Threats |
Printer-Friendly Version |
|
The list below identified some of the threats that may pose a risk to your site. You can either browse the list, or may wish to
review the top 12 threats to Grid sites. When you click on a threat, such as
T1:Faulty access rights management , additional information describing the threat and
suggested recommendations on how to reduce the risk from the threat will be shown.
By completing the risk assessment questionnaire, you will be able to obtain an ordered list of the
threats that are relevant to your site.
|
List of threats covered by the questionnaire, linked to recommendations
| Ref. |
Title (of threat) |
Relevant Recommendations |
| T1 |
Faulty access rights management |
R2,
R12,
R25,
R31,
R32,
R35,
R36,
R37,
R41,
R43,
R45,
R48,
R49,
R55,
R58,
R59,
R62
|
| T2 |
Password compromise |
R27,
R28,
R30 |
| T3 |
Intrusion (by scanning techniques) |
R2,
R4,
R5,
R19,
R34,
R35,
R36,
R37,
R46,
R47,
R48,
R49,
R50,
R51,
R52,
R53,
R55,
R60
|
| T4 |
Intrusion (unauthorised network access) |
R2,
R4,
R5,
R20,
R27,
R28,
R30,
R34,
R37,
R42,
R44,
R46,
R47,
R48,
R49,
R51,
R52,
R53,
R55,
R59,
R61
|
| T5 |
Data interception techniques (sniffing/man in the middle attack) |
R4,
R7,
R30,
R31,
R35,
R36,
R39,
R46,
R49,
R55
|
| T6 |
Fraudulent connection |
R5,
R17,
R19,
R20,
R23,
R24,
R25,
R27,
R28,
R29,
R30,
R31,
R32,
R34,
R35,
R36,
R37,
R41,
R44,
R46,
R47,
R49,
R50,
R52,
R53,
R55,
R61
|
| T7 |
Exploiting of software vulnerabilities |
R2,
R4,
R5,
R17,
R22,
R31,
R32,
R33,
R34,
R35,
R36 |
| T8 |
Fraudulent use of
systems |
R5,
R14,
R17,
R19,
R20,
R22,
R23,
R24,
R27,
R28,
R29,
R35,
R36,
R37,
R40,
R41,
R43,
R44,
R46,
R48,
R49,
R50,
R52,
R53,
R55,
R58,
R59,
R61
|
| T9 |
Repudiation (system usage) |
R23,
R24,
R37,
R40,
R41,
R48,
R50,
R53,
R55,
R58
|
| T10 |
Repudiation (sending/receiving data) |
R37,
R40,
R50,
R52,
R53,
R54,
R55
|
| T11 |
Saturation or resources (accidental) |
R6,
R14,
R15,
R20,
R21,
R32,
R40,
R55
|
| T12 |
Saturation or resources (intentional denial of service) |
R10,
R17,
R19,
R20,
R21,
R22,
R34,
R40,
R42,
R48,
R49,
R51,
R52,
R53,
R55
|
| T13 |
Software alteration (time bomb, worm, Trojan, virus etc) |
R2,
R4,
R17,
R18,
R22,
R26,
R33,
R34,
R35,
R36,
R42,
R44,
R48,
R49,
R51,
R52,
R54,
R55,
R60,
R61
|
| T14 |
Theft of mobile equipment or media |
R23,
R24,
R50,
R55
|
| T15 |
Propagation of false or misleading information |
R6,
R17,
R44,
R50,
R55,
R56,
R57
|
| T16 |
Use of insecure/unauthorized software |
R2,
R5,
R6,
R12,
R14,
R18,
R26,
R38,
R40,
R42,
R47,
R51,
R54,
R55,
R56,
R60,
R61
|
| T17 |
Hardware failure |
R18,
R21,
R37,
R48,
R55
|
| T18 |
Hardware malfunction |
R10,
R13,
R18,
R21,
R37,
R55
|
| T19 |
Software malfunction |
R13,
R14,
R15,
R17,
R18,
R21,
R22,
R32,
R33,
R34,
R35,
R37,
R40,
R42,
R54,
R55,
R60
|
| T20 |
Network failure (cabling, network device etc.) |
R21,
R34,
R37,
R53,
R55
|
| T21 |
Environmental, power or network supply failure |
R21,
R53,
R54,
R55
|
| T22 |
Electrical failure |
R10,
R48,
R55
|
| T23 |
Air conditioning failure |
R10,
R48,
R55
|
| T24 |
Absent/insufficient staff |
R45,
R55,
R62
|
| T25 |
Users lacking guidance |
R1,
R3,
R6,
R8,
R9,
R12,
R32,
R47,
R54,
R55,
R56,
R57,
R58,
R60
|
| T26 |
Data entry or utilization error |
R12,
R18,
R31,
R32,
R55
|
| T27 |
Lack of security awareness or job training |
R1,
R2,
R8,
R12,
R31,
R32,
R39,
R42,
R47,
R54,
R55,
R56,
R57,
R58,
R60
|
| T28 |
Intentional abuse of access rights |
R14,
R23,
R24,
R26,
R35,
R36,
R37,
R40,
R46,
R50,
R55,
R59
|
| T29 |
Dissemination of information (fraudulent) |
R3,
R7,
R11,
R14,
R17,
R19,
R20,
R30,
R31,
R33,
R37,
R39,
R40,
R47,
R50,
R55
|
| T30 |
Dissemination of Information (accidental) |
R3,
R6,
R7,
R11,
R12,
R14,
R20,
R22,
R30,
R31,
R35,
R36,
R39,
R40,
R54,
R55,
R56
|
| T31 |
Software or data pirating |
R3,
R7,
R9,
R11,
R14,
R17,
R19,
R20,
R22,
R23,
R24,
R25,
R26,
R27,
R29,
R31,
R33,
R34,
R35,
R36,
R37,
R38,
R39,
R40,
R42,
R50,
R51,
R55
|
| T32 |
Theft of fixed equipment |
R9,
R44,
R50,
R55
|
| T33 |
Usurpation of rights through masquerading |
R17,
R22,
R48,
R50,
R53,
R55
|
| T34 |
Extreme conditions (cold, heat, humidity) |
R55
|
| T35 |
Inadequate physical protection of the building (with data centre, sensitive assets etc.) |
R9,
R55
|
| T36 |
Inadequate building access controls |
R9,
R46,
R55
|
|
Additional information on who or what is likely to threaten your site
(e.g. who are the 'Threat Agents') is also available to help you when assessing the likelihood of these threats harming your site.
List of secondary threats to Grid sites
The ISSeG project identified a total of 52 potential threats that could harm assets at your site. Based on experience of implementing Integrated
Site Security (ISS) at Grid sites, not all of the 52 threats were included in the risk assessment
questionnaire. The 16 threats that were judged generally insufficiently relevant are listed below for information.
| Ref. |
Title (of threat) |
Additional information, example or vulnerability. |
| T37 |
Natural or man made disaster |
e.g. Fire in data centre (due to no fire protection) |
| T38 |
Wedging open doors or locks |
|
| T39 |
Disgruntled employee |
|
| T40 |
Social engineering |
A collection of techniques used by attackers to manipulate people
into performing actions or divulging confidential information. |
| T41 |
Approach from news media |
e.g. a local or national newspaper, radio or TV |
| T42 |
Approach from a competitor |
|
| T43 |
Conflict of interest |
e.g. an individual that investigates security logs could have the ability to tamper or delete the logs |
| T44 |
Hardware degradation or destruction (voluntary or not) |
|
| T45 |
Sabotage of utilities |
e.g. power, water, telecommunications etc. |
| T46 |
Geolocalization using telecommunications network |
e.g. tracking the physical location of an individual |
| T47 |
Remote espionage |
e.g. optical or acoustic means to overhear conversations etc. |
| T48 |
Electromagnetic pulses |
e.g. pulses that can interfere with data communications |
| T49 |
Electromagnetic interference (accidental) |
e.g. electrical interference between power and data cables |
| T50 |
Inadequate physical protection of the site |
e.g. attackers can physically access your site |
| T51 |
Inadequate site access controls |
e.g. attackers can bypass any logical access controls |
| T52 |
Network connectivity breach |
e.g. The main network data cable to site is sliced by a mechanical shovel |
Threat Families
Based on the similarities, the threats have been grouped in to a number of families. These are available for
browsing and may help suggest similar recommendations that a site may wish to implement.
|
|
