Strategic Security Intelligence


The All.Net Security Database


Generated Wed May 5 16:25:34 PDT 1999 by fc@all

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • Threat30:

    Name:economic rivals

    Complexity: While economic rivals are usually merely competitive, sometimes they become rather extreme in their desire for technical information and attack in order to gain technical expertise. They tend to be well funded, have a lot of expertise, and typically operate from locations which provide legal cover for their actions.
    fc@all

    Related Database Material

    [Attack1 - errors and omissions]
    [Attack2 - power failure]
    [Attack3 - cable cuts]
    [Attack4 - fire]
    [Attack5 - flood]
    [Attack10 - static]
    [Attack11 - environmental control loss]
    [Attack12 - relocation]
    [Attack13 - system maintenance]
    [Attack14 - testing]
    [Attack15 - inadequate maintenance]
    [Attack16 - Trojan horses]
    [Attack17 - dumpster diving]
    [Attack18 - fictitious people]
    [Attack19 - protection missetting exploitation]
    [Attack20 - resource availability manipulation]
    [Attack21 - perception management a.k.a. human engineering]
    [Attack22 - spoofing and masquerading]
    [Attack23 - infrastructure interference]
    [Attack24 - infrastructure observation]
    [Attack25 - insertion in transit]
    [Attack26 - observation in transit]
    [Attack27 - modification in transit]
    [Attack28 - sympathetic vibration]
    [Attack29 - cascade failures]
    [Attack30 - bribes and extortion]
    [Attack31 - get a job]
    [Attack32 - password guessing]
    [Attack33 - invalid values on calls]
    [Attack34 - undocumented or unknown function exploitation]
    [Attack36 - excess privilege exploitation]
    [Attack37 - environment corruption]
    [Attack38 - device access exploitation]
    [Attack39 - modeling mismatches]
    [Attack40 - simultaneous access exploitations]
    [Attack41 - implied trust exploitation]
    [Attack42 - interrupt sequence mishandling]
    [Attack43 - emergency procedure exploitation]
    [Attack44 - desychronization and time-based attacks]
    [Attack45 - imperfect daemon exploits]
    [Attack46 - multiple error inducement]
    [Attack47 - viruses]
    [Attack48 - data diddling]
    [Attack49 - van Eck bugging]
    [Attack50 - electronic interference]
    [Attack51 - PBX bugging]
    [Attack52 - audio/video viewing]
    [Attack53 - repair-replace-remove information]
    [Attack54 - wire closet attacks]
    [Attack55 - shoulder surfing]
    [Attack56 - data aggregation]
    [Attack57 - process bypassing]
    [Attack58 - content-based attacks]
    [Attack59 - backup theft, corruption, or destruction]
    [Attack60 - restoration process corruption or misuse]
    [Attack61 - hangup hooking]
    [Attack62 - call forwarding fakery]
    [Attack63 - input overflow]
    [Attack64 - illegal value insertion]
    [Attack65 - residual data gathering]
    [Attack66 - privileged program misuse]
    [Attack67 - error-induced mis-operation]
    [Attack68 - audit suppression]
    [Attack69 - induced stress failures]
    [Attack70 - hardware failure - system flaw exploitation]
    [Attack71 - false updates]
    [Attack72 - network service and protocol attacks]
    [Attack73 - distributed coordinated attacks]
    [Attack74 - man-in-the-middle]
    [Attack75 - selected plaintext]
    [Attack76 - replay attacks]
    [Attack77 - cryptanalysis]
    [Attack78 - breaking key management systems]
    [Attack79 - covert channels]
    [Attack80 - error insertion and analysis]
    [Attack81 - reflexive control]
    [Attack82 - dependency analysis and exploitation]
    [Attack83 - interprocess communication attacks]
    [Attack84 - below-threshold attacks]
    [Attack85 - peer relationship exploitation]
    [Attack86 - inappropriate defaults]
    [Attack87 - piggybacking]
    [Attack88 - collaborative misuse]
    [Attack89 - race conditions]
    [Attack90 - strategic or tactical deceptions]
    [Attack91 - combinations and sequences]
    [Attack92 - kiting]
    [Attack93 - salami attacks]
    [Attack94 - repudiation]
    [Attack1 - errors and omissions]
    [Attack2 - power failure]
    [Attack3 - cable cuts]
    [Attack4 - fire]
    [Attack5 - flood]
    [Attack10 - static]
    [Attack11 - environmental control loss]
    [Attack12 - relocation]
    [Attack13 - system maintenance]
    [Attack14 - testing]
    [Attack15 - inadequate maintenance]
    [Attack16 - Trojan horses]
    [Attack17 - dumpster diving]
    [Attack18 - fictitious people]
    [Attack19 - protection missetting exploitation]
    [Attack20 - resource availability manipulation]
    [Attack21 - perception management a.k.a. human engineering]
    [Attack22 - spoofing and masquerading]
    [Attack23 - infrastructure interference]
    [Attack24 - infrastructure observation]
    [Attack25 - insertion in transit]
    [Attack26 - observation in transit]
    [Attack27 - modification in transit]
    [Attack28 - sympathetic vibration]
    [Attack29 - cascade failures]
    [Attack30 - bribes and extortion]
    [Attack31 - get a job]
    [Attack32 - password guessing]
    [Attack33 - invalid values on calls]
    [Attack34 - undocumented or unknown function exploitation]
    [Attack36 - excess privilege exploitation]
    [Attack37 - environment corruption]
    [Attack38 - device access exploitation]
    [Attack39 - modeling mismatches]
    [Attack40 - simultaneous access exploitations]
    [Attack41 - implied trust exploitation]
    [Attack42 - interrupt sequence mishandling]
    [Attack43 - emergency procedure exploitation]
    [Attack44 - desychronization and time-based attacks]
    [Attack45 - imperfect daemon exploits]
    [Attack46 - multiple error inducement]
    [Attack47 - viruses]
    [Attack48 - data diddling]
    [Attack49 - van Eck bugging]
    [Attack50 - electronic interference]
    [Attack51 - PBX bugging]
    [Attack52 - audio/video viewing]
    [Attack53 - repair-replace-remove information]
    [Attack54 - wire closet attacks]
    [Attack55 - shoulder surfing]
    [Attack56 - data aggregation]
    [Attack57 - process bypassing]
    [Attack58 - content-based attacks]
    [Attack59 - backup theft, corruption, or destruction]
    [Attack60 - restoration process corruption or misuse]
    [Attack61 - hangup hooking]
    [Attack62 - call forwarding fakery]
    [Attack63 - input overflow]
    [Attack64 - illegal value insertion]
    [Attack65 - residual data gathering]
    [Attack66 - privileged program misuse]
    [Attack67 - error-induced mis-operation]
    [Attack68 - audit suppression]
    [Attack69 - induced stress failures]
    [Attack70 - hardware failure - system flaw exploitation]
    [Attack71 - false updates]
    [Attack72 - network service and protocol attacks]
    [Attack73 - distributed coordinated attacks]
    [Attack74 - man-in-the-middle]
    [Attack75 - selected plaintext]
    [Attack76 - replay attacks]
    [Attack77 - cryptanalysis]
    [Attack78 - breaking key management systems]
    [Attack79 - covert channels]
    [Attack80 - error insertion and analysis]
    [Attack81 - reflexive control]
    [Attack82 - dependency analysis and exploitation]
    [Attack83 - interprocess communication attacks]
    [Attack84 - below-threshold attacks]
    [Attack85 - peer relationship exploitation]
    [Attack86 - inappropriate defaults]
    [Attack87 - piggybacking]
    [Attack88 - collaborative misuse]
    [Attack89 - race conditions]
    [Attack90 - strategic or tactical deceptions]
    [Attack91 - combinations and sequences]
    [Attack92 - kiting]
    [Attack93 - salami attacks]
    [Attack94 - repudiation]