Attack
Jump to navigation
Jump to search
Contents
Definitions
European Definitions
Other International Definitions
IAEA
Attack is an attempt to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset. [1]
ITU-T
(Cyber) attack are the activities undertaken to bypass or exploit deficiencies in a system's security mechanisms. [2]
By a direct attack on a system they exploit deficiencies in the underlying algorithms, principles, or properties of a security mechanism. Indirect attacks are performed
when they bypass the mechanism, or when they make the system use the mechanism incorrectly.
Attaque: Activités entreprises pour contourner ou exploiter des déficiences constatées dans les mécanismes de sécurité d'un système. [3]
Ataque: Actividades realizadas para obviar los mecanismos de seguridad de un sistema o aprovechar sus deficiencias. [4]
攻击: 为绕过一个系统的安全机制或利用其漏洞而采取的行动. [5]
NATO
NATO AAP-06
Action taken to disrupt, deny, degrade or destroy information resident in a computer and/or computer network, or the computer and/or computer network itself. [6]
CCD-CoE (Tallinn manual)
Cyber attack is a cyber operation, whether offensive of defensive, that is reasonable expected to cause injury or death to persons or damage or destruction to objects. [7]
National Definitions
Burkina-Faso
Attaque est in action de malveillance consistant à tenter de contourner les fonctions de sécurité d’un Système Informatique. Il existe deux types d’attaques, les attaques passives et les attaques actives. Une attaque passive ne modifie pas le fonctionnement normal des communications et du réseau : elle se base sur l’Observation et l’Analyse du trafic. Une attaque active modifie l’état de la communication et du réseau et prend trois formes possibles: Altération des messages, Refus de Service et Connexion frauduleuse. [8]
Cameroon (Cameroun)
Attaque active: acte modifiant ou altérant les ressources ciblées par l’attaque (atteinte à l’intégrité, à la disponibilité et à la confidentialité des données).
Attaque passive: acte n’altérant pas sa cible (écoute passive, atteinte à la confidentialité). [9]
Attaque passive: acte n’altérant pas sa cible (écoute passive, atteinte à la confidentialité). [9]
Czech Republic
Útok: Pokus o zničení, vystavení hrozbě, nežádoucí změnu, vyřazení z činnosti, zcizení nebo získání neautorizovaného přístupu k aktivu nebo uskutečnění neautorizovaného použití aktiva. [10]
Attack is an attempt at destruction, exposure to a threat, unwanted change, putting out of operation, stealing or obtaining an unauthorized access to an asset or execution of an unauthorized use of an asset. [11]
Attack is an attempt at destruction, exposure to a threat, unwanted change, putting out of operation, stealing or obtaining an unauthorized access to an asset or execution of an unauthorized use of an asset. [11]
Ethiopia
Attack includes destruction of computer based critical infrastructures or disruption of their services or obliterating the confidentiality, integrity, or availability of information or computer based psychological attack on citizens or digital identity theft perpetrated by different techniques. [12]
France
Attaque: Tentative d’atteinte à des systèmes d’information réalisée dans un but malveillant. Elle peut avoir pour objectif de voler des données (secrets militaires, diplomatiques ou industriels, données personnelles bancaires, etc.), de détruire, endommager ou altérer le fonctionnement normal de systèmes d’information (dont les systèmes industriels). [13]
Attack Anattempttocompromiseaninformationsystem,carriedoutwithamalicious objective. The intention may be to steal data (e.g. military, diplomatic or industrial secrets, personal banking data) or to destroy, damage or alter the normal operation of information systems (including ICSs). [14]
Attack Anattempttocompromiseaninformationsystem,carriedoutwithamalicious objective. The intention may be to steal data (e.g. military, diplomatic or industrial secrets, personal banking data) or to destroy, damage or alter the normal operation of information systems (including ICSs). [14]
Germany
Ein Angriff ist eine vorsätzliche Form der Gefährdung, nämlich eine unerwünschte oder unberechtigte Handlung mit dem Ziel, sich Vorteile zu verschaffen bzw. einen Dritten zu schädigen. [15]
An attack is an intentional form of threat, namely an undesirable or unauthorized action with the objective to gain advantages or harm a third party respectively. [16]
An attack is an intentional form of threat, namely an undesirable or unauthorized action with the objective to gain advantages or harm a third party respectively. [16]
Angreifer können auch im Auftrag von Dritten handeln, die sich Vorteile verschaffen wollen (Attackers can also act on behalf of third parties that want to gain advantages).
Guatemala
Ataque: Intento de destruir, exponer, alterar, deshabilitar, robar, obtener acceso o uso de un activo no autorizado. Fuente: ISO/IEC 27000:20016 [17]
Japan
攻撃: インテリジェントな脅威、すなわちセキュリティサービスを回避し、システムのセキュリティポリシーを侵害する故意の試み(特に、方式あるいは技法という意味において)としてのインテリジェントな動作によってもたらされるセキュリティシステムへの攻撃.
(Cyber) attack is an assault on system security that derives from an intelligent threat, i.e., an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system. [18]
(Cyber) attack is an assault on system security that derives from an intelligent threat, i.e., an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system. [18]
Kuwait
Attack: The activities undertaken to bypass or exploit deficiencies in a system's security mechanisms. By a direct attack on a system they exploit deficiencies in the underlying algorithms, principles, or properties of a security mechanism. Indirect attacks are performed when they bypass the mechanism, or when they make the system use the mechanism incorrectly. [19]
Netherlands
Aanval: Een digitale aanval is een opzettelijke inbreuk op cybersecurity. [20]
Philippines
Attack - Any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself. [21]
Portugal
[Definição] Ataque: Qualquer tipo de atividade maliciosa que tenta coletar, perturbar, negar, degradar ou destruir recursos de sistema de informação ou a informação em si. [22]
Romania
Atac: Totalitatea actelor de violenţă îndreptate împotriva adversarului, fie ofensive, fie defensive, oricare ar fi teritoriul pe care au loc. [23]
United States
DHS
(cyber) attack is an attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity. [24]
(cyber) attack is the intentional act of attempting to bypass one or more security services or controls of an information system. [24]
NIST
An attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system Integrity. [25]
Attack: Any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself. Source: NIST SP 800-30 [26]
Attack: The realization of some specific threat that impacts the confidentiality, integrity, accountability, or availability of a computational resource. Source: NIST SP 800-28 v2 [26]
Attack: An attempt by an unauthorized individual to fool a Verifier or a Relying Party into believing that the unauthorized individual in question is the Subscriber. Source: NIST SP 800-63-2 [26]
Standard Definition
ISA-62443-*
ISO/IEC 27000:2012
Attack is an attempt to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset. [28]
IETF
An intentional act by which an entity attempts to evade security services and violate the security policy of a system. That is, an actual assault on system security that derives from an intelligent threat.
A method or technique used in an assault (e.g., masquerade).[29]
A method or technique used in an assault (e.g., masquerade).[29]
Dictionary
Aanval: Actie waarbij iemand met opzet de beveiliging probeert uit te schakelen of te omzeilen om in een digitaal systeem te komen. [30]
Discussion Topic
See also
Notes
- ↑ IAEA - Nuclear Security Series Glossary Version 1.3 (November 2015)
- ↑ ITU Security in Telecommunications and Information Technology: An overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunications, ITU-T, Geneva (2012) - ITU-T H.235.
- ↑ Sécurité dans les télécommunications et les technologies de l’information: Aperçu des problèmes et présentation des Recommandations UIT-T existantes sur la sécurité dans les télécommunications, ITU-T, Geneva (2012) - ITU-T H.235.
- ↑ Seguridad de las telecomunicaciones y las tecnologías de la información: Exposición general de asuntos relacionados con la seguridad de las telecomunicaciones y la aplicación de las Recomendaciones vigentes del UIT-T, ITU-T, Geneva (2012) - ITU-T H.235.
- ↑ 关于电信安全的若干议题综述 及相关ITU-T建议书应用简介, ITU-T, Geneva (2012) - ITU-T H.235.
- ↑ NATO AAP-06 Edition 2014
- ↑ Tallinn Manual on the International Law Applicable to Cyber Warfare (2013)
- ↑ CIRT-BF Glossary
- ↑ LOI N°2010/012 DU 21 DECEMBRE 2010 RELATIVE A LA CYBERSECURITE ET LA CYBERCRIMINALITE AU CAMEROUN
- ↑ http://www.govcert.cz/download/nodeid-561 Výkladový slovník kybernetické bezpečnosti (2013)
- ↑ http://www.govcert.cz/download/nodeid-561 Výkladový slovník kybernetické bezpečnosti (2013)
- ↑ Federal Nagarit Gazette Ethiopia, 2 Jan, 2014
- ↑ Méthode de classification et mesures principales, ANSSI (2014)
- ↑ Classification Method and Key Measures, ANSSI (2014)
- ↑ Cyber Glossar, Bundesamt fur Sicherheit in der Informationstechnik (BSI), 2014.
- ↑ Glossary/Terminology, Bundesamt fur Sicherheit in der Informationstechnik (BSI), 2014.
- ↑ La Estrategia Nacional de Seguridad Cibernética (June 2018)
- ↑ RFC2828 (Japanese translation)
- ↑ Glossary Communication and Information Technology Regulatory
- ↑ Cyber Security Beeld Nederland 2018
- ↑ DND GLOSSARY OF CYBER SECURITY TERMS (v.4)
- ↑ Glossário Centro National de Cibersegurança Portugal
- ↑ GLOSAR de termeni din domeniul ordinii şi siguranţei publice, MINISTERUL ADMINISTRAŢIEI ŞI INTERNELOR DIRECŢIA GENERALĂ ORGANIZARE, PLANIFICARE MISIUNI ŞI RESURSE
- ↑ 24.0 24.1 DHS/NICSS Glossary
- ↑ NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/FIPS 200
- ↑ 26.0 26.1 26.2 NIST Glossary
- ↑ ISA-62443 series
- ↑ ISO/IEC 27000:2012, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ IETF RFC449 Internet Security Glossary 2
- ↑ Cybersecurity Woordenboek 2021