Strategic Security Intelligence
The All.Net Security Database
Generated Wed May 5 16:25:34 PDT 1999 by fc@all
Cause/Mechanism:
Threat Profiles
Attack Methods
Defense Methods
Process:
Prevention
Detection
Reaction
Impact:
Integrity
Availability
Confidential
Use Control
Other:
Risk Management
Database Description
Domain:
Physical
Informational
Systemic
Sophistication:
Theoretical
Demonstrated
Widespread
Perspectives:
Management
Policy
Standards
Procedures
Documentation
Audit
Testing
Technical Safeguards
Personnel
Incident Handling
Legal
Physical
Awareness
Training
Education
Organization
Brekne's Mechanistic:
Input
Output
Storage
Processing
Transmission
Brekne's Causal:
Accidental
Malicious
Brekne's Method:
Leakage
Masquerade
Denial
Corruption
Usage
Mental
Threat36:
Name:extortionists
People who extort money or goods by threatening harm if not paid off.
Complexity: Extortion is commonly used to get money in exchange for not causing harm. It is closely related to kidnapping.
fc@all
Related Database Material
[Attack30 - bribes and extortion]
[Attack52 - audio/video viewing]
[Attack59 - backup theft, corruption, or destruction]
[Attack3 - cable cuts]
[Attack56 - data aggregation]
[Attack48 - data diddling]
[Attack82 - dependency analysis and exploitation]
[Attack44 - desychronization and time-based attacks]
[Attack73 - distributed coordinated attacks]
[Attack17 - dumpster diving]
[Attack50 - electronic interference]
[Attack37 - environment corruption]
[Attack11 - environmental control loss]
[Attack67 - error-induced mis-operation]
[Attack36 - excess privilege exploitation]
[Attack18 - fictitious people]
[Attack31 - get a job]
[Attack70 - hardware failure - system flaw exploitation]
[Attack45 - imperfect daemon exploits]
[Attack41 - implied trust exploitation]
[Attack86 - inappropriate defaults]
[Attack69 - induced stress failures]
[Attack23 - infrastructure interference]
[Attack24 - infrastructure observation]
[Attack25 - insertion in transit]
[Attack33 - invalid values on calls]
[Attack74 - man-in-the-middle]
[Attack39 - modeling mismatches]
[Attack27 - modification in transit]
[Attack72 - network service and protocol attacks]
[Attack26 - observation in transit]
[Attack90 - strategic or tactical deceptions]
[Attack32 - password guessing]
[Attack51 - PBX bugging]
[Attack85 - peer relationship exploitation]
[Attack21 - perception management a.k.a. human engineering]
[Attack87 - piggybacking]
[Attack2 - power failure]
[Attack19 - protection missetting exploitation]
[Attack53 - repair-replace-remove information]
[Attack76 - replay attacks]
[Attack94 - repudiation]
[Attack65 - residual data gathering]
[Attack20 - resource availability manipulation]
[Attack60 - restoration process corruption or misuse]
[Attack55 - shoulder surfing]
[Attack22 - spoofing and masquerading]
[Attack13 - system maintenance]
[Attack16 - Trojan horses]
[Attack34 - undocumented or unknown function exploitation]
[Attack49 - van Eck bugging]
[Attack47 - viruses]
[Attack54 - wire closet attacks]
[Attack30 - bribes and extortion]
[Attack52 - audio/video viewing]
[Attack59 - backup theft, corruption, or destruction]
[Attack3 - cable cuts]
[Attack56 - data aggregation]
[Attack48 - data diddling]
[Attack82 - dependency analysis and exploitation]
[Attack44 - desychronization and time-based attacks]
[Attack73 - distributed coordinated attacks]
[Attack17 - dumpster diving]
[Attack50 - electronic interference]
[Attack37 - environment corruption]
[Attack11 - environmental control loss]
[Attack67 - error-induced mis-operation]
[Attack36 - excess privilege exploitation]
[Attack18 - fictitious people]
[Attack31 - get a job]
[Attack70 - hardware failure - system flaw exploitation]
[Attack45 - imperfect daemon exploits]
[Attack41 - implied trust exploitation]
[Attack86 - inappropriate defaults]
[Attack69 - induced stress failures]
[Attack23 - infrastructure interference]
[Attack24 - infrastructure observation]
[Attack25 - insertion in transit]
[Attack33 - invalid values on calls]
[Attack74 - man-in-the-middle]
[Attack39 - modeling mismatches]
[Attack27 - modification in transit]
[Attack72 - network service and protocol attacks]
[Attack26 - observation in transit]
[Attack90 - strategic or tactical deceptions]
[Attack32 - password guessing]
[Attack51 - PBX bugging]
[Attack85 - peer relationship exploitation]
[Attack21 - perception management a.k.a. human engineering]
[Attack87 - piggybacking]
[Attack2 - power failure]
[Attack19 - protection missetting exploitation]
[Attack53 - repair-replace-remove information]
[Attack76 - replay attacks]
[Attack94 - repudiation]
[Attack65 - residual data gathering]
[Attack20 - resource availability manipulation]
[Attack60 - restoration process corruption or misuse]
[Attack55 - shoulder surfing]
[Attack22 - spoofing and masquerading]
[Attack13 - system maintenance]
[Attack16 - Trojan horses]
[Attack34 - undocumented or unknown function exploitation]
[Attack49 - van Eck bugging]
[Attack47 - viruses]
[Attack54 - wire closet attacks]