Attack

From CIPedia
Revision as of 21:39, 9 May 2017 by Eluiijf (talk | contribs) (NIST)
Jump to navigation Jump to search


Definitions

European Definitions

Other International Definitions

IAEA

Attack is an attempt to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset. [1]



ITU-T

(Cyber) attack are the activities undertaken to bypass or exploit deficiencies in a system's security mechanisms. [2]

By a direct attack on a system they exploit deficiencies in the underlying algorithms, principles, or properties of a security mechanism. Indirect attacks are performed

when they bypass the mechanism, or when they make the system use the mechanism incorrectly.

Attaque: Activités entreprises pour contourner ou exploiter des déficiences constatées dans les mécanismes de sécurité d'un système. [3]


Ataque: Actividades realizadas para obviar los mecanismos de seguridad de un sistema o aprovechar sus deficiencias. [4]


攻击: 为绕过一个系统的安全机制或利用其漏洞而采取的行动. [5]


NATO

NATO AAP-06
Action taken to disrupt, deny, degrade or destroy information resident in a computer and/or computer network, or the computer and/or computer network itself. [6]


CCD-CoE (Tallinn manual)
Cyber attack is a cyber operation, whether offensive of defensive, that is reasonable expected to cause injury or death to persons or damage or destruction to objects. [7]


National Definitions

Burkina-Faso

Attaque est in action de malveillance consistant à tenter de contourner les fonctions de sécurité d’un Système Informatique. Il existe deux types d’attaques, les attaques passives et les attaques actives. Une attaque passive ne modifie pas le fonctionnement normal des communications et du réseau : elle se base sur l’Observation et l’Analyse du trafic. Une attaque active modifie l’état de la communication et du réseau et prend trois formes possibles: Altération des messages, Refus de Service et Connexion frauduleuse. [8]



Czech Republic

Útok: Pokus o zničení, vystavení hrozbě, nežádoucí změnu, vyřazení z činnosti, zcizení nebo získání neautorizovaného přístupu k aktivu nebo uskutečnění neautorizovaného použití aktiva. [9]

Attack is an attempt at destruction, exposure to a threat, unwanted change, putting out of operation, stealing or obtaining an unauthorized access to an asset or execution of an unauthorized use of an asset. [10]



Ethiopia

Attack includes destruction of computer based critical infrastructures or disruption of their services or obliterating the confidentiality, integrity, or availability of information or computer based psychological attack on citizens or digital identity theft perpetrated by different techniques. [11]



Japan

攻撃: インテリジェントな脅威、すなわちセキュリティサービスを回避し、システムのセキュリティポリシーを侵害する故意の試み(特に、方式あるいは技法という意味において)としてのインテリジェントな動作によってもたらされるセキュリティシステムへの攻撃.

(Cyber) attack is an assault on system security that derives from an intelligent threat, i.e., an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system. [12]



Philippines

Attack - Any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself. [13]



Portugal

[Definição] Ataque: Qualquer tipo de atividade maliciosa que tenta coletar, perturbar, negar, degradar ou destruir recursos de sistema de informação ou a informação em si. [14]



Romania

Atac: Totalitatea actelor de violenţă îndreptate împotriva adversarului, fie ofensive, fie defensive, oricare ar fi teritoriul pe care au loc. [15]



United States

NIST
An attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system Integrity. [16]



Standard Definition

IETF

An intentional act by which an entity attempts to evade security services and violate the security policy of a system. That is, an actual assault on system security that derives from an intelligent threat.

A method or technique used in an assault (e.g., masquerade).[17]


Discussion Topic

See also

Notes

  1. IAEA - Nuclear Security Series Glossary Version 1.3 (November 2015)
  2. ITU Security in Telecommunications and Information Technology: An overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunications, ITU-T, Geneva (2012) - ITU-T H.235.
  3. Sécurité dans les télécommunications et les technologies de l’information: Aperçu des problèmes et présentation des Recommandations UIT-T existantes sur la sécurité dans les télécommunications, ITU-T, Geneva (2012) - ITU-T H.235.
  4. Seguridad de las telecomunicaciones y las tecnologías de la información: Exposición general de asuntos relacionados con la seguridad de las telecomunicaciones y la aplicación de las Recomendaciones vigentes del UIT-T, ITU-T, Geneva (2012) - ITU-T H.235.
  5. 关于电信安全的若干议题综述 及相关ITU-T建议书应用简介, ITU-T, Geneva (2012) - ITU-T H.235.
  6. NATO AAP-06 Edition 2014
  7. Tallinn Manual on the International Law Applicable to Cyber Warfare (2013)
  8. CIRT-BF Glossary
  9. http://www.govcert.cz/download/nodeid-561 Výkladový slovník kybernetické bezpečnosti (2013)
  10. http://www.govcert.cz/download/nodeid-561 Výkladový slovník kybernetické bezpečnosti (2013)
  11. Federal Nagarit Gazette Ethiopia, 2 Jan, 2014
  12. RFC2828 (Japanese translation)
  13. DND GLOSSARY OF CYBER SECURITY TERMS (v.4)
  14. Glossário Centro National de Cibersegurança Portugal
  15. GLOSAR de termeni din domeniul ordinii şi siguranţei publice, MINISTERUL ADMINISTRAŢIEI ŞI INTERNELOR DIRECŢIA GENERALĂ ORGANIZARE, PLANIFICARE MISIUNI ŞI RESURSE
  16. NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/FIPS 200
  17. IETF RFC449 Internet Security Glossary 2