The simple guidelines below can be used to create the generic organisational threat profile.

(a) Threats which have occurred before.

(b) Threats which may occur if there is no proactive prevention has been taken.
(c) Threats which may occur even if proactive prevention has been taken.
Threat Group: Force Majeure
Threat Group: T1 - Force Majeure

T1.1 Lightning

T1.2 Fire

T1.3 Water
T1.4 Dust, soiling

T1.5 Inadmissible temperature and humidity

T1.6 Power failure

T1.7 Catastrophes in the environment

T1.8 Loss of personnel

T1.9 Failure of the IT system

T1.10 Failure of the IT system

T1.11 Loss of data due to intensive magnetic fields

T1.12 Problems caused by big public events

T1.13 Storms

T1.14 Drought

T1.15 Earthquake

T1.16 Subsidence and landslides

T1.17 Epidemic

T1.18 Hazardous/ Malicious animal (Vermin)

T1.19 Flash flood

T1.20 Haze

T1.21 Monsoon
T1.22 Tsunami
Lightning

The occurrence of lightning during a thunderstorm is a major threat to a

building and the IT facilities used there. A lightning strike will cause voltage
peaks that are capable of destroying sensitive electronic devices in the power
lines of the building. The closer the lightning strike is, the greater the damage.

Fire

Apart from the direct damage caused by fire to a building or its equipment,
there may be consequential damage, the impact of which can attain
disastrous dimensions, especially for IT systems. For example, damage from
water for fire fighting does not occur only at the direct site of the fire. Such
damage can also be found in lower parts of the building. Fires can be caused
not only by careless handling of combustible material, but also by improper
use of electric devices Technical faults on electrical equipment can also spark
fires.
Factors which help fires to spread are:

a) wedging fire doors open;

b) improper storage of combustible materials;
c) failure to observe relevant standards and laws;
d) absence of fire detection devices;
e) deficient fire prevention.

Water
The uncontrolled flow of water into buildings or rooms may result from:

a) rain, floods, inundation ;

b) disruption of water supply and sewerage systems ;
c) defects in the heating installation ;
d) defects in sprinkler systems ;
e) water used for fire fighting.
Dust, soiling

Despite the pervasiveness of electronics in IT, it still relies on mechanical

components. These include diskettes, hard disks, removable hard disks, disk
drives, printers, scanners etc., plus fans for processors and power supply units.
Even apparently trivial impurities can cause a device to develop a fault. Large
amounts of dust and dirt can be generated, in connection with

a) work on walls, raised floors or other parts of the building,

b) hardware upgrades,

c) unpacking of equipment.

This can cause hardware failures.

Inadmissible temperature and humidity

Every device has a temperature range within which its proper functioning is
ensured. If the room temperature exceeds that range in either direction, the
result may be a discontinuity of service and failure of devices.

In a server room, for instance, the devices accommodated there will consume
electric power and thus heat up the room. If ventilation is insufficient, the
admissible operating temperature of the devices may be exceeded.
Power failure

In most cases of power failure, the power is down for less than a second so
that it can escape notice. However, IT operations can be disrupted even by
failures lasting as little as 10 ms. All infrastructure installations directly or
indirectly dependent on electric power.

Catastrophes in the environment

Problems in the surroundings of a company can lead to a wide range of

problems ranging from operational difficulties to non-productive time. These
can run from technical accidents and collision damage to political unrest,
demonstrations or riots. An organization’s property can be exposed to various
dangers from the environment through traffic (roads, rail, air, and water),
business operations in the neighborhood or residential areas. These could be
caused, by fire, explosions, dust, gases, blocking of access, radiation, or
emissions.
Loss of personnel

Unforeseeable losses of personnel can result from sickness, accidents, death,

or striking. In addition, a loss of personnel has to be taken into account in the
case of regular termination of employment, especially when the period of
notice is shortened due to vacation privileges.

In all these cases, the loss of personnel may lead to the consequence that
crucial IT tasks are no longer performed. This may be particularly critical if the
individual concerned had a key role in the IT task and cannot be replaced by
Failure
anotherofperson,
the IT system
due to the latter's lack of expertise. This may result in
disruption of IT operations.
Failure of a single component in an IT system can cause failure to the entire IT
operation. Such failures are especially likely to occur where faults develop in
components which are central to the IT system, e.g. LAN server. Failure of
components of the technical infrastructure can also trigger an IT system
failure. Technical failure like disruption of power supply should not necessarily
be assumed to be the cause when an IT system fails. Failures are often also
the result of human error. Loss or damage may also be caused by force
majeure. Although in such cases the scale of the damage is likely to be
considerably higher. If any time-critical IT applications are run on an IT system,
the consequential damage following a system failure may be expected to be
extensive unless there are alternatives available.

Failure of the IT system

Failure of a single component in an IT system can cause failure to the entire IT

operation. Such failures are especially likely to occur where faults develop in
components which are central to the IT system, e.g. LAN server. Failure of
components of the technical infrastructure can also trigger an IT system
failure. Technical failure like disruption of power supply should not necessarily
be assumed to be the cause when an IT system fails. Failures are often also
the result of human error. Loss or damage may also be caused by force
majeure. Although in such cases the scale of the damage is likely to be
considerably higher. If any time-critical IT applications are run on an IT system,
the consequential damage following a system failure may be expected to be
extensive unless there are alternatives available.

Loss of data due to intensive magnetic fields

Typical data carriers with a magnetic storage medium include floppy disks,
removable disks, cartridges and tapes. Information is added to them by means
of read/ write heads. Such magnetized data media are sensitive to interfering
magnetic fields, and for this reason they should not be brought into the
vicinity of such radiation. The data loss caused by this radiation depends in
part on its intensity.
Problems caused by big public events

Big events of all kinds can have a disruptive impact on normal business
operations of an agency or company. These include street festivals, concerts,
sporting events, industrial disputes and demonstrations. Rioting in the area of
such events can in addition cause intimidation of staff through to the use of
violence against personnel or the building.

Storms

The effects of a storm or hurricane on external facilities or equipment which

are indirectly necessary for operation of computer center are often
underestimated. External installations can be damaged or uprooted as a
result. Objects that are torn up and flung around by the storm can cause
further consequential damage. Moreover technical components can have
their functionality harmed as a result of storms.

Drought

Droughts are caused through lack of rainfall and can have a devastating affect
on human life, animal life and plant life. These conditions are often seasonal
and some regions of the world are more prone to these extreme conditions.
In Malaysia, extreme drought may happen in Negeri Sembilan. Severe
droughts can cause considerable loss and suffering to life. There can also be
significant affects on businesses that depend on the availability of water for
their products or processes.

Earthquake

Earthquakes are caused by a shifting of the earth’s rock plates beneath its
surface resulting in violent shaking and movement of the earth’s upper
surface. Significant damage to structures can occur including total collapse of
buildings, bridges or other elevated structures. In addition to being trapped in
a collapsing building, of particular danger to life is the possibility of falling
glass or other objects.

Subsidence and landslides

Subsidence and landslides are often caused through a change in the

composition of the earth’s surface. This change can often result from flooding,
where flowing water can create cavernous open areas beneath structures.
Subsidence or landslides can cause structural damage and can also disrupt
transport services and affect traveling conditions.
Epidemic

An epidemic can occur when a contagious illness affects a large number of

persons within a country or region. This can have a devastating short term
impact on business through a large number of persons being absent from
work simultaneously. Certain illnesses can have a longer term effect on the
business where long term illness or death results. An example of this extreme
situation is occurring in certain developing countries where the AIDS virus is
considered to be of epidemic proportions

Hazardous/ Malicious animal (Vermin)

Hazardous/ Malicious Animals can be either the usual pests(e.g. rats,

cockroaches, etc.) or other animals(e.g. squirrels, lizards, etc.) The former
usually exists as a results of dirty, untidy or messy work environment. The
latter may exist as a result of the kind of habitual environment it is born to.
E.g.: lizards can live better in dark and humid spaces or areas. Thus dark store
rooms are a possible space or area which it can find similaruty to its normal
habitat.

Flash flood

A flood that rise and falls quite rapidly with little or no advance warning,
usually as the result of intense rainfall over a relatively small area. Flash floods
can be caused by situations such as a sudden excessive rainfall, the failure of a
dam, etc.

Haze

Fine dry or wet dust or salt particles dispersed through a portion of the
atmosphere. Individually, these are not visible but cumulatively they will
diminish visibility.

Monsoon

The seasonal shift of winds created by the great annual temperature variation
that occurs over large land areas in contrast with associated ocean surfaces.
The monsoon associates primarily with the moisture and copious rains that
arrive with the southwest flow across southern India. The name derived from
the word mausim, Arabic for season. This pattern is most evident on the
southern and eastern sides of Asia.
Tsunami

An ocean wave with a long period that is formed by an underwater

earthquake or landslide, or volcanic eruption. It may travel unnoticed across
the ocean for thousands of miles from its point of origin and builds up to great
heights over shallower water. Also known as a seismic sea wave, and
incorrectly, as a tidal wave.
 Threat
Threat ID
Name
T2.1 Malicious software (Malware)

T2.2 Denial of service (DOS)

T2.3 Loss, destruction, disclosure and

falsification of sensitive
organisational records/
information

T2.4 Theft
T2.5 Misuse of user & administrator
rights

T2.6 Unauthorized access to

information processing facilities
& operating system

T2.7 Unauthorized physical entry into

building/ secure area

T2.8 Misuse of resources

T2.9 Spamming
T2.10 Manipulation & destruction of IT
equipment or accessories

T2.11 Manipulation of data or

software

T2.12 Unauthorized entry into building

T2.13 Vandalism
T2.14 Attack
T2.15 Interception of lines
T2.16 Manipulation of lines
T2.17 Unauthorized use of IT system

T2.18 Abuse of remote maintenance

ports

T2.19 Interception of telephone calls

and data transmissions

T2.20 Eavesdropping of rooms

T2.21 Call charges fraud
T2.22 "Inquisitive" staff members
T2.23 Threat posed by internal staff
during maintenance or
administration work

T2.24 Threat posed by external staff

during maintenance work

T2.25 Systematic trying-out of

passwords

T2.26 Abuse of user rights

T2.27 Misuse of administrator rights

T2.28 Trojan horses

T2.29 Theft in the case of mobile uses
IT systems

T2.30 Computer viruses

T2.31 Replay of messages
T2.32 Masquerade
T2.33 Analysis of message flow
T2.34 Repudiation of a message
T2.35 Unauthorized copying of data
media

T2.36 Unauthorized use of fax

machines

T2.37 Unauthorized viewing of

incoming fax messages

T2.38 Evaluation of residual

information in fax machines

T2.39 Impersonating wrong senders

on fax machines

T2.40 Deliberate reprogramming of

the destination keys on fax
machines
T2.41 Overloading by incoming fax
messages

T2.42 Deliberate overloading of

answering machines

T2.43 Determining access codes

T2.44 Misuse of remote inquiry
T2.45 Infiltrating calculater system via
communication cards

T2.46 Monitoring rooms using

calculaters equipped with
microphones

T2.47 Social engineering

T2.48 Macro viruses
T2.49 Abuse of remote access ports
for management functions of
Private Branch Exchanges

T2.50 Abuse or routing protocols

T2.51 Deliberate misuse of protective
cabinets for reasons of
convenience

T2.52 By-passing systems guidelines

T2.53 Misuse of remote access to

management functions on
routers

T2.54 Misuse of resource via remote IT

systems

T2.55 Manipulation of data or

software in database systems

T2.56 Unauthorized connection of IT

systems to a network

T2.57 Unauthorized execution of

network managements
functions

T2.58 Unauthorized access to active

network components

T2.59 Higher risk of theft from a

working place at home

T2.60 Manipulation by family

members or visitors

T2.61 Loss of confidentiality of

classified information
T2.62 Misuse of email services
T2.63 Impersonation of a sender
T2.64 Manipulation of alias files and
distribution lists

T2.65 Overload due to incoming e-mail

T2.66 Mail bombs

T2.67 Unauthorized monitoring of e-
mails

T2.68 Hoaxes
T2.69 Unauthorized use of a crypto
module

T2.70 Manipulation of a crypto

module

T2.71 Compromising cryptographic

codes

T2.72 Forged certificates

T2.73 Loss of integrity of information
that should be protected

T2.74 Manipulation of management

parameters

T2.75 Misuse of active contents

T2.76 Hijacking of network
connections

T2.77 Manipulation of address books

and distribution lists

T2.78 Misuse of cards

T2.79 Bugging of indoor conversations
over mobile phones

T2.80 Tampering of mobile phones

T2.81 Unauthorized transfer of data
over mobile phones

T2.82 Interception or mobile

telephone calls

T2.83 Analysis of call data relating to

the use of mobile phones

T2.84 Sabotage
Malicious software (Malware)

Malicious code can be divided into two categories: those that need
a host program, and those that are independent. The former are
essentially fragments of programs that cannot exist independently
of some actual program. The latter are self-contained programs
that can be scheduled and run by the operating system. Malicious
code includes trapdoors, logic bombs and Trojan horses.

Denial of service (DOS)

The denial of service prevents or inhibits the normal use or
management of communications facilities. This attack may have a
specific target; for example an entity may suppress all messages
directed to a particular destination. Another form of service denial
is the disruption of an entire network, either by disabling the
network or by overloading it with messages so as to degrade
performance.