Cyber Attacks: Classifications & Taxonomies

The purpose of the Cyber Attacks section is to provide a general overview regarding cyber attacks, and to show some pragmatic ways to classify them and organize them via taxonomies.
What is a cyber attack?

Cyber attack: An offensive action by a malicious actor that is intended to undermine the functions of networked computers and their related resources, including unauthorized access, unapproved changes, and malicious destruction. Examples of cyber attacks include Distributed Denial of Service (DDoS) and Man-in-the-Middle (MITM) attacks.

The terms cyber attack, cyber threat, and cyber risk are interrelated as follows. A cyber attack is an offensive action, whereas a cyber threat is the possibility that a particular attack may occur, and the cyber risk associated with the subject threat estimates the probability of potential losses that may result.

For example, a Distributed Denial of Service (DDoS) cyber attack by a botnet is a cyber threat for many enterprises with online retail websites, where the associated cyber risk is a function of lost revenues due to website downtime and the probability that a DDoS cyber attack will occur.
For further information about related cybersecurity terms, check out the Cybersecurity FAQ.
Hence, that general is skillful in attack whose opponent does not know what to defend; and he is skillful in defense whose opponent does not know what to attack. Sun Tzu


Cyber Attack Classification: Coarse Grain

Cyber attacks may be classified by Actor (responsible agent) and Attack Effect Equivalency (comparable consequence) as show in the following table.
Classification
Actor
Attack Effect
Equivalency
Cyber Attack
[generic]
TBD
TBD
Cyber Warfare
[includes Cyber Espionage, Cyber Sabotage]
State
[nation]
war act
Cyber Crime
Non-State
(individual/organization)
criminal act
Cyber Terrorism
Non-State
(individual/organization)
terrorism act
Cyber Attack Classification Organized by Actor & Effect


Cyber Attack Malware Taxonomy

Malware Type
Requires Host File to Infect?
Self-Spreading?
Appears legitimate (harmless)?
Can Carry Harmful Payload?
Can Commo with Command & Control Server?
Can Attack OS Kernel & Firmware?
Virus
N/A
N/A
Worm
N/A
N/A
Trojan
N/A
Bots/Botnet
N/A
N/A
N/A
Spyware
N/A
Rootkit
N/A
N/A
N/A
N/A
Cyber Attack Malware Taxonomy Organized by Orthogonal Features

Cyber Attack Mechanism Taxonomy


Description:
Direct attacks by human actors, ranging from human intelligence (HUMINT) to rogue employees, constitutes the most insidious and potentially largest risks to cybersecurity. See Manning/Snowden incidents.
Targets: Ubiquitous: Large enterprises, Small-Medium Businesses (SMBs), home and mobile computer/phone users.
Countermeasures: Selectively hire virtuous employees and thoroughly train them with proven cyber hygiene best practices so that they become cybersecurity assets rather than liabilities.
Cyber Attacks Organized by Mechanisms


Cyber Attacks - Other Resources

Please contact us regarding any additions or corrections to be made to this page.

CYBERSECURITY FORUM and CyberSecurityForum.com are trademarks of PivotPoint Technology Corporation. All other product and service names mentioned are the trademarks of their respective companies.