CAPEC-548

Contaminate Resource
LOW
HIGH
Draft
2014-06-23 00:00 +00:00
2023-01-24 00:00 +00:00

Alerte pour un CAPEC

Stay informed of any changes for a specific CAPEC.
Alert management

Description

An adversary contaminates organizational information systems (including devices and networks) by causing them to handle information of a classification/sensitivity for which they have not been authorized. When this happens, the contaminated information system, device, or network must be brought offline to investigate and mitigate the data spill, which denies availability of the system until the investigation is complete.

Informations

Prerequisites

The adversary needs to have real or fake classified/sensitive information to place on a system

Skills Required

Knowledge of classification levels of systems
The ability to obtain a classified document or information
The ability to fake a classified document

Mitigations

Properly safeguard classified/sensitive data. This includes training cleared individuals to ensure they are handling and disposing of this data properly, as well as ensuring systems only handle information of the classification level they are designed for.
Design systems with redundancy in mind. This could mean creating backing servers that could be switched over to in the event that a server has to be taken down for investigation.
Have a planned and efficient response plan to limit the amount of time a system is offline while the contamination is investigated.

References

REF-742

Managing a “Data Spill”
Florida Industrial Security Working Group (FISWG).
https://fiswg.research.ucf.edu/Documents/PPT/Manage%20a%20Data%20Spill-Contamination%20September%202015.pptx

REF-743

data spillage
https://csrc.nist.gov/glossary/term/data_spillage

Submission

Name Organization Date Date Release
CAPEC Content Team The MITRE Corporation 2014-06-23 +00:00

Modifications

Name Organization Date Comment
CAPEC Content Team The MITRE Corporation 2023-01-24 +00:00 Updated Alternate_Terms, Consequences, Description, Example_Instances, Extended_Description, Likelihood_Of_Attack, Mitigations, Prerequisites, References, Related_Attack_Patterns, Skills_Required, Typical_Severity
Click on the button to the left (OFF), to authorize the inscription of cookie improving the functionalities of the site. Click on the button to the left (Accept all), to unauthorize the inscription of cookie improving the functionalities of the site.