Threats

Source: Baseline Security Recommendations for IoT in the context of Critical Information Infrastructures November 2017

# Threat Group Threat Description Assets Affected Remarks
1 Outages Network Outage Interruption or failure in the network supply, either intentional or accidental. Depending on the network segment affected, and on the time required to recover, the importance of this threat ranges from high to critical. Communications o View
2 Physical attacks Device modification Tampering a device by for example taking advantage of bad configuration of ports, exploiting those left open. Communications View
3 Eavesdropping Interception and Hijacking Information gathering Passively obtain internal information about the network: devices connected, protocol used, etc. Communications View
4 Eavesdropping Interception and Hijacking Session hijacking Stealing the data connection by acting as a legitimate host in order to steal, modify or delete transmitted data. Communications View
5 Eavesdropping Interception and Hijacking Network reconnaissance Passively obtain internal information about the network: devices connected, protocol used, open ports, services in use, etc. Communications View
6 Eavesdropping Interception and Hijacking Interception of information Unauthorised interception (and sometimes modification) of a private communication, such as phone calls, instant messages, e-mail communications Communications View
7 Eavesdropping Interception and Hijacking IoT communication protocol hijacking Taking control of an existing communication session between two elements of the network. The intruder is able to sniff sensible information, including passwords. The hijacking can use aggressive techniques like forcing disconnection or denial of service. Communications View
8 Eavesdropping Interception and Hijacking Man in the middle Active eavesdropping attack, in which the attacker relays messages from one victim to another, in order to make them believe that they are talking directly to each other Communications View
Records : 8 of 8 | Page : of 1 | Limit