Focused On Your Success


The All.Net Security Database

Generated Fri Jun 27 09:58:50 PDT 2003 by fc@red.a.net

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
    		•  Other:
  • Risk Management
  • Database Description
    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
    		• Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
    • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
    		• Brekne's Causal:
  • Accidental
  • Malicious
    		• Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

    • Attack59:

    Name:backup theft, corruption, or destruction

    Complexity: Except in cases where backup information is encrypted, back-up attacks are straightforward and introduce little complexity. In the case of aging backup tapes some signal processing capabilities may be required in order to reliably read sections of media, but this is not very complex or expensive.
    fc@red.a.net

    Related Database Material

    [TBVStorage - Relates to Storage]
    [TBVMalicious - Relates to Malicious]
    [TBVLeakage - Relates to Leakage]
    [TBVDenial - Relates to Denial]
    [PDRIntegrity - Relates to Integrity]
    [PDRAvailability - Relates to Availability]
    [PDRConfidentiality - Relates to Confidentiality]
    [PDRDemonstrated - Relates to Demonstrated]
    [PLSSystemic - Relates to Systemic]
    [Threat1 - insiders]
    [Threat2 - private investigators]
    [Threat3 - reporters]
    [Threat4 - consultants]
    [Threat8 - competitors]
    [Threat9 - whistle blowers]
    [Threat10 - hackers]
    [Threat11 - crackers]
    [Threat13 - cyber-gangs]
    [Threat14 - tiger teams]
    [Threat15 - maintenance people]
    [Threat16 - professional thieves]
    [Threat18 - vandals]
    [Threat19 - activists]
    [Threat20 - crackers for hire]
    [Threat22 - organized crime]
    [Threat23 - drug cartels]
    [Threat25 - industrial espionage experts]
    [Threat26 - foreign agents and spies]
    [Threat28 - government agencies]
    [Threat29 - infrastructure warriors]
    [Threat30 - economic rivals]
    [Threat31 - nation states]
    [Threat32 - global coalitions]
    [Threat33 - military organizations]
    [Threat35 - information warriors]
    [Threat36 - extortionists]
    [Defense88 - authenticated information]
    [Defense58 - configuration management]
    [Defense96 - content checking]
    [Defense114 - control physical access]
    [Defense60 - drop boxes and processors]
    [Defense63 - encrypted authentication]
    [Defense18 - encryption]
    [Defense71 - Faraday boxes]
    [Defense65 - increased or enhanced perimeters]
    [Defense119 - individual accountability for all assets and actions]
    [Defense116 - inspection of incoming and outgoing materials]
    [Defense89 - integrity checking]
    [Defense79 - inventory control]
    [Defense82 - locks]
    [Defense111 - minimize traffic in work areas]
    [Defense107 - minimizing copies of sensitive information]
    [Defense108 - numbering and tracking all sensitive information]
    [Defense15 - physical security]
    [Defense112 - place equipment and supplies out of harms way]
    [Defense28 - procedures]
    [Defense16 - redundancy]
    [Defense140 - searches and inspections]
    [Defense48 - security marking and/or labeling]
    [Defense52 - testing]
    [Defense78 - trusted repair teams]