|
|
 |
Threat
Information from: Security Survival: A Source Book from the Open Group
A natural or manmade happening which may cause a breech in the current security
measures of a system or network, allowing unauthorized users to access sensitive information, or use of resources in an unauthorized way. Different types of possible threats are described below.
Natural
Natural threats include, but are not limited to calamities such
as fire, flood and earthquakes. These threats most likely will not jeopardize the integrity of sensitive information on a system, but will sufficiently damage
the system often rendering it useless.
Manmade
Electrical failure, armed robbery and even war are possible occurences of manmade threats to a system. The disruption of routine caused by one
of these should be taken into account when securing a system and/or network.
Internal
Threats created due to malicious intent or ignorance of an authorized user.
Misuse of Access Rights
Using access priveledges to maliciously use information
and/or resources, or to modify information or processes running on the system or network.
Lack of Awareness
Unknowingly modifying information and/or resources, or unknowingly providing access to sensitive information and/or resources to an unauthorized user.
External
Threats created due to malicious intent or ignorance of an unauthorized user.
Interception and Modification
Intercepting data as it passes through weak/insecure channels on a network, and modifying this data to cause damage to one of the other
parties involved in the transaction.
Insertion and Replay
Intercepted and changed messages are used as part of a fraud or integrity attack.
Data Contamination
Corruption of stored data which may not become immediately obvious. In worst cases, involving backup data as well.
Deletion
Unauthorized removal of stored data from its rightful place.
Creation and Replacement
Replacing sensitive data with an attacker-created replacement.
Malicious Software
Attacker-created software that may execute any number of attacks including reproducing and sending itself(virus), creating a backdoor for later access to sensitive information, capturing and relaying sensitive information, causing damage to its host.
User Account Modification
Unwarranted ability to create/remove unauthorized user accounts, tamper with user priviledges, or use redundant accounts.
System Service Modification
Unauthorized access to system administration controls used to perform malicious acts with or against the compromised system.
Ease of Use Tools
Threats created due to the degree of difficulty in using and managing an existing security measure.
Difficulty of use
Security measures causing significant amounts of difficulty for users and maintainers which dimishes their effectiveness.
Unacceptable level of hindrance
Inability or refusal of a user to adhere to security measures that hinder or impede their normal operation.
Knowledge Base
Knowledge Base threats deal with the 'intruder' gaining access to sensitive information.
Eavesdropping
Interception of sensitive information during transmission using some type of sniffer.
Traffic Analysis
Determining frequency, volume, origin and destination of transmitted data. This in itself could be considered sensitive information in
certain cases.
Copying Information
Unauthorized copying of sensitive, stored information.
Garbage Collection
Searching through internal buffers and temporary files on a system to find copies of sensitive information that has been sent or received.
Electromagnetic Radiation
Using special equipment to pick up, display, process and/or transmit information reconstructed from electromagnetic signals radiated from unshielded machines.
Aggregation
Constructing sensitive information from smaller pieces of less sensitive information.
Deduction
Deducing the fact that certain information is being held in a certain place (which in certain cases may be sensitive information).
|
Home : Information Security : Architecture 
