PeakMaven

Book a Consultation

Elementary Threat

G 0.1

G 0.1 Fire

Fire can cause severe damage to people, buildings, and their equipment. In addition to direct fire-caused damage, consequential damages can be …

G 0.2

G 0.2 Adverse Climatic Conditions

Adverse climatic conditions such as heat, frost, or high humidity can cause various types of damage, for example, malfunctions in technical components …

G 0.3

G 0.3 Water

Water can impair the integrity and availability of information stored on analog and digital storage media. Information in the main memory of IT …

G 0.4

G 0.4 Contamination, Dust, Corrosion

Many IT devices contain, in addition to electronics, mechanically operating components, such as in hard drives and removable drives, DVD drives, …

G 0.5

G 0.5 Natural Disasters

Natural disasters are understood as natural changes that have devastating effects on people and infrastructure. Causes of a natural disaster can be …

G 0.6

G 0.6 Disasters in the Vicinity

An authority or enterprise can suffer damage if a serious accident occurs in the vicinity, for example a fire, an explosion, the release of toxic …

G 0.7

G 0.7 Major Events in the Vicinity

Large-scale events of all kinds can lead to disruptions in the proper operation of an authority or enterprise. These include street festivals, …

G 0.8

G 0.8 Power Supply Failure or Disruption

Despite high supply reliability, there are repeated interruptions in power supply by distribution network operators (DNO) or energy supply companies …

G 0.9

G 0.9 Communication Network Failure or Disruption

For many business processes, intact communication links are needed at least intermittently, whether via telephone, fax, email, or other services via …

G 0.10

G 0.10 Supply Network Failure or Disruption

There is a variety of networks in a building that serve basic supply and disposal and thus form the basis for all business processes of an …

G 0.11

G 0.11 Failure or disruption of service providers

Hardly any institution works today without outsourcing providers, service or supply companies. If organizational units depend on service...

G 0.12

G 0.12 Electromagnetic interference radiation

Information technology today consists largely of electronic components. While optical transmission technology is increasingly being used, computers, …

G 0.13

G 0.13 Interception of compromising radiation

Electrical devices emit electromagnetic waves. In devices that process information (e.g. computers, monitors, network coupling elements, printers), …

G 0.14

G 0.14 Espionage (Information gathering)

Espionage refers to attacks aimed at collecting, evaluating and processing information about companies, people, products or other target objects. …

G 0.15

G 0.15 Eavesdropping

Eavesdropping refers to targeted attacks on communication connections, conversations, sound sources of any kind or IT systems for information …

G 0.16

G 0.16 Theft of equipment, data carriers or documents

Theft of data carriers, IT systems, accessories, software or data results in costs for replacement and restoration to a working condition, as well …

G 0.17

G 0.17 Loss of equipment, data carriers or documents

There are a variety of causes that can lead to the loss of equipment, data carriers and documents. This directly affects availability, but can also...

G 0.18

G 0.18 Inadequate planning or failure to adapt

If organizational processes that serve directly or indirectly for information processing are not appropriately designed, this can lead to security...

G 0.19

G 0.19 Disclosure of valuable information

Confidential data and information must only be accessible to persons authorized to know them. In addition to integrity and availability, …

G 0.20

G 0.20 Information or products from unreliable sources

If information, software or equipment is used that comes from unreliable sources or whose origin and correctness have not been sufficiently …

G 0.21

G 0.21 Manipulation of Hardware or Software

Manipulation is understood to mean any form of deliberate but hidden intervention to alter target objects of any kind without notice. Manipulation …

G 0.22

G 0.22 Manipulation of Information

Information can be manipulated in various ways, e.g., through erroneous or intentionally false data entry, content changes in database fields or …

G 0.23

G 0.23 Unauthorized Access to IT Systems

In principle, every interface on an IT system not only offers the possibility of legitimately using certain services of the IT system through it, but …

G 0.24

G 0.24 Destruction of Equipment or Data Storage Media

Through negligence, improper use, or untrained handling, destruction of equipment and data storage media can occur, which can significantly disrupt IT …

G 0.25

G 0.25 Failure of Equipment or Systems

When time-critical applications are operated on an IT system, the consequential damage following a system failure is correspondingly high if there are …

G 0.26

G 0.26 Malfunction of Equipment or Systems

Devices and systems used for information processing today often have many functions and are therefore correspondingly complex...

G 0.27

G 0.27 Resource Shortage

When available resources in one area are insufficient, this can lead to bottlenecks in the supply of these resources and to overloads and failures...

G 0.28

G 0.28 Software Vulnerabilities or Errors

For any software: the more complex it is, the more frequently errors occur. Even with intensive testing, most errors are usually not detected …

G 0.29

G 0.29 Violation of Laws or Regulations

If information, business processes, and IT systems of an organization are inadequately protected (for example, through inadequate security …

G 0.30

G 0.30 Unauthorized Use or Administration of Equipment and Systems

Without appropriate mechanisms for access control, entry control, and authorization control, unauthorized use of equipment and systems can practically …

G 0.31

G 0.31 Incorrect Use or Administration of Devices and Systems

Incorrect or improper use of devices, systems, and applications can compromise their security, especially when existing security measures are …

G 0.32

G 0.32 Misuse of Permissions

Depending on their roles and tasks, people receive appropriate physical access, logical access, and data access permissions. In this way, on the one …

G 0.33

G 0.33 Personnel Loss

The loss of personnel can have considerable impacts on an institution and its business processes. Personnel can, for example, become unexpectedly …

G 0.34

G 0.34 Attack

An attack can threaten an institution, certain areas of the institution, or individual people. The technical means of carrying out an attack are …

G 0.35

G 0.35 Coercion, Extortion, or Corruption

Coercion, extortion, or corruption can compromise the security of information or business processes. By threatening violence or other disadvantages, …

G 0.36

G 0.36 Identity Theft

In identity theft, attackers pretend to have a false identity, using information about another person to act in that person's name. Data such as …

G 0.37

G 0.37 Denial of Actions

People can deny having committed certain actions for various reasons, for example because these actions violate instructions, security policies, or …

G 0.38

G 0.38 Misuse of Personal Data

Personal data is almost always information that deserves special protection. Typical examples are details about the personal or factual …

G 0.39

G 0.39 Malware

Malware is software that was developed for the purpose of executing undesired and usually harmful functions. Typical types of malware include …

G 0.40

G 0.40 Denial of Services (Denial of Service)

There are a variety of different attack forms aimed at preventing the intended use of certain services, functions, or devices. The umbrella term for …

G 0.41

G 0.41 Sabotage

Sabotage refers to the deliberate manipulation or damage of objects or processes with the aim of causing harm to the victim. Particularly attractive …

G 0.42

G 0.42 Social Engineering

Social Engineering is a method to obtain unauthorized access to information or IT systems through social actions. In social engineering, human...

G 0.43

G 0.43 Message Injection

In this form of attack, attackers send specially prepared messages to systems or people with the aim of gaining an advantage for themselves or...

G 0.44

G 0.44 Unauthorized Entry into Premises

If unauthorized persons enter a building or individual rooms, this can lead to various other dangers. These include...

G 0.45

G 0.45 Data Loss

Data loss is an event that results in a data inventory no longer being usable as required (loss of availability). A...

G 0.46

G 0.46 Integrity Loss of Valuable Information

The integrity of information can be impaired by various causes, such as manipulation, human misconduct...

G 0.47

G 0.47 Harmful Side Effects of IT-Based Attacks

IT-based attacks can have impacts that