third Cyber Security Assessment Netherlands - NCSC
third Cyber Security Assessment Netherlands - NCSC
third Cyber Security Assessment Netherlands - NCSC
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Core assessment » 6 Manifestations<br />
»<br />
»»»»»<br />
6 Manifestations<br />
This chapter brings together the interests, threats<br />
and resilience as manifestations, as shown in the figure<br />
below. It describes the events or activities by which<br />
actors (may) harm interests, and examples of<br />
this throughout the reporting period of this CSAN.<br />
Interests<br />
The starting point for a manifestation is the ‘threat’ that results in<br />
a negative effect on the availability, confidentiality and/or integrity<br />
of information or information systems. A threat can become real<br />
through a combination of the target’s vulnerability (the interest<br />
to be protected), the resources available and an actor with the<br />
intention and capability to carry out a specific attack. A threat may<br />
arise from a conscious human action on the part of actor, natural<br />
or technical events and through human error.<br />
Threats<br />
Actors<br />
Tools<br />
Manifestation<br />
Resilience<br />
Vulnerabilities<br />
Measures<br />
This chapter applies an allocation based on the target of the threat:<br />
information or IT. A distinction is made between the following<br />
main types of threat that cause a manifestation:<br />
1. Attack targeted at information<br />
a) Theft of information, possibly for publication or sale<br />
(for example digital espionage and identity theft)<br />
b) Manipulation of information (for example fraud involving<br />
financial or other online transactions)<br />
2. Attack targeted at IT<br />
a) Digital defacement<br />
b) Disruption of IT (for example DDoS attack)<br />
c) IT takeover (for example the withdrawal of resources)<br />
3. Failure of IT (because of natural or technical events or because<br />
of human error)<br />
Type of threat<br />
1a) Theft of information, possibly<br />
for publication or sale<br />
Main actor(s) and intended aims<br />
» States: digital espionage by other states and private organisations<br />
» Professional criminals: financial gain<br />
» Hacktivists, cyber vandals, internal actors: highlight vulnerabilities, expand own image or cause<br />
harm to others<br />
1b) Manipulation of information » Professional criminals: financial gain<br />
2a) Defacement<br />
2b) Disruption of IT<br />
2c) Takeover of IT<br />
3) IT failure due to natural<br />
or technical events<br />
» Hacktivists: to make a public statement, to spread propaganda<br />
» Script kiddies, cyber vandals: show that it’s possible or for fun<br />
» States: deployment of offensive cyber capabilities in state conflict<br />
» Terrorists: as a weapon against physical targets or to support their terrorist activities, for example<br />
to spread propaganda (using the internet as a tool)<br />
» Professional criminals: as the basis of or as a diversion from attacks from which they have financial gain<br />
» Hacktivists, script kiddies and cyber vandals: the disruption is an aim in itself to show it can be done<br />
or for fun<br />
» Internal actors: the disruption is an aim in itself<br />
» Criminals: financial gain, sending of spam and phishing e-mails<br />
» Hactivists: hosting of data in order to spread propaganda<br />
» Script kiddies and cyber vandals: highlight vulnerabilities because it’s possible or for fun<br />
Not applicable<br />
Table 3. Summary of threats<br />
43