Skip to main content

Table 2 Cyber-attacks linked to the source of attacker, his intention and the compromised security element

From: Cybersecurity for eMaintenance in railway infrastructure: risks and consequences

Cyber-attack Source Actor Action Security element
Tapping, snooping, scavenging, shoulder surfing and traffic analysis and traffic operational data. Internal or external Human Malicious Confidentiality
Modification, masquerading, replay and repudiation of acquired data Internal or external Human Malicious Integrity
Denial of service attacks, riot/civil disorder, arson, labor unrest, procedural violation Internal or external Human Malicious Availability
Careless use of wireless networks, posting information to discussion boards and blogs, sending sensitive information via e-mail and instant messaging, Improper disposal of sensitive media and failing to log off before leaving workstation Internal Human Non-malicious Confidentiality
Failure and maintenance data entry errors and omissions Internal Human Non-malicious Integrity
Programming errors, including syntax and logic problems Internal Human Non-malicious Availability
Compromising emanations, eavesdropping, takeover of authorized session Internal or external Technological Non-malicious Confidentiality
Jamming (telecomm) Internal or external Technological Non-malicious Availability
Faults in power supply and data networks Internal Technological Non-malicious Availability
Earthquakes, hurricanes, wind, flood, Tsunami, fire, lightning, animals and wildlife External Natural disaster Non-malicious Availability