●Intrusion
“Intrusion” is the process of trespassing into a building or site by using
items such as an ID card that have been found or stolen.
●Trash scouring
“Trash scouring” is the process of masquerading as cleaning staff in order to dig through trash and gather information such as customer information, human resources information, and product development information.
●Peeping
“Peeping” is the act of looking at someone’s keyboard while they are entering a password. It can also mean looking at the computer display of another person over their shoulder, or looking at memos or notes on the desk
of a person while that person is away.
Reference
Information leakage from
operational error
Sometimes important information can
be erroneously leaked by internal employees due to errors in e-mail handling
such as sending e-mail to the wrong recipients or attaching the wrong files.
●Theft, leakage, and loss of information
“Theft” of information refers to the act of intruding on a system without
authorization to remove important and confidential information from within the system. “Loss” of important information can occur if a person removes a notebook used for work from the workplace and misplaces it.
Theft or loss of confidential information can result in its “leakage” to third
parties.
●Damage to data
Damage to data can occur if storage media or hard disks on which data is
stored are damaged, or if important documents are accidentally shredded
to render the data unusable.
●Cracking
“Cracking” is the act of intruding on a system without authorization to
engage in illegal acts such as the destruction or falsification of information.
A person who commits such an act is called a “cracker.”
●Falsification of information
“Falsification of information” is the act of intruding on a system without
authorization in order to rewrite data within a computer using an unauthorized means.
(2)Types and characteristics of technical threats
Technical threats include attacks that are designed to create confusion
among users, or overload an externally accessible server such as a Web
server or mail server so that it stops providing services. The typical threats
are summarized below.
281