Detailed Analysis on Mitigating Threats
Detailed Analysis on Mitigating Threats
The following sections describe the different threats as they are described by ENISA
and which of our services can help mitigate those threats.
and which of our services can help mitigate those threats.
Nefarious Activity / Abuse
Firmware Modification, e.g. of CPU, internal/external Controllers (e.g. hard drive/USB media), smart chargers, smart batteries, co-processors, NICs. Exploiting firmware vulnerabilities, abusing update functionality, or abusing binary firmware loading mechanisms.
Remote firmware attacks, e.g. in network interface cards, Memory Corruption Vulnerabilities, Logical Flaws, Backdoor Functionality or Remote management functionality. Attack Persistence via Firmware modification/ Bootkit
Information Access (Can also be Physical Attacks)
Eavesdropping / Interception / Hijacking
Traffic Sniffing on the Network level, Internal Bus level or Memory level
Surveillance of Location, Audio, Visual data or Behaviour
Data Tampering/Spoofing of Location or Behaviour
Physical Attacks
The threat of Hardware Modification, by an External or an Internal Hardware Trojan. The risk is that someone has a temporary hardware access and can do system modification.
Property Losses - Access control bypass (e.g. smart lock), Disabling of monitoring/alerting (e.g. alarm systems), Unlock attack (e.g. in vehicles)
Damage
Destruction of Hardware – Overheating, Explosion, “Bricking” and Disabling of interfaces.
Waste/destruction of Resources - Excessive Heating/use of heat - producing resources, Excessive energy consumption and Excessive use of water/physical resources controlled by a computing control system.
Failures or Malfunctions
Malfunction can come in a variety of forms - Failure of medical devices, Overheating/explosion of batteries, Failure of control/production systems, Failure of access systems, Failure of alarm systems, Outages of monitoring systems etc.
Modification-of-Service - Wrong treatment by medical devices, False negative reporting by alarm/monitoring systems or Granted access for unauthorized parties by access control systems.