Malicious Activity

From GM-RKB

Jump to navigation Jump to search

A Malicious Activity is an activity that is deliberately performed to cause harm, damage, or unauthorized access to systems, data, or resources.

AKA: Malicious Act, Harmful Activity, Malevolent Action.
Context:
- It can typically target Computer Systems through cyberattack methods.
- It can typically compromise Data Assets through unauthorized access techniques.
- It can typically disrupt Service Operations through denial-of-service attacks.
- It can typically exploit System Vulnerabilities through exploitation techniques.
- It can typically bypass Security Controls through circumvention methods.
- ...
- It can often involve Threat Actors with malicious intent.
- It can often utilize Attack Vectors for system penetration.
- It can often employ Social Engineering Techniques for human manipulation.
- It can often leverage Malware Tools for automated attacks.
- ...
- It can range from being a Simple Malicious Activity to being a Sophisticated Malicious Activity, depending on its attack complexity.
- It can range from being an Opportunistic Malicious Activity to being a Targeted Malicious Activity, depending on its victim selection strategy.
- It can range from being a Low-Impact Malicious Activity to being a High-Impact Malicious Activity, depending on its damage potential.
- ...
- It can be detected by Intrusion Detection Systems through anomaly detection.
- It can be prevented by Security Systems through access control mechanisms.
- It can be analyzed by Security Analysts through threat investigation.
- It can be documented in Security Incident Reports for forensic analysis.
- ...
Examples:
- Cyber Malicious Activities, such as:
  - Network-Based Malicious Activities, such as:
  - Application-Based Malicious Activities, such as:
- Physical Malicious Activities, such as:
  - Unauthorized Access Activities, such as:
    - Facility Breach for physical intrusion.
    - Lock Picking Activity for unauthorized entry.
    - Tailgating Attack for access control bypass.
  - Sabotage Activities, such as:
    - Equipment Tampering for operational disruption.
    - Cable Cutting Activity for communication disruption.
    - Component Theft for asset removal.
- Social Engineering Malicious Activities, such as:
  - Phishing Attacks, such as:
  - Pretexting Activities, such as:
- ...
Counter-Examples:
- Security Testing Activities, which are authorized assessments rather than malicious actions.
- Accidental Security Incidents, which lack malicious intent despite causing security impact.
- Penetration Testing Activities, which are legitimate security evaluations with proper authorization.
See: Security Attack, Threat Actor, Security Incident, Cybercrime, Intrusion Prevention System, Security System.

Retrieved from "http://www.gabormelli.com/RKB/index.php?title=Malicious_Activity&oldid=947645"