Threat H.J.GH.7

URI: H.J.GH.7

Description: Malware inserts remote access back door in infected device Host: the malware infecting device Host exploits a vulnerability to insert a means for the attacker to remotely access admin privileges on Host.

Threat Type: Primary Threat

Matching Pattern:

MP-GH

Finds a General Host (i.e. a host that can run arbitrary processes).

(empty)

TrojanInsertion at Role_Host

CSG-SuspendInfectedHost

Device Host may be temporarily disabled by its manager HostManager to prevent it being exploited should it become infected by malware. This strategy represents a contingency plan, which can be used to reduce risk from some threats but it may triggers other threats representing possible side effects, depending on how likely it is that the contingency plan will need to be activated.

CSG-SuspendInfectedHost-Implementation-Runtime

Device Host has been disabled by its manager HostManager to prevent it being exploited after being infected by malware. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. To activate it at runtime, signal user HostManager who is responsible for managing the device. The Disabled Host control should be deselected only when the host has been restarted.

Threat H.J.GH.7

MP-GH

Triggered by Threat (0)

Triggers Secondary Threats (0)

Triggered By Control Strategy (0)

Misbehaviour Sets (1)

Control Strategies (2)