party",
|
|
"expanded": "Security failure caused by third party",
|
|
"description": "Threats of damage to IT assets caused by breach of security regulations by third party."
|
|
},
|
|
{
|
|
"value": "damages-resulting-from-penetration-testing",
|
|
"expanded": "Damages resulting from penetration testing",
|
|
"description": "Threats to information systems caused by conducting IT penetration tests inappropriately."
|
|
},
|
|
{
|
|
"value": "loss-of-information-in-the-cloud",
|
|
"expanded": "Loss of information in the cloud",
|
|
"description": "Threats of losing information or data stored in the cloud."
|
|
},
|
|
{
|
|
"value": "loss-of-(integrity-of)-sensitive-information",
|
|
"expanded": "Loss of (integrity of) sensitive information",
|
|
"description": "Threats of losing information or data, or changing information classified as sensitive."
|
|
},
|
|
{
|
|
"value": "loss-of-integrity-of-certificates",
|
|
"expanded": "Loss of integrity of certificates",
|
|
"description": "Threat of losing integrity of certificates used for authorisation services"
|
|
},
|
|
{
|
|
"value": "loss-of-devices-and-storage-media-and-documents",
|
|
"expanded": "Loss of devices, storage media and documents",
|
|
"description": "Threats of unavailability (losing) of IT assets and documents."
|
|
},
|
|
{
|
|
"value": "loss-of-devices-or-mobile-devices",
|
|
"expanded": "Loss of devices/ mobile devices",
|
|
"description": "Threat of losing mobile devices."
|
|
},
|
|
{
|
|
"value": "loss-of-storage-media",
|
|
"expanded": "Loss of storage media",
|
|
"description": "Threat of losing data-storage media."
|
|
},
|
|
{
|
|
"value": "loss-of-documentation-of-IT-Infrastructure",
|
|
"expanded": "Loss of documentation of IT Infrastructure",
|
|
"description": "Threat of losing important documentation."
|
|
},
|
|
{
|
|
"value": "destruction-of-records",
|
|
"expanded": "Destruction of records",
|
|
"description": "Threats of unavailability (destruction) of data and records (information) stored in devices and storage media."
|
|
},
|
|
{
|
|
"value": "infection-of-removable-media",
|
|
"expanded": "Infection of removable media",
|
|
"description": "Threat of loss of important data due to using removable media, web or mail infection."
|
|
},
|
|
{
|
|
"value": "abuse-of-storage",
|
|
"expanded": "Abuse of storage",
|
|
"description": "Threat of loss of records by improper /unauthorised use of storage devices."
|
|
}
|
|
],
|
|
"predicate": "unintentional-damage"
|
|
},
|
|
{
|
|
"predicate": "disaster",
|
|
"entry": [
|
|
{
|
|
"value": "disaster",
|
|
"expanded": "Disaster (natural earthquakes, floods, landslides, tsunamis, heavy rains, heavy snowfalls, heavy winds)",
|
|
"description": "Large scale natural disasters."
|
|
},
|
|
{
|
|
"value": "fire",
|
|
"expanded": "Fire",
|
|
"description": "Threat of fire."
|
|
},
|
|
{
|
|
"value": "pollution-dust-corrosion",
|
|
"expanded": "Pollution, dust, corrosion",
|
|
"description": "Threat of disruption of work of IT systems (hardware) due to pollution, dust or corrosion (arising from the air)."
|
|
},
|
|
{
|
|
"value": "thunderstrike",
|
|
"expanded": "Thunderstrike",
|
|
"description": "Threat of damage to IT hardware caused by thunder strike (overvoltage)."
|
|
},
|
|
{
|
|
"value": "water",
|
|
"expanded": "Water",
|
|
"description": "Threat of damage to IT hardware caused by water."
|
|
},
|
|
{
|
|
"value": "explosion",
|
|
"expanded": "Explosion",
|
|
"description": "Threat of damage to IT hardware caused by explosion."
|
|
},
|
|
{
|
|
"value": "dangerous-radiation-leak",
|
|
"expanded": "Dangerous radiation leak",
|
|
"description": "Threat of damage to IT hardware caused by radiation leak."
|
|
},
|
|
{
|
|
"value": "unfavourable-climatic-conditions",
|
|
"expanded": "Unfavourable climatic conditions",
|
|
"description": "Threat of disruption of work of IT systems due to climatic conditions that have a negative effect on hardware."
|
|
},
|
|
{
|
|
"value": "loss-of-data-or-accessibility-of-IT-infrastructure-as-a-result-of-heightened-humidity",
|
|
"expanded": "Loss of data or accessibility of IT infrastructure as a result of heightened humidity",
|
|
"description": "Threat of disruption of work of IT systems due to high humidity."
|
|
},
|
|
{
|
|
"value": "lost-of-data-or-accessibility-of-IT-infrastructure-as-a-result-of-very-high-temperature",
|
|
"expanded": "Lost of data or accessibility of IT infrastructure as a result of very high temperature",
|
|
"description": "Threat of disruption of work of IT systems due to high or low temperature."
|
|
},
|
|
{
|
|
"value": "threats-from-space-or-electromagnetic-storm",
|
|
"expanded": "Threats from space / Electromagnetic storm",
|
|
"description": "Threats of the negative impact of solar radiation to satellites and radio wave communication systems - electromagnetic storm."
|
|
},
|
|
{
|
|
"value": "wildlife",
|
|
"expanded": "Wildlife",
|
|
"description": "Threat of destruction of IT assets caused by animals: mice, rats, birds."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"predicate": "failures-malfunction",
|
|
"entry": [
|
|
{
|
|
"value": "failure-of-devices-or-systems",
|
|
"expanded": "Failure of devices or systems",
|
|
"description": "Threat of failure of IT hardware and/or software assets or its parts."
|
|
},
|
|
{
|
|
"value": "failure-of-data-media",
|
|
"expanded": "Failure of data media",
|
|
"description": "Threat of failure of data media."
|
|
},
|
|
{
|
|
"value": "hardware-failure",
|
|
"expanded": "Hardware failure",
|
|
"description": "Threat of failure of IT hardware."
|
|
},
|
|
{
|
|
"value": "failure-of-applications-and-services",
|
|
"expanded": "Failure of applications and services",
|
|
"description": "Threat of failure of software/applications or services."
|
|
},
|
|
{
|
|
"value": "failure-of-parts-of-devices-connectors-plug-ins",
|
|
"expanded": "Failure of parts of devices (connectors, plug-ins)",
|
|
"description": "Threat of failure of IT equipment or its part."
|
|
},
|
|
{
|
|
"value": "failure-or-disruption-of-communication-links-communication networks",
|
|
"expanded": "Failure or disruption of communication links (communication networks)",
|
|
"description": "Threat of failure or malfunction of communications links."
|
|
|
|
},
|
|
{
|
|
"value": "failure-of-cable-networks",
|
|
"expanded": "Failure of cable networks",
|
|
"description": "Threat of failure of communications links due to problems with cable network."
|
|
},
|
|
{
|
|
"value": "failure-of-wireless-networks",
|
|
"expanded": "Failure of wireless networks",
|
|
"description": "Threat of failure of communications links due to problems with wireless networks."
|
|
},
|
|
{
|
|
"value": "failure-of-mobile-networks",
|
|
"expanded": "Failure of mobile networks",
|
|
"description": "Threat of failure of communications links due to problems with mobile networks."
|
|
},
|
|
{
|
|
"value": "failure-or-disruption-of-main-supply",
|
|
"expanded": "Failure or disruption of main supply",
|
|
"description": "Threat of failure or disruption of supply required for information systems."
|
|
},
|
|
{
|
|
"value": "failure-or-disruption-of-power-supply",
|
|
"expanded": "Failure or disruption of power supply",
|
|
"description": "Threat of failure or malfunction of power supply."
|
|
},
|
|
{
|
|
"value": "failure-of-cooling-infrastructure",
|
|
"expanded": "Failure of cooling infrastructure",
|
|
"description": "Threat of failure of IT assets due to improper work of cooling infrastructure."
|
|
},
|
|
{
|
|
"value": "failure-or-disruption-of-service-providers-supply-chain",
|
|
"expanded": "Failure or disruption of service providers (supply chain)",
|
|
"description": "Threat of failure or disruption of third party services required for proper operation of information systems."
|
|
},
|
|
{
|
|
"value": "malfunction-of-equipment-devices-or-systems",
|
|
"expanded": "Malfunction of equipment (devices or systems)",
|
|
"description": "Threat of malfunction of IT hardware and/or software assets or its parts (i.e. improper working parameters, jamming, rebooting)."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"predicate": "outages",
|
|
"entry": [
|
|
{
|
|
"value": "absence-of-personnel",
|
|
"expanded": "Absence of personnel",
|
|
"description": "Unavailability of key personnel and their competences."
|
|
},
|
|
{
|
|
"value": "strike",
|
|
"expanded": "Strike",
|
|
"description": "Unavailability of staff due to a strike (large scale absence of personnel)."
|
|
},
|
|
{
|
|
"value": "loss-of-support-services",
|
|
"expanded": "Loss of support services",
|
|
"description": "Unavailability of support services required for proper operation of the information system."
|
|
},
|
|
{
|
|
"value": "internet-outage",
|
|
"expanded": "Internet outage",
|
|
"description": "Unavailability of the Internet connection."
|
|
},
|
|
{
|
|
"value": "network-outage",
|
|
"expanded": "Network outage",
|
|
"description": "Unavailability of communication links."
|
|
},
|
|
{
|
|
"value": "outage-of-cable-networks",
|
|
"expanded": "Outage of cable networks",
|
|
"description": "Threat of lack of communications links due to problems with cable network."
|
|
},
|
|
{
|
|
"value": "Outage-of-short-range-wireless-networks",
|
|
"expanded": "Outage of short-range wireless networks",
|
|
"description": "Threat of lack of communications links due to problems with wireless networks (802.11 networks, Bluetooth, NFC etc.)."
|
|
},
|
|
{
|
|
"value": "outages-of-long-range-wireless-networks",
|
|
"expanded": "Outages of long-range wireless networks",
|
|
"description": "Threat of lack of communications links due to problems with mobile networks like cellular network (3G, LTE, GSM etc.) or satellite links."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"predicate": "eavesdropping-interception-hijacking",
|
|
"entry": [
|
|
{
|
|
"value": "war-driving",
|
|
"expanded": "War driving",
|
|
"description": "Threat of locating and possibly exploiting connection to the wireless network."
|
|
},
|
|
{
|
|
"value": "intercepting-compromising-emissions",
|
|
"expanded": "Intercepting compromising emissions",
|
|
"description": "Threat of disclosure of transmitted information using interception and analysis of compromising emission."
|
|
},
|
|
{
|
|
"value": "interception-of-information",
|
|
"expanded": "Interception of information",
|
|
"description": "Threat of interception of information which is improperly secured in transmission or by improper actions of staff."
|
|
},
|
|
{
|
|
"value": "corporate-espionage",
|
|
"expanded": "Corporate espionage",
|
|
"description": "Threat of obtaining information secrets by dishonest means."
|
|
},
|
|
{
|
|
"value": "nation-state-espionage",
|
|
"expanded": "Nation state espionage",
|
|
"description": "Threats of stealing information by nation state espionage (e.g. China based governmental espionage, NSA from USA)."
|
|
},
|
|
{
|
|
"value": "information-leakage-due-to-unsecured-wi-fi-like-rogue-access-points",
|
|
"expanded": "Information leakage due to unsecured Wi-Fi, rogue access points",
|
|
"description": "Threat of obtaining important information by insecure network rogue access points etc."
|
|
},
|
|
{
|
|
"value": "interfering-radiation",
|
|
"expanded": "Interfering radiation",
|
|
"description": "Threat of failure of IT hardware or transmission connection due to electromagnetic induction or electromagnetic radiation emitted by an outside source."
|
|
},
|
|
{
|
|
"value": "replay-of-messages",
|
|
"expanded": "Replay of messages",
|
|
"description": "Threat in which valid data transmission is maliciously or fraudulently repeated or delayed."
|
|
},
|
|
{
|
|
"value": "network-reconnaissance-network-traffic-manipulation-and-information-gathering",
|
|
"expanded": "Network Reconnaissance, Network traffic manipulation and Information gathering",
|
|
"description": "Threat of identifying information about a network to find security weaknesses."
|
|
},
|
|
{
|
|
"value": "man-in-the-middle-session-hijacking",
|
|
"expanded": "Man in the middle/ Session hijacking",
|
|
"description": "Threats that relay or alter communication between two parties."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"predicate": "legal",
|
|
"entry": [
|
|
{
|
|
"value": "violation-of-rules-and-regulations-breach-of-legislation",
|
|
"expanded": "Violation of rules and regulations / Breach of legislation",
|
|
"description": "Threat of financial or legal penalty or loss of trust of customers and collaborators due to violation of law or regulations."
|
|
},
|
|
{
|
|
"value": "failure-to-meet-contractual-requirements",
|
|
"expanded": "Failure to meet contractual requirements",
|
|
"description": "Threat of financial penalty or loss of trust of customers and collaborators due to failure to meet contractual requirements."
|
|
},
|
|
{
|
|
"value": "failure-to-meet-contractual-requirements-by-third-party",
|
|
"expanded": "Failure to meet contractual requirements by third party",
|
|
"description": "Threat of financial penalty or loss of trust of customers and collaborators due to a third party's failure to meet contractual requirements"
|
|
},
|
|
{
|
|
"value": "unauthorized-use-of-IPR-protected-resources",
|
|
"expanded": "Unauthorized use of IPR protected resources",
|
|
"description": "Threat of financial or legal penalty or loss of trust of customers and collaborators due to improper/illegal use of IPR protected material (IPR- Intellectual Property Rights."
|
|
},
|
|
{
|
|
"value": "illegal-usage-of-file-sharing-services",
|
|
"expanded": "Illegal usage of File Sharing services",
|
|
"description": "Threat of financial or legal penalty or loss of trust of customers and collaborators due to improper/illegal use of file sharing services."
|
|
},
|
|
{
|
|
"value": "abuse-of-personal-data",
|
|
"expanded": "Abuse of personal data",
|
|
"description": "Threat of illegal use of personal data."
|
|
},
|
|
{
|
|
"value": "judiciary-decisions-or-court-order",
|
|
"expanded": "Judiciary decisions/court order",
|
|
"description": "Threat of financial or legal penalty or loss of trust of customers and collaborators due to judiciary decisions/court order."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"predicate": "nefarious-activity-abuse",
|
|
"entry": [
|
|
{
|
|
"value": "identity-theft-identity-fraud-account)",
|
|
"expanded": "Identity theft (Identity Fraud/ Account)",
|
|
"description": "Threat of identity theft action."
|
|
},
|
|
{
|
|
"value": "credentials-stealing-trojans",
|
|
"expanded": "Credentials-stealing trojans",
|
|
"description": "Threat of identity theft action by malware computer programs."
|
|
},
|
|
{
|
|
"value": "receiving-unsolicited-e-mail",
|
|
"expanded": "Receiving unsolicited E-mail",
|
|
"description": "Threat of receiving unsolicited email which affects information security and efficiency."
|
|
},
|
|
{
|
|
"value": "spam",
|
|
"expanded": "SPAM",
|
|
"description": "Threat of receiving unsolicited, undesired, or illegal email messages."
|
|
},
|
|
{
|
|
"value": "unsolicited-infected-e-mails",
|
|
"expanded": "Unsolicited infected e-mails",
|
|
"description": "Threat emanating from unwanted emails that may contain infected attachments or links to malicious / infected web sites."
|
|
},
|
|
{
|
|
"value": "denial-of-service",
|
|
"expanded": "Denial of service",
|
|
"description": "Threat of service unavailability due to massive requests for services."
|
|
},
|
|
{
|
|
"value": "distributed-denial-of-network-service-network-layer-attack",
|
|
"expanded": "Distributed denial of network service (DDoS) (network layer attack i.e. Protocol exploitation / Malformed packets / Flooding / Spoofing)",
|
|
"description": "Threat of service unavailability due to a massive number of requests for access to network services from malicious clients."
|
|
},
|
|
{
|
|
"value": "distributed-denial-of-network-service-application-layer-attack",
|
|
"expanded": "Distributed denial of application service (DDoS) (application layer attack i.e. Ping of Death / XDoS / WinNuke / HTTP Floods)",
|
|
"description": "Threat of service unavailability due to massive requests sent by multiple malicious clients."
|
|
},
|
|
{
|
|
"value": "distributed-denial-of-network-service-amplification-reflection-attack",
|
|
"expanded": "Distributed DoS (DDoS) to both network and application services (amplification/reflection methods i.e. NTP/ DNS /.../ BitTorrent)",
|
|
"description": "Threat of creating a massive number of requests, using multiplication/amplification methods."
|
|
},
|
|
{
|
|
"value": "malicious-code-software-activity",
|
|
"expanded": "Malicious code/ software/ activity"
|
|
},
|
|
{
|
|
"value": "search-engine-poisoning",
|
|
"expanded": "Search Engine Poisoning",
|
|
"description": "Threat of deliberate manipulation of search engine indexes."
|
|
},
|
|
{
|
|
"value": "exploitation-of-fake-trust-of-social-media",
|
|
"expanded": "Exploitation of fake trust of social media",
|
|
"description": "Threat of malicious activities making use of trusted social media."
|
|
},
|
|
{
|
|
"value": "worms-trojans",
|
|
"expanded": "Worms/ Trojans",
|
|
"description": "Threat of malware computer programs (trojans/worms)."
|
|
},
|
|
{
|
|
"value": "rootkits",
|
|
"expanded": "Rootkits",
|
|
"description": "Threat of stealthy types of malware software."
|
|
},
|
|
{
|
|
"value": "mobile-malware",
|
|
"expanded": "Mobile malware",
|
|
"description": "Threat of mobile malware programs."
|
|
},
|
|
{
|
|
"value": "infected-trusted-mobile-apps",
|
|
"expanded": "Infected trusted mobile apps",
|
|
"description": "Threat of using mobile malware software that is recognised as trusted one."
|
|
},
|
|
{
|
|
"value": "elevation-of-privileges",
|
|
"expanded": "Elevation of privileges",
|
|
"description": "Threat of exploiting bugs, design flaws or configuration oversights in an operating system or software application to gain elevated access to resources."
|
|
},
|
|
{
|
|
"value": "web-application-attacks-injection-attacks-code-injection-SQL-XSS",
|
|
"expanded": "Web application attacks / injection attacks (Code injection: SQL, XSS)",
|
|
"description": "Threat of utilizing custom web applications embedded within social media sites, which can lead to installation of malicious code onto computers to be used to gain unauthorized access."
|
|
},
|
|
{
|
|
"value": "spyware-or-deceptive-adware",
|
|
"expanded": "Spyware or deceptive adware",
|
|
"description": "Threat of using software that aims to gather information about a person or organization without their knowledge."
|
|
},
|
|
{
|
|
"value": "viruses",
|
|
"expanded": "Viruses",
|
|
"description": "Threat of infection by viruses."
|
|
},
|
|
{
|
|
"value": "rogue-security-software-rogueware-scareware",
|
|
"expanded": "Rogue security software/ Rogueware / Scareware",
|
|
"description": "Threat of internet fraud or malicious software that mislead users into believing there is a virus on their computer, and manipulates them to pay money for fake removal tool."
|
|
},
|
|
{
|
|
"value": "ransomware",
|
|
"expanded": "Ransomware",
|
|
"description": "Threat of infection of computer system or device by malware that restricts access to it and demands that the user pay a ransom to remove the restriction."
|
|
},
|
|
{
|
|
"value": "exploits-exploit-kits",
|
|
"expanded": "Exploits/Exploit Kits",
|
|
"description": "Threat to IT assets due to the use of web available exploits or exploits software."
|
|
},
|
|
{
|
|
"value": "social-engineering",
|
|
"expanded": "Social Engineering",
|
|
"description": "Threat of social engineering type attacks (target: manipulation of personnel behaviour)."
|
|
},
|
|
{
|
|
"value": "phishing-attacks",
|
|
"expanded": "Phishing attacks",
|
|
"description": "Threat of an email fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients. Typically, the messages appear to come from well-known and trustworthy websites."
|
|
},
|
|
{
|
|
"value": "spear-phishing-attacks",
|
|
"expanded": "Spear phishing attacks",
|
|
"description": "Spear-phishing is a targeted e-mail message that has been crafted to create fake trust and thus lure the victim to unveil some business or personal secrets that can be abused by the adversary."
|
|
},
|
|
{
|
|
"value": "abuse-of-information-leakage",
|
|
"expanded": "Abuse of Information Leakage",
|
|
"description": "Threat of leaking important information."
|
|
},
|
|
{
|
|
"value": "leakage-affecting-mobile-privacy-and-mobile-applications",
|
|
"expanded": "Leakage affecting mobile privacy and mobile applications",
|
|
"description": "Threat of leaking important information due to using malware mobile applications."
|
|
},
|
|
{
|
|
"value": "leakage-affecting-web-privacy-and-web-applications",
|
|
"expanded": "Leakage affecting web privacy and web applications",
|
|
"description": "Threat of leakage important information due to using malware web applications."
|
|
},
|
|
{
|
|
"value": "leakage-affecting-network-traffic",
|
|
"expanded": "Leakage affecting network traffic",
|
|
"description": "Threat of leaking important information in network traffic."
|
|
},
|
|
{
|
|
"value": "leakage-affecting-cloud-computing",
|
|
"expanded": "Leakage affecting cloud computing",
|
|
"description": "Threat of leaking important information in cloud computing."
|
|
},
|
|
{
|
|
"value": "generation-and-use-of-rogue-certificates",
|
|
"expanded": "Generation and use of rogue certificates",
|
|
"description": "Threat of use of rogue certificates."
|
|
},
|
|
{
|
|
"value": "loss-of-integrity-of-sensitive-information",
|
|
"expanded": "Loss of (integrity of) sensitive information",
|
|
"description": "Threat of loss of sensitive information due to loss of integrity."
|
|
},
|
|
{
|
|
"value": "man-in-the-middle-session-hijacking",
|
|
"expanded": "Man in the middle / Session hijacking",
|
|
"description": "Threat of attack consisting in the exploitation of the web session control mechanism, which is normally managed by a session token."
|
|
},
|
|
{
|
|
"value": "social-engineering-via-signed-malware",
|
|
"expanded": "Social Engineering / signed malware",
|
|
"description": "Threat of install fake trust signed software (malware) e.g. fake OS updates."
|
|
},
|
|
{
|
|
"value": "fake-SSL-certificates",
|
|
"expanded": "Fake SSL certificates",
|
|
"description": "Threat of attack due to malware application signed by a certificate that is typically inherently trusted by an endpoint."
|
|
},
|
|
{
|
|
"value": "manipulation-of-hardware-and-software",
|
|
"expanded": "Manipulation of hardware and software",
|
|
"description": "Threat of unauthorised manipulation of hardware and software."
|
|
},
|
|
{
|
|
"value": "anonymous-proxies",
|
|
"expanded": "Anonymous proxies",
|
|
"description": "Threat of unauthorised manipulation by anonymous proxies."
|
|
},
|
|
{
|
|
"value": "abuse-of-computing-power-of-cloud-to-launch-attacks-cybercrime-as-a-service)",
|
|
"expanded": "Abuse of computing power of cloud to launch attacks (cybercrime as a service)",
|
|
"description": "Threat of using large computing powers to generate attacks on demand."
|
|
},
|
|
{
|
|
"value": "abuse-of-vulnerabilities-0-day-vulnerabilities",
|
|
"expanded": "Abuse of vulnerabilities, 0-day vulnerabilities",
|
|
"description": "Threat of attacks using 0-day or known IT assets vulnerabilities."
|
|
},
|
|
{
|
|
"value": "access-of-web-sites-through-chains-of-HTTP-Proxies-Obfuscation",
|
|
"expanded": "Access of web sites through chains of HTTP Proxies (Obfuscation)",
|
|
"description": "Threat of bypassing the security mechanism using HTTP proxies (bypassing the website blacklist)."
|
|
},
|
|
{
|
|
"value": "access-to-device-software",
|
|
"expanded": "Access to device software",
|
|
"description": "Threat of unauthorised manipulation by access to device software."
|
|
},
|
|
{
|
|
"value": "alternation-of-software",
|
|
"expanded": "Alternation of software",
|
|
"description": "Threat of unauthorized modifications to code or data, attacking its integrity."
|
|
},
|
|
{
|
|
"value": "rogue-hardware",
|
|
"expanded": "Rogue hardware",
|
|
"description": "Threat of manipulation due to unauthorized access to hardware."
|
|
},
|
|
{
|
|
"value": "manipulation-of-information",
|
|
"expanded": "Manipulation of information",
|
|
"description": "Threat of intentional data manipulation to mislead information systems or somebody or to cover other nefarious activities (loss of integrity of information)."
|
|
},
|
|
{
|
|
"value": "repudiation-of-actions",
|
|
"expanded": "Repudiation of actions",
|
|
"description": "Threat of intentional data manipulation to repudiate action."
|
|
},
|
|
{
|
|
"value": "address-space-hijacking-IP-prefixes",
|
|
"expanded": "Address space hijacking (IP prefixes)",
|
|
"description": "Threat of the illegitimate takeover of groups of IP addresses."
|
|
},
|
|
{
|
|
"value": "routing-table-manipulation",
|
|
"expanded": "Routing table manipulation",
|
|
"description": "Threat of route packets of network to IP addresses other than that was intended via sender by unauthorised manipulation of routing table."
|
|
},
|
|
{
|
|
"value": "DNS-poisoning-or-DNS-spoofing-or-DNS-Manipulations",
|
|
"expanded": "DNS poisoning / DNS spoofing / DNS Manipulations",
|
|
"description": "Threat of falsification of DNS information."
|
|
},
|
|
{
|
|
"value": "falsification-of-record",
|
|
"expanded": "Falsification of record",
|
|
"description": "Threat of intentional data manipulation to falsify records."
|
|
},
|
|
{
|
|
"value": "autonomous-system-hijacking",
|
|
"expanded": "Autonomous System hijacking",
|
|
"description": "Threat of overtaking by the attacker the ownership of a whole autonomous system and its prefixes despite origin validation."
|
|
},
|
|
{
|
|
"value": "autonomous-system-manipulation",
|
|
"expanded": "Autonomous System manipulation",
|
|
"description": "Threat of manipulation by the attacker of a whole autonomous system in order to perform malicious actions."
|
|
},
|
|
{
|
|
"value": "falsification-of-configurations",
|
|
"expanded": "Falsification of configurations",
|
|
"description": "Threat of intentional manipulation due to falsification of configurations."
|
|
},
|
|
{
|
|
"value": "misuse-of-audit-tools",
|
|
"expanded": "Misuse of audit tools",
|
|
"description": "Threat of nefarious actions performed using audit tools (discovery of security weaknesses in information systems)"
|
|
},
|
|
{
|
|
"value": "misuse-of-information-or-information systems-including-mobile-apps",
|
|
"expanded": "Misuse of information/ information systems (including mobile apps)",
|
|
"description": "Threat of nefarious action due to misuse of information / information systems."
|
|
},
|
|
{
|
|
"value": "unauthorized-activities",
|
|
"expanded": "Unauthorized activities",
|
|
"description": "Threat of nefarious action due to unauthorised activities."
|
|
},
|
|
{
|
|
"value": "Unauthorised-use-or-administration-of-devices-and-systems",
|
|
"expanded": "Unauthorised use or administration of devices and systems",
|
|
"description": "Threat of nefarious action due to unauthorised use of devices and systems."
|
|
},
|
|
{
|
|
"value": "unauthorised-use-of-software",
|
|
"expanded": "Unauthorised use of software",
|
|
"description": "Threat of nefarious action due to unauthorised use of software."
|
|
},
|
|
{
|
|
"value": "unauthorized-access-to-the-information-systems-or-networks-like-IMPI-Protocol-DNS-Registrar-Hijacking)",
|
|
"expanded": "Unauthorized access to the information systems-or-networks (IMPI Protocol / DNS Registrar Hijacking)",
|
|
"description": "Threat of unauthorised access to the information systems / network."
|
|
},
|
|
{
|
|
"value": "network-intrusion",
|
|
"expanded": "Network Intrusion",
|
|
"description": "Threat of unauthorised access to network."
|
|
},
|
|
{
|
|
"value": "unauthorized-changes-of-records",
|
|
"expanded": "Unauthorized changes of records",
|
|
"description": "Threat of unauthorised changes of information."
|
|
},
|
|
{
|
|
"value": "unauthorized-installation-of-software",
|
|
"expanded": "Unauthorized installation of software",
|
|
"description": "Threat of unauthorised installation of software."
|
|
},
|
|
{
|
|
"value": "Web-based-attacks-drive-by-download-or-malicious-URLs-or-browser-based-attacks",
|
|
"expanded": "Web based attacks (Drive-by download / malicious URLs / Browser based attacks)",
|
|
"description": "Threat of installation of unwanted malware software by misusing websites."
|
|
},
|
|
{
|
|
"value": "compromising-confidential-information-like-data-breaches",
|
|
"expanded": "Compromising confidential information (data breaches)",
|
|
"description": "Threat of data breach."
|
|
},
|
|
{
|
|
"value": "hoax",
|
|
"expanded": "Hoax",
|
|
"description": "Threat of loss of IT assets security due to cheating."
|
|
},
|
|
{
|
|
"value": "false-rumour-and-or-fake-warning",
|
|
"expanded": "False rumour and/or fake warning",
|
|
"description": "Threat of disruption of work due to rumours and/or a fake warning."
|
|
},
|
|
{
|
|
"value": "remote-activity-execution",
|
|
"expanded": "Remote activity (execution)",
|
|
"description": "Threat of nefarious action by attacker remote activity."
|
|
},
|
|
{
|
|
"value": "remote-command-execution",
|
|
"expanded": "Remote Command Execution",
|
|
"description": "Threat of nefarious action due to remote command execution."
|
|
},
|
|
{
|
|
"value": "remote-access-tool",
|
|
"expanded": "Remote Access Tool (RAT)",
|
|
"description": "Threat of infection of software that has a remote administration capabilities allowing an attacker to control the victim's computer."
|
|
},
|
|
{
|
|
"value": "botnets-remote-activity",
|
|
"expanded": "Botnets / Remote activity",
|
|
"description": "Threat of penetration by software from malware distribution."
|
|
},
|
|
{
|
|
"value": "targeted-attacks",
|
|
"expanded": "Targeted attacks (APTs etc.)",
|
|
"description": "Threat of sophisticated, targeted attack which combine many attack techniques."
|
|
},
|
|
{
|
|
"value": "mobile-malware",
|
|
"expanded": "Mobile malware",
|
|
"description": "Threat of mobile software that aims to gather information about a person or organization without their knowledge."
|
|
},
|
|
{
|
|
"value": "spear-phishing-attacks",
|
|
"expanded": "Spear phishing attacks",
|
|
"description": "Threat of attack focused on a single user or department within an organization, coming from someone within the company in a position of trust and requesting information such as login, IDs and passwords."
|
|
},
|
|
{
|
|
"value": "installation-of-sophisticated-and-targeted-malware",
|
|
"expanded": "Installation of sophisticated and targeted malware",
|
|
"description": "Threat of malware delivered by sophisticated and targeted software."
|
|
},
|
|
{
|
|
"value": "watering-hole-attacks",
|
|
"expanded": "Watering Hole attacks",
|
|
"description": "Threat of malware residing on the websites which a group often uses."
|
|
},
|
|
{
|
|
"value": "failed-business-process",
|
|
"expanded": "Failed business process",
|
|
"description": "Threat of damage or loss of IT assets due to improperly executed business process."
|
|
},
|
|
{
|
|
"value": "brute-force",
|
|
"expanded": "Brute force",
|
|
"description": "Threat of unauthorised access via systematically checking all possible keys or passwords until the correct one is found."
|
|
},
|
|
{
|
|
"value": "abuse-of-authorizations",
|
|
"expanded": "Abuse of authorizations",
|
|
"description": "Threat of using authorised access to perform illegitimate actions."
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"predicates": [
|
|
{
|
|
"description": "Threats of intentional, hostile human actions.",
|
|
"expanded": "Physical attack (deliberate/intentional).",
|
|
"value": "physical-attack"
|
|
},
|
|
{
|
|
"description": "Threats of unintentional human actions or errors.",
|
|
"expanded": "Unintentional damage / loss of information or IT assets.",
|
|
"value": "unintentional-damage"
|
|
},
|
|
{
|
|
"description": "Threats of damage to information assets caused by natural or environmental factors.",
|
|
"expanded": "Disaster (natural, environmental).",
|
|
"value": "disaster"
|
|
},
|
|
{
|
|
"description": "Threat of failure/malfunction of IT supporting infrastructure (i.e. degradation of quality, improper working parameters, jamming). The cause of a failure is mostly an internal issue (e.g.. overload of the power grid in a building).",
|
|
"expanded": "Failures/ Malfunction.",
|
|
"value": "failures-malfunction"
|
|
},
|
|
{
|
|
"description": "Threat of complete lack or loss of resources necessary for IT infrastructure. The cause of an outage is mostly an external issue (i.e electricity blackout in the whole city).",
|
|
"expanded": "Outages.",
|
|
"value": "outages"
|
|
},
|
|
{
|
|
"description": "Threats that alter communication between two parties. These attacks do not have to install additional tools/software on a victim's site.",
|
|
"expanded": "Eavesdropping/ Interception/ Hijacking",
|
|
"value": "eavesdropping-interception-hijacking"
|
|
},
|
|
{
|
|
"description": "Threats of nefarious activities that require use of tools by the attacker. These attacks require installation of additional tools/software or performing additional steps on the victim's IT infrastructure/software.",
|
|
"expanded": "Nefarious Activity/ Abuse",
|
|
"value": "nefarious-activity-abuse"
|
|
},
|
|
{
|
|
"description": "Threat of financial or legal penalty or loss of trust of customers and collaborators due to legislation.",
|
|
"expanded": "Legal",
|
|
"value": "legal"
|
|
}
|
|
],
|
|
"version": 201601,
|
|
"description": "The present threat taxonomy is an initial version that has been developed on the basis of available ENISA material. This material has been used as an ENISA-internal structuring aid for information collection and threat consolidation purposes. It emerged in the time period 2012-2015.",
|
|
"expanded": "ENISA Threat Taxonomy",
|
|
"namespace": "enisa"
|
|
}
|