Cyber Attacks Typology

Saw this acronym to describe the types of cyber threats and thought it was useful.


STRIDE


Spoofing – Falsifying identity to gain systems access


Tampering – Making unauthorized changes to data or systems


Repudiation – Forging identify of actions to data or system to deny responsibility or even blame a 3rd party


Information Disclosure – Stealing (exfiltrating) information and disclosing it to unauthorized individuals


Denial of Service – Depriving legitimate users access to data or systems


Elevation of Privilege – Transforming user account to allow it to exceed legitimate user privileges (e.g. admin account or superuser)


Funny-sad enough, these six types of cyber attacks can cause any information security officer to lose their stride. 😉


(Source Photo: Andy Blumenthal