T 5 Threats Catalogue Deliberate Acts

T 5.1 Manipulation/destruction of IT equipment or accessories
T 5.2 Manipulation of data or software
T 5.3 Unauthorised entry into a building
T 5.4 Theft
T 5.5 Vandalism
T 5.6 Attack
T 5.7 Interception of lines
T 5.8 Manipulation of lines
T 5.9 Unauthorised use of IT systems
T 5.10 Abuse of remote maintenance ports
T 5.11 Loss of confidentiality of data stored within PBX installations
T 5.12 Interception of telephone calls and data transmissions
T 5.13 Eavesdropping of rooms
T 5.14 Call charges fraud
T 5.15 "Inquisitive" staff members
T 5.16 Threat posed by internal staff during maintenance/administration work
T 5.17 Threat posed by external staff during maintenance work
T 5.18 Systematic trying-out of passwords
T 5.19 Abuse of user rights
T 5.20 Misuse of administrator rights
T 5.21 Trojan horses
T 5.22 Theft in the case of mobile uses of IT systems
T 5.23 Computer viruses
T 5.24 Replay of messages
T 5.25 Masquerade
T 5.26 Analysis of the message flow
T 5.27 Repudiation of a message
T 5.28 Denial of services
T 5.29 Unauthorised copying of data media
T 5.30 Unauthorised use of fax machines
T 5.31 Unauthorised viewing of incoming fax messages
T 5.32 Evaluation of residual information in fax machines
T 5.33 Impersonating wrong senders on fax machines
T 5.34 Deliberate re-programming of the destination keys on fax machines
T 5.35 Overloading by incoming fax messages
T 5.36 Deliberate overloading of answering machines
T 5.37 Determining access codes
T 5.38 Misuse of remote inquiry
T 5.39 Infiltrating computer systems via communication cards
T 5.40 Monitoring rooms using computers equipped with microphones
T 5.41 Misuse of a Unix system with the help of uucp
T 5.42 Social engineering
T 5.43 Macro viruses
T 5.44 Abuse of Remote Access Ports for Management Functions of Private Branch Exchanges
T 5.45 Trying Out Passwords under WfW and Windows 95
T 5.46 Masquerading under WfW
T 5.47 Deleting the Post Office
T 5.48 IP Spoofing
T 5.49 Abuse of Source Routing
T 5.50 Abuse of the ICMP Protocol
T 5.51 Abuse of Routing Protocols
T 5.52 Misuse of administrator rights in Windows NT systems
T 5.53 Deliberate misuse of protective cabinets for reasons of convenience
T 5.54 Deliberately causing an Abnormal End
T 5.55 Login Bypass
T 5.56 Temporary free-access accounts
T 5.57 Network analysis tools
T 5.58 Hacking Novell Netware
T 5.59 Misuse of administrator rights in Novell Netware 3.x networks
T 5.60 By-passing system guidelines
T 5.61 Misuse of remote access to management functions on routers
T 5.62 Misuse of resources via remote IT systems
T 5.63 Manipulation via the ISDN D-channel
T 5.64 Manipulation of data or software in database systems
T 5.65 Denial of services in a database system
T 5.66 Unauthorised connection of IT systems to a network
T 5.67 Unauthorised execution of network management functions
T 5.68 Unauthorised access to active network components
T 5.69 Higher risk of theft from a working place at home
T 5.70 Manipulation by family members or visitors
T 5.71 Loss of confidentiality of classified information
T 5.72 Misuse of e-mail services
T 5.73 Impersonation of a sender
T 5.74 Manipulation of alias files and distribution lists
T 5.75 Overload due to incoming e-mails
T 5.76 Mail bombs
T 5.77 Unauthorised monitoring of e-mails
T 5.78 DNS spoofing
T 5.79 Unauthorised acquisition of administrator rights under Windows NT
T 5.80 Hoaxes
T 5.81 Unauthorised use of a cryptomodule
T 5.82 Manipulation of a cryptomodule
T 5.83 Compromising cryptographic codes
T 5.84 Forged certificates
T 5.85 Loss of integrity of information that should be protected
T 5.86 Manipulation of management parameters
T 5.87 Web spoofing
T 5.88 Misuse of active contents
T 5.89 Hijacking of network connections
T 5.90 Manipulation of address books and distribution lists
T 5.91 Disabling of RAS access security mechanisms
T 5.92 Use of the RAS client as RAS server
T 5.93 Permitting use of RAS components by third parties
T 5.94 Misuse of cards
T 5.95 Bugging of indoor conversations over mobile phones
T 5.96 Tampering with mobile phones
T 5.97 Unauthorised transfer of data over mobile phones
T 5.98 Interception of mobile telephone calls
T 5.99 Analysis of call data relating to the use of mobile phones

© Copyright by Bundesamt für Sicherheit in der Informationstechnik 2000

Last Update: October 2000