Strategic Security Intelligence


The All.Net Security Database

Generated Wed May 5 16:25:34 PDT 1999 by fc@all

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
    		•  Other:
  • Risk Management
  • Database Description
    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
    		• Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
    • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
    		• Brekne's Causal:
  • Accidental
  • Malicious
    		• Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

    • Threat26:

    Name:foreign agents and spies

    Complexity: These people are highly trained, highly funded, backed by substnatial scientific capabilities, directed toward specific goals, and skillful at avoiding detection. They can be very dangerous to life and property.
    fc@all

    Related Database Material

    [Attack52 - audio/video viewing]
    [Attack68 - audit suppression]
    [Attack59 - backup theft, corruption, or destruction]
    [Attack84 - below-threshold attacks]
    [Attack78 - breaking key management systems]
    [Attack30 - bribes and extortion]
    [Attack3 - cable cuts]
    [Attack62 - call forwarding fakery]
    [Attack91 - combinations and sequences]
    [Attack58 - content-based attacks]
    [Attack79 - covert channels]
    [Attack77 - cryptanalysis]
    [Attack56 - data aggregation]
    [Attack48 - data diddling]
    [Attack82 - dependency analysis and exploitation]
    [Attack44 - desychronization and time-based attacks]
    [Attack17 - dumpster diving]
    [Attack50 - electronic interference]
    [Attack43 - emergency procedure exploitation]
    [Attack37 - environment corruption]
    [Attack11 - environmental control loss]
    [Attack80 - error insertion and analysis]
    [Attack67 - error-induced mis-operation]
    [Attack1 - errors and omissions]
    [Attack36 - excess privilege exploitation]
    [Attack71 - false updates]
    [Attack18 - fictitious people]
    [Attack4 - fire]
    [Attack31 - get a job]
    [Attack61 - hangup hooking]
    [Attack70 - hardware failure - system flaw exploitation]
    [Attack64 - illegal value insertion]
    [Attack45 - imperfect daemon exploits]
    [Attack41 - implied trust exploitation]
    [Attack15 - inadequate maintenance]
    [Attack86 - inappropriate defaults]
    [Attack69 - induced stress failures]
    [Attack23 - infrastructure interference]
    [Attack24 - infrastructure observation]
    [Attack63 - input overflow]
    [Attack25 - insertion in transit]
    [Attack33 - invalid values on calls]
    [Attack74 - man-in-the-middle]
    [Attack39 - modeling mismatches]
    [Attack27 - modification in transit]
    [Attack46 - multiple error inducement]
    [Attack72 - network service and protocol attacks]
    [Attack26 - observation in transit]
    [Attack90 - strategic or tactical deceptions]
    [Attack51 - PBX bugging]
    [Attack85 - peer relationship exploitation]
    [Attack21 - perception management a.k.a. human engineering]
    [Attack87 - piggybacking]
    [Attack2 - power failure]
    [Attack66 - privileged program misuse]
    [Attack57 - process bypassing]
    [Attack19 - protection missetting exploitation]
    [Attack89 - race conditions]
    [Attack81 - reflexive control]
    [Attack53 - repair-replace-remove information]
    [Attack76 - replay attacks]
    [Attack94 - repudiation]
    [Attack65 - residual data gathering]
    [Attack20 - resource availability manipulation]
    [Attack60 - restoration process corruption or misuse]
    [Attack75 - selected plaintext]
    [Attack55 - shoulder surfing]
    [Attack40 - simultaneous access exploitations]
    [Attack22 - spoofing and masquerading]
    [Attack13 - system maintenance]
    [Attack14 - testing]
    [Attack16 - Trojan horses]
    [Attack34 - undocumented or unknown function exploitation]
    [Attack49 - van Eck bugging]
    [Attack47 - viruses]
    [Attack54 - wire closet attacks]
    [Attack52 - audio/video viewing]
    [Attack68 - audit suppression]
    [Attack59 - backup theft, corruption, or destruction]
    [Attack84 - below-threshold attacks]
    [Attack78 - breaking key management systems]
    [Attack30 - bribes and extortion]
    [Attack3 - cable cuts]
    [Attack62 - call forwarding fakery]
    [Attack91 - combinations and sequences]
    [Attack58 - content-based attacks]
    [Attack79 - covert channels]
    [Attack77 - cryptanalysis]
    [Attack56 - data aggregation]
    [Attack48 - data diddling]
    [Attack82 - dependency analysis and exploitation]
    [Attack44 - desychronization and time-based attacks]
    [Attack17 - dumpster diving]
    [Attack50 - electronic interference]
    [Attack43 - emergency procedure exploitation]
    [Attack37 - environment corruption]
    [Attack11 - environmental control loss]
    [Attack80 - error insertion and analysis]
    [Attack67 - error-induced mis-operation]
    [Attack1 - errors and omissions]
    [Attack36 - excess privilege exploitation]
    [Attack71 - false updates]
    [Attack18 - fictitious people]
    [Attack4 - fire]
    [Attack31 - get a job]
    [Attack61 - hangup hooking]
    [Attack70 - hardware failure - system flaw exploitation]
    [Attack64 - illegal value insertion]
    [Attack45 - imperfect daemon exploits]
    [Attack41 - implied trust exploitation]
    [Attack15 - inadequate maintenance]
    [Attack86 - inappropriate defaults]
    [Attack69 - induced stress failures]
    [Attack23 - infrastructure interference]
    [Attack24 - infrastructure observation]
    [Attack63 - input overflow]
    [Attack25 - insertion in transit]
    [Attack33 - invalid values on calls]
    [Attack74 - man-in-the-middle]
    [Attack39 - modeling mismatches]
    [Attack27 - modification in transit]
    [Attack46 - multiple error inducement]
    [Attack72 - network service and protocol attacks]
    [Attack26 - observation in transit]
    [Attack90 - strategic or tactical deceptions]
    [Attack51 - PBX bugging]
    [Attack85 - peer relationship exploitation]
    [Attack21 - perception management a.k.a. human engineering]
    [Attack87 - piggybacking]
    [Attack2 - power failure]
    [Attack66 - privileged program misuse]
    [Attack57 - process bypassing]
    [Attack19 - protection missetting exploitation]
    [Attack89 - race conditions]
    [Attack81 - reflexive control]
    [Attack53 - repair-replace-remove information]
    [Attack76 - replay attacks]
    [Attack94 - repudiation]
    [Attack65 - residual data gathering]
    [Attack20 - resource availability manipulation]
    [Attack60 - restoration process corruption or misuse]
    [Attack75 - selected plaintext]
    [Attack55 - shoulder surfing]
    [Attack40 - simultaneous access exploitations]
    [Attack22 - spoofing and masquerading]
    [Attack13 - system maintenance]
    [Attack14 - testing]
    [Attack16 - Trojan horses]
    [Attack34 - undocumented or unknown function exploitation]
    [Attack49 - van Eck bugging]
    [Attack47 - viruses]
    [Attack54 - wire closet attacks]