Vous êtes sur la page 1sur 8

THREATS

Definition: - A threat is an object, person, or other entity that represents a constant


danger to an asset.

The five groups of real and present danger are:

Inadvertent acts
Deliberate acts
Acts of God
Technical failures
Management failures

Threat Group 1: Inadvertent Acts

Malicious intent is absent or cannot be proven in the category of threats called


inadvertent acts.

Inadvertent acts include


Acts of human error or failure
Deviations in quality of service by- service providers and
Power irregularities.

Acts of Human Error or Failure

This category includes acts performed without intent or malicious purpose by individual who is
an authorized user with an organization.

Reasons- When people use information systems, sometimes mistakes happen.


Inexperience, improper training, the making of incorrect assumptions and other
circumstances can cause these misadventures.
Harm caused:-
Revelation of classified data
Entry of erroneous data
Accidental deletion or
Modification of data
Storage of data in unprotected areas
Prevention:- Can be prevented with controls such as
Requiring the user to type a critical command twice,
Verification of commands by a second party.
Deviations in Quality Of service by service providers
The organizations information system depends on the support systems, including
Power grids
Telecom networks
Parts suppliers
Service vendors and even
The janitorial staff and garbage haulers.
Threats in this category manifest in an attacks such as
A backhoe taking out a fiber optic link for an ISP.
The backup provider may be online and in service but may be able to supply
only a fraction of the bandwidth the organization needs for full service.
This degradation of service is a form of availability disruption.

Internet Service Issues

Organizations that rely heavily on the Internet


The threat of the potential loss of Internet service, can lead to considerable loss in
the availability of information.
Manual procedures must be used to continue operations.

When an organization places its Web servers in the care of a Web hosting provider
The Web hosting services are usually arranged with an agreement providing
minimum service levels known as Service Level Agreements (SLAs).
When a service provider fails to meet the SLA, fines are levied but they seldom
cover the losses generated by the outage.

Communications and other Service Provider Issues

Other utility services like


Telephone
water
Wastewater
Trash pickup
Cable television
Natural or
Propane gas can impact organizations as well, Can lead to the inability of an
organization to function properly.
For instance,
Most facilities require water service to operate an air conditioning system.
If the wastewater system fails normal business operations stop.

Power Irregularities
When the voltage levels spike (a momentary increase), or
surge (a prolonged increase) this voltage can severely damage or destroy equipment.
A momentary low voltage or sag or
A more prolonged drop in voltage known as a brownout can cause
Systems to shut down
Reset, or
Otherwise disrupts availability.
Complete loss of power for a moment is known as a fault
As opposed to a more lengthy loss known as a blackout.
The uninterruptible power supply (UPS) can pocket against spikes and surges as well as
against sags and even blackouts of limited duration.

Threat Group2: Deliberate Acts

Threats in which people or organizations engage in purposeful acts designed to harm the
people, the organization, or the culture.

Deliberate Acts of Espionage or Trespass

Includes - a broad category of electronic and human activities that can breach the
confidentiality of information.

Some information gathering techniques that are quite legal are forms of research. These
techniques are called, collectively competitive intelligence.

When information gatherers employ techniques that cross the threshold of what is legal
or ethical, they enter the world of Industrial espionage.

Example:- shoulder surfing.

This technique is used in public or semipublic settings when individuals observe


information without authorization by looking over another individuals shoulder or
spoting information from a distance.
Instances:
at computer terminals
desks
ATM machines
public phones or
other places where a person is accessing confidential information.

Harm caused:
Information gatherers enter premises or systems they have not been
authorized to enter.
Encroaching on the organizations cyberspace.
Prevention:
Maintaining the basic etiquettes.
Marking the boundaries of an organizations virtual territory.

The perpetrators
Hackers:
People who use and create computer software for enjoyment or to gain
access to information illegally.
A hacker uses skill, guile, or fraud to attempt to by pass the controls
placed around information that is the property of some one else.
The two skill levels-
expert hacker, develops software script and codes exploits; the novice, or
unskilled hacker or the script kiddies who use the automated code
exploits.
Prevention- keep defensive systems up to date about the latest in exploit
scripts. Preparation and continued vigilance.
Cracker:-
an individual who cracks or removes an applications software
protection.
Harm caused- The software can be easily distributed and installed.
Phreaker-
Hacks the public telephone network to make free calls and disrupt services.
Blue boxes: free telephone calls.
Red boxes: simulate the tones of coins falling in a pay phone.
Black boxes: emulate the line voltage.

Deliberate Acts of Information Extortion

The threat of information extortion is the possibility of an attacker or insider stealing


information from a computer system and demanding compensation for its return.

Deliberate Acts of Sabotage or Vandalism

Originates with an individual or group of individuals


Who want to deliberately sabotage the operation of a computer system or business
or
Perform acts of vandalism to either destroy an asset or damage the image of the
organization.

Harm Caused:Reduction in consumer confidence, organizations sales and net


worth.

Vandalism within a network is more malicious in intent and less public.

Hacktivist or cyberactivist use technology as a tool for civil disobedience and hacking
to protest the operations, policies, or actions of an organization.

Deliberate Acts of Theft

Theft is the
Illegal taking of anothers physical
Electronic or
Intellectual property.

Within an organization, that property can be


Physical
Electronic or
Intellectual.

Physical theft-
Circuit boards and memory chips can be controlled using locked doors
Trained security personnel and the installation of alarm systems
Electronic theft is a more complex problem to manage and control.

Deliberate Software Attacks

Deliberate software attacks occur when an individual or group designs software to attack
an unsuspecting system using malicious code or malicious software, or malware.
Common instances of malicious code

Virus:-
The code attaches itself to the existing program and takes control of that
programs access to the targeted computer.
Replicates itself into additional targeted systems.
Types:
Macro virus:- Which is embedded in automatically executing macro
code, common in office productivity software.

Boot virus:- Infects the key operating systems files located in a


computers boot sector.

Worms:-
Malicious programs that replicate themselves constantly without requiring
another program to provide a safe environment for replication.

Worms can continue replicating themselves until they completely fill


available resources such as
o Memory
o Hard drive space and
o Network bandwidth.
Examples:
o Code Red
o Sircam
o Nimda (admin spelled backwards) and
o Klez.

Trojan horses:-
Software programs that hide their true nature, and reveal their designed
behavior only when activated.
Are disguised as helpful, interesting, or necessary pieces of software.

Back door or Trap door:-


This allows the attacker to access the system at will with special
privileges.
Examples: Subseven and Back Orifice.

Polymorphism:-
A polymorphic threat is one that changes its apparent shape over time.
These threats not detectable by techniques that are looking for a
preconfigured signature.

Virus and Work Hoaxes:-


Sometimes random e-mails warning of the latest and most dangerous viruses
that are fictitious.
Much time
o Bandwidth and energy is wasted as every one forwards the message to
everyone they know
o Posts the message on bulletin boards and
o Begins updating antivirus protection software.

Compromises to Intellectual Property

Intellectual property is defined as


the ownership of ideas and control over the tangible or virtual
representation of those ideas.
Use of another persons intellectual property should always include proper
credit to the source.
Includes:-
Tade secrets
Copyrights
Trademarks and
Patents.
Most common in the category of IP breaches is software piracy.
If the user copies the program to another computer without securing
other license, he or she has violated the copyright.

Threat Group 3: Acts of God

Threats that result from forces of nature that cannot be prevented or controlled.

Force of Nature

These disrupt
o The lives of individuals
o Storage
o Transmission and
o Use of information

Fire, Flood, Earthquakes, Lightning, Landslide or mudslide, Tornado or severe


windstorm, Hurricane or typhoon and Tsunami : -
All of these cause direct damage to all or part of the information system or more
often, to the building that houses them.
May also disrupt operations through interruptions in access to the buildings that
house all or part of the information system.
Can sometimes be mitigated with casualty insurance and/or business interruption
insurance.
Electro-static discharge (ESD):-
Usually static electricity and ESD are little more than a nuisance.
Can draw dust into clean-room environments or cause products to stock together.
While not usually viewed as a threat, ESD can disrupt information systems and is not
usually an insurable loss unless covered by business interruption insurance.

Dust contamination:-
Some environments are not friendly to the hardware components of information
systems.
Because dust contamination can shorten the life of information systems or cause
unplanned downtime, this threat can disrupt normal operations.

Threat Group 4: Technical Failures

Sometimes machines break without a discernable cause or in unexpected ways. Such


disruptions can have severe negative consequences for unprepared organizations.

Technical Hardware Failures or Errors

Technical hardware failures or errors occur when a manufacturer distributes to users


equipment containing a known or unknown flaw.

These defects can cause the system to perform outside of expected parameters, resulting
in unreliable service or lack of availability.

Technical Software Failures or Errors

This category of threats comes from


Purchasing software with unknown
Hidden faults.
Sometimes unique combinations of certain software and hardware reveal new
bugs.

These failures range from bugs to untested failure conditions.


Sometimes, these times are not errors, but are purposeful shortcuts left by
programmers (called trap doors) for honest or dishonest reasons and can cause
severe security breaches.

Bugtraq
Found at lists insecure.com
provides up-to-the-minute information on the latest security vulnerabilities
including software and hardware bugs.

Threat Group 5: Management Failures

Involves: Managements potential lack of sufficient planning and foresight to anticipate


the technology needed for evolving business requirements.
Technological Obsolescence

Antiquated or outdated infrastructure leads to unreliable and untrustworthy systems.

Management must recognize that when technology becomes outdated, there is a risk of
loss of data integrity from attacks.

Managements strategic planning should always include an analysis of the technology


current in the organization.

Vous aimerez peut-être aussi