...
Breach type | Incident type | Example |
Offensive content | Spam | Unsolicited discussion group or e-mail message that is often sent for advertising purposes to a large number of recipients in one |
Hate speech | Disgraceful or discriminatory communication | |
| Illegal content against children. | Child pornography, brutal violence, etc. | |
Malware code | Virus | Software that is intentionally installed on a system in a malicious way. Activation of the software usually requires user intervention. |
Worm | ||
Trojan | ||
Spyware | ||
Rootkit | ||
| Ransomware | ||
Gathering information | Network scanning | Automatic inquiry about the structure of the network and the availability of the systems in it |
Network sniffing | The purpose of network sniffing is to monitor network traffic, monitor it, or obtain information about messages and passwords moving on the network. | |
Social intelligence | Interpersonal intelligence, for example, appearing on the phone as someone else as a person other than themselves or falsely representing an organization as confidential information to obtain. | |
Intrusion attempt | Exploitation of a known vulnerability | Intrusion into an information system or network using a commonly known vulnerability |
Login attempt | The aim is to access the service via login by utilizing, for example, password lists | |
A new way of penetrating | Intrusion into a service or network using a previously unknown vulnerability | |
Illegal intrusion | Admin account fraction | Illegal intrusion into a network or information system. The intrusion may exploit the vulnerability or it may also be done locally. Also includes working as part of a botnet. |
Basic user account fraction | ||
Hacking the software | ||
Terminal as part of a bot network | ||
Data access problem | Denial of service attack | Availability problems can be caused by various denial-of-service attacks or, for example, power supply problems. |
Sabotage | ||
Blackout | ||
Data security | Unauthorized access to information | Deviations related to the data may be related to e.g. hacking a user account or application, sniffing the network, or configuring it incorrectly |
Unauthorized modification of data | ||
Fraud | Illegal use of services | Use of the Services for Illegal Purposes |
Copyright Infringement | Installing or selling an unlicensed application | |
Impersonation | Identity theft | |
Phishing | Phishing for confidential or sensitive information | |
Vulnerability | The system is open for abuse | There are unpatched vulnerabilities in the system or the system is incorrectly configured |
Something else | All other deviations that do not fit into other categories |
...