Question
Consider a company whose operations are housed in two buildings on the same property; one building is headquarters, the other building contains network and computer services. The property is physically protected by a fence around the perimeter, and the only entrance to the property is through this fenced perimeter. In addition to the perimeter fence, physical security consists of a guarded front gate. The local networks are split between the Headquarters’ LAN and the Network Services’ LAN. Internet users connect to the Web server through a firewall. Dial-up users get access to a particular server on the Network Services’ LAN. Develop an attack tree in which the root node represents disclosure of proprietary secrets. Include physical, social engineering, and technical attacks. The tree may contain both AND and OR nodes. Develop a tree that has at least 15 leaf nodes.
Answer
Attack trees are graphical representations of potential attack scenarios, starting from the main goal and branching out into various subgoals and attack paths. Here's an attack tree for the disclosure of proprietary secrets in the given scenario:
-
Root Node: Disclosure of proprietary secrets.
-
Physical Attacks: a. Subgoal: Unauthorized physical access to headquarters.
- Attack Path: Climb over the perimeter fence.
- Attack Path: Breach the guarded front gate.
- Attack Path: Exploit vulnerabilities in the physical security system (e.g., disable security cameras, bypass alarms). b. Subgoal: Unauthorized physical access to the network services building.
- Attack Path: Gain access through unauthorized entry points (e.g., windows, back doors).
- Attack Path: Exploit vulnerabilities in physical security controls (e.g., manipulate or bribe the security guards). c. Subgoal: Steal physical assets (e.g., documents, hardware) containing proprietary secrets.
- Attack Path: Break into headquarters or the network services building.
- Attack Path: Conduct covert surveillance to identify and exploit weak points in physical security.
-
Social Engineering Attacks: a. Subgoal: Obtain sensitive information through social engineering.
- Attack Path: Phishing attacks targeting employees for login credentials or proprietary information.
- Attack Path: Impersonate authorized personnel to gain access to sensitive areas or information. b. Subgoal: Manipulate employees to disclose proprietary secrets.
- Attack Path: Exploit employees' lack of security awareness through social engineering techniques.
- Attack Path: Coerce employees through blackmail, bribery, or other forms of manipulation.
-
Technical Attacks: a. Subgoal: Exploit vulnerabilities in the network infrastructure.
- Attack Path: Launch network-based attacks (e.g., denial of service, man-in-the-middle) to gain unauthorized access or disrupt services.
- Attack Path: Exploit vulnerabilities in network devices (e.g., routers, switches) to gain access to sensitive data. b. Subgoal: Exploit weaknesses in the firewall protecting the Web server.
- Attack Path: Bypass the firewall through misconfigurations or vulnerabilities.
- Attack Path: Launch targeted attacks (e.g., SQL injection, cross-site scripting) to gain unauthorized access to the Web server. c. Subgoal: Exploit vulnerabilities in the server accessed by dial-up users.
- Attack Path: Discover and exploit vulnerabilities in the server software.
- Attack Path: Intercept dial-up connections to gain unauthorized access.