Focused On Your Success


The All.Net Security Database


Generated Fri Jun 27 09:58:56 PDT 2003 by fc@red.a.net

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • Threat23:

    Name:drug cartels

    Complexity: These groups typically have a lot of money and are willing to spend it in order to get what they want. They typically want to launder money, eliminate competition, retain control over their dealer networks, and keep law enforcement away. They use violence and physical coorcion easily.
    fc@red.a.net

    Related Database Material

    [Attack59 - backup theft, corruption, or destruction]
    [Attack78 - breaking key management systems]
    [Attack30 - bribes and extortion]
    [Attack3 - cable cuts]
    [Attack88 - collaborative misuse]
    [Attack56 - data aggregation]
    [Attack17 - dumpster diving]
    [Attack50 - electronic interference]
    [Attack1 - errors and omissions]
    [Attack36 - excess privilege exploitation]
    [Attack18 - fictitious people]
    [Attack31 - get a job]
    [Attack64 - illegal value insertion]
    [Attack23 - infrastructure interference]
    [Attack25 - insertion in transit]
    [Attack92 - kiting]
    [Attack39 - modeling mismatches]
    [Attack27 - modification in transit]
    [Attack90 - strategic or tactical deceptions]
    [Attack85 - peer relationship exploitation]
    [Attack87 - piggybacking]
    [Attack57 - process bypassing]
    [Attack93 - salami attacks]
    [Attack22 - spoofing and masquerading]
    [Attack34 - undocumented or unknown function exploitation]
    [Attack54 - wire closet attacks]