Cost of Attack

Work

Access

Indifference to detection

Special Knowledge

Time to corrective action

Any one can reduce the requirements for any of the others; there is enough of these in the world to break any system.

Previous slide Next slide Back to first slide View graphic version

Notes:

Any successful attack requires some combination of these factors. An excess of one may reduce the requirements for any of the others. Protective measures reduce what is available to the attacker or raise the requirements.

For example, in one attack (by an outside auditor) against one of our clients the success involved work to discover numbers answered by modems and pcAnywhere (special knowledge), access to LANs via pcAnywhere on workstations. More work produced special knowledge about passwords on LAN servers. Attack was discovered when they triggered alarms, i.e.., ran out of elapsed time.

Cost of Attack

Work

Access

Indifference to detection

Special Knowledge

Time to corrective action

Any one can reduce the requirements for any of the others; there is enough of these in the world to break any system.