Home
FT
STOP-IT Quantity FT
STOP-IT Water Quality FT
Import
List
SP Wizard
Risknought
Lists
Measures
Events
Tools
ST Procedures
Search
Login
Measure: MalwareProtectionGuidelines
Description
Implementation of guidelines for a correct behaviour to protect the IT systems from malware. Thus all employees know how to handle hard- and software to ensure a secure IT environment. The aim is to prevent any damages resulting from the malware and to ensure the integrity, authenticity and confidentiality of all data and assets in the IT infrastructure.
Comments
The guidelines should define the handling of potentially harmful soft- and hardware. It should e.g. be defined when and which storage devices may be connected to the IT infrastructure, how annexes of e-mails have to be handled and how executable files have to be treated.
Event source types
External attacker
Internal attacker
Human fault
Natural phenomena
Event type
Manipulation
Risk reduction mechanism
Frequency/Likelihood
Threat Types
Cyber
Physical
Cyber-Physical
Action characteristics
Proactive
Measure types
Control System
Action and Crisis Management Plans and Training
event_ measures
Event-Measure: 98151
Event-Measure: 98222
Event-Measure: 98321
Event-Measure: 98394
Event-Measure: 98462
Event-Measure: 98471
Event-Measure: 98578
Event-Measure: 98772
Event-Measure: 98800
Event-Measure: 98992
Event-Measure: 98998
Event-Measure: 99109
Event-Measure: 99227
Event-Measure: 99329
Event-Measure: 99441
Event-Measure: 99530
Event-Measure: 99560
Event-Measure: 99710
Event-Measure: 99761
Event-Measure: 99802
Event-Measure: 99881
Event-Measure: 100011
Event-Measure: 100075
Event-Measure: 100120
Event-Measure: 100145
Event-Measure: 100254
Event-Measure: 100267
Event-Measure: 100291
Event-Measure: 100439
Event-Measure: 100454
Event-Measure: 100522
Event-Measure: 100537
Event-Measure: 100636
Event-Measure: 100644
Event-Measure: 100660
Event-Measure: 100774
Event-Measure: 100782
Event-Measure: 100803
Event-Measure: 100836
Event-Measure: 100961
Event-Measure: 101011
Event-Measure: 101090
Event-Measure: 101281
Event-Measure: 101346
Event-Measure: 101369
Event-Measure: 101566
Event-Measure: 101622
Event-Measure: 101676
Event-Measure: 101739
Event-Measure: 101870
Event-Measure: 101913
Event-Measure: 101932
Event-Measure: 101940
Event-Measure: 102109
Event-Measure: 102145
Event-Measure: 102215
Event-Measure: 102460
Event-Measure: 102471
Event-Measure: 102496
Event-Measure: 102608
Event-Measure: 102674
Event-Measure: 102715
Event-Measure: 102777
Event-Measure: 102847
Event-Measure: 103020
Event-Measure: 103778
Event-Measure: 103894
Event-Measure: 103925
Event-Measure: 104015
Event-Measure: 104064
Event Consequences
Quantity
Quality
Financial
Reputation
Asset types
Drinking Water Network
Drinking Water Tanks
Pressure Boosting Station
Water Abstraction Points
Water Treatment Plants
Events
Basic Event 213 - Internal person silently takes over WTP SCADA control
Basic Event 235 - External person in situ manipulates WDN tank level sensor
Basic Event 65 - DoS attack to dosing system PLC
Basic Event 215 - Man-in-the-Middle attack manipulates WTP control signals
Basic Event 237 - Malware alters PLC statements that control WDN tank refill
Gate 239 - Mislead PLC controlled WDN tank refill process
Gate 219 - Staff controlled hydraulic processes run without WTP data
Basic Event 236 - Man-in-the-Middle attack manipulates WDN tank level sensor signals
Basic Event 156 - Man-in-the-Middle attack manipulates abstraction point quality sensors
Basic Event 275 - Malware alters WDN control statements
Basic Event 238 - External person in situ manipulates WDN tank transmission system
Gate 220 - Staff or PLC controlled hydraulic processes run on altered WTP data
Basic Event 277 - Malware tampers network topology characteristics on prediction models (e.g. tank volume curve)
Basic Event 157 - Man-in-the-Middle attack manipulates WDN quality sensor readings
Gate 111 - Insufficient disinfection due to loss of WTP control
Basic Event 276 - SQL injection to data used for demand prediction
Basic Event 62 - Internal person silently takes over SCADA control
Basic Event 151 - External person physicaly manipulates tank quality sensor readings
Basic Event 194 - External person manipulates transmission wires of wells
Basic Event 171 - Human error in operating/using surface water management system
Basic Event 61 - External person breaks in to WTP and takes over SCADA undetected
Basic Event 264 - Malware alters PLC statements that control valve
Basic Event 219 - DoS attack to WTP process system PLC
Basic Event 63 - Undetected SCADA hijacking software takes control of WTP operation
Basic Event 178 - Internal person silently takes over reservoir SCADA control
Basic Event 152 - Man-in-the-Middle attack manipulates quality sensor signals
Basic Event 167 - External person physically manipulates surface water system sensor readings
Basic Event 195 - External person manipulates data transmission system of wells
Basic Event 186 - Quality sensor transmission wires of observation wells manipulated
Gate 176 - Staff controlled processes run without WTP data
Basic Event 197 - External person physically manipulates well sensor signal
Basic Event 265 - Man-in-the-Middle attack manipulates WDN valve sensor signals
Basic Event 64 - Man-in-the-Middle attack manipulates WTP control signals
Gate 260 - WDN control system manipulated
Basic Event 179 - Man-in-the-Middle attack manipulates reservoir control signals
Basic Event 267 - Man-in-the-Middle attack manipulates WDN valve control signals
Basic Event 152 - Man-in-the-Middle attack manipulates quality sensor signals
Basic Event 168 - External person physically manipulates surface water system sensor readings
Basic Event 196 - Man-in-the-Middle attack manipulates well sensor signal
Basic Event 211 - External attacker manipulates WTP transmission devices
Gate 177 - Staff or PLC controlled processes run on altered WTP data
Basic Event 198 - External person breaks in to well control area and takes over SCADA
Basic Event 251 - External person in situ manipulates PBS transmission devices
Basic Event 151 - External person physicaly manipulates tank quality sensor readings
Basic Event 49 - Internal person physically manipulates WTP sensor readings
Basic Event 187 - External person physically manipulates groundwater quality sensor readings
Basic Event 199 - Internal person silently takes over abstraction well SCADA control
Basic Event 48 - External person physically manipulates WTP sensor readings
Gate 186 - Quality verification process runs on altered WTP data
Basic Event 201 - Malware performs DoS attack on abstraction well PLCs
Basic Event 50 - Man-in-the-Middle attack manipulates WTP sensor signal
Basic Event 169 - Man-in-the-Middle attack manipulates surface water system sensor signal
Basic Event 240 - Upadate of OS causes false positive alarms from Event Detection System
Basic Event 188 - Internal person physically manipulates groundwater quality sensor readings
Basic Event 153 - External attacker manipulates WTP transmission devices
Basic Event 227 - Fake news about contamination in WTP using manipulated water company public communication
Basic Event 210 - Man-in-the-Middle attack manipulates WTP sensor signal
Basic Event 51 - Internal cyber manipulation of WTP sensor signal
Basic Event 170 - External attacker manipulates surface water system transmission devices
Basic Event 252 - Man-in-the-Middle attack manipulates WDN PBS sensor signals
Basic Event 189 - Man-in-the-Middle attack manipulates groundwater quality sensor signal
Basic Event 155 - External person physicaly manipulates abstraction point quality sensor readings
Basic Event 209 - External person physically manipulates WTP sensor readings
Basic Event 261 - Undetected SCADA hijacking software takes control of PBS operation
Basic Event 218 - Accidental errors by authorized user while maintaining information system
Basic Event 214 - Undetected SCADA hijacking software takes control of WTP operation
Gate 193 - Surface water management system functions on altered data
Basic Event 250 - Malware alters PLC statements that control pump
Basic Event 177 - External person breaks in to reservoir control area taking over SCADA
Gate 113 - Lower efficiency of WTP disinfectant undetected
Specific Assets
Control Center
Control System
Media Channels
Sensor
Server
Transferred Information
Transmission Devices
Measure ID
M55
Name
MalwareProtectionGuidelines
Risk reduction mechanism
Frequency/Likelihood
Action characteristics
Proactive