CAPEC 548 Contaminate Resource

Draft Meta Low Risk

Severity High

Description

An adversary contaminates organizational information systems (including devices and networks) by causing them to handle information of a classification/sensitivity for which they have not been authorized. When this happens, the contaminated information system, device, or network must be brought offline to investigate and mitigate the data spill, which denies availability of the system until the investigation is complete.

CAPEC 548 Contaminate Resource

Description

Mitigations

Design Systems With Redundancy In Mind. This Could Mean Creating Backing Servers That Could Be Switched Over To In The Event That A Server Has To Be Taken Down For Investigation.

Have A Planned And Efficient Response Plan To Limit The Amount Of Time A System Is Offline While The Contamination Is Investigated.

Properly Safeguard Classified/Sensitive Data. This Includes Training Cleared Individuals To Ensure They Are Handling And Disposing Of This Data Properly, As Well As Ensuring Systems Only Handle Information Of The Classification Level They Are Designed For.

Consequences

Security Scopes Affected

Potential Impacts

CAPEC 548 Contaminate Resource

Description

Mitigations

Design Systems With Redundancy In Mind. This Could Mean Creating Backing Servers That Could Be Switched Over To In The Event That A Server Has To Be Taken Down For Investigation.

Have A Planned And Efficient Response Plan To Limit The Amount Of Time A System Is Offline While The Contamination Is Investigated.

Properly Safeguard Classified/Sensitive Data. This Includes Training Cleared Individuals To Ensure They Are Handling And Disposing Of This Data Properly, As Well As Ensuring Systems Only Handle Information Of The Classification Level They Are Designed For.

Consequences

Security Scopes Affected

Potential Impacts

Iscriviti alla newsletter