Publication Date – January 13, 2020
- Account Takeover
- When an attacker uses legitimate consumer (non-employee) account credentials that were obtained from an unknown source.
- ATM/Skimmer
- A physical attack that involves access to an Automated Teller Machine (ATM), where they may have used a skimming device to gather data from payment cards.
- Crimeware
- A pattern with a moniker that accurately describes a common theme among such incidents. The pattern covers a broad swath of incidents involving malware of varied types and purposes.
- DoS
- A Denial-of-Service (DoS) attack is intended to compromise the availability of networks and systems. This includes both network and application layer attacks.
- Error
- Incidents involving unintentional actions that directly compromise a security attribute of an information asset. This does not include lost devices, which is grouped with theft instead.
- Lost/Stolen Asset
- Any incident where an information asset went missing, whether through misplacement or malice.
- Phishing
- An attack in which fraudulent email is used to masquerade as an employee or as a legitimate contact.
- Privilege Abuse
- Any unapproved or malicious use of organizational resources.
- Ransomware
- A type of malware that prevents users from accessing their system or personal files, typically through encryption. It’s an attack that’s designed to block access to a computer system until a sum of money is paid. Payment is demanded to regain access or the attacker threatens to publish the data.
- Unknown
- The fact pattern is unknown.
- Unsecured Database
- A database is left unsecured due to error and the data is accessible by third parties.
- Web Apps
- Any incident in which a web application was the vector of attack. This includes exploits of code level vulnerabilities in the application as well as thwarting authentication mechanisms.