Consequences Library
Reusable consequence definitions (effects on the right side of bow-tie diagrams).
Add Consequence
Tags:
36 consequences — page 1 of 1
| Name | Category | Tags | Description | |
|---|---|---|---|---|
| Supply Chain Disruption | Business Impact | Inability to process purchase orders, goods receipts, or invoices causes supplier and customer deliv… | Edit | |
| Loss or Corruption of Business Data | Data Impact | Financial records, inventory data, and transactional history are encrypted or destroyed, threatening… | Edit | |
| Account Access Removal | Impact | Adversaries may interrupt availability of system and network resources by inhibiting access to accou… | Edit | |
| Data Destruction | Impact | Adversaries may destroy data and files on specific systems or in large numbers on a network to inter… | Edit | |
| Data Destruction: Lifecycle-Triggered Deletion | Impact | Adversaries may modify the lifecycle policies of a cloud storage bucket to destroy all objects store… | Edit | |
| Data Encrypted for Impact | Impact | Adversaries may encrypt data on target systems or on large numbers of systems in a network to interr… | Edit | |
| Data Manipulation | Impact | Adversaries may insert, delete, or manipulate data in order to influence external outcomes or hide a… | Edit | |
| Data Manipulation: Runtime Data Manipulation | Impact | Adversaries may modify systems in order to manipulate the data as it is accessed and displayed to an… | Edit | |
| Data Manipulation: Stored Data Manipulation | Impact | Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes o… | Edit | |
| Data Manipulation: Transmitted Data Manipulation | Impact | Adversaries may alter data en route to storage or other systems in order to manipulate external outc… | Edit | |
| Defacement | Impact | Adversaries may modify visual content available internally or externally to an enterprise network, t… | Edit | |
| Defacement: External Defacement | Impact | An adversary may deface systems external to an organization in an attempt to deliver messaging, inti… | Edit | |
| Defacement: Internal Defacement | Impact | An adversary may deface systems internal to an organization in an attempt to intimidate or mislead u… | Edit | |
| Disk Wipe | Impact | Adversaries may wipe or corrupt raw disk data on specific systems or in large numbers in a network t… | Edit | |
| Disk Wipe: Disk Content Wipe | Impact | Adversaries may erase the contents of storage devices on specific systems or in large numbers in a n… | Edit | |
| Disk Wipe: Disk Structure Wipe | Impact | Adversaries may corrupt or wipe the disk data structures on a hard drive necessary to boot a system;… | Edit | |
| Email Bombing | Impact | Adversaries may flood targeted email addresses with an overwhelming volume of messages. This may bur… | Edit | |
| Endpoint Denial of Service | Impact | Adversaries may perform Endpoint Denial of Service (DoS) attacks to degrade or block the availabilit… | Edit | |
| Endpoint Denial of Service: Application Exhaustion Flood | Impact | Adversaries may target resource intensive features of applications to cause a denial of service (DoS… | Edit | |
| Endpoint Denial of Service: Application or System Exploitation | Impact | Adversaries may exploit software vulnerabilities that can cause an application or system to crash an… | Edit | |
| Endpoint Denial of Service: OS Exhaustion Flood | Impact | Adversaries may launch a denial of service (DoS) attack targeting an endpoint's operating system (OS… | Edit | |
| Endpoint Denial of Service: Service Exhaustion Flood | Impact | Adversaries may target the different network services provided by systems to conduct a denial of ser… | Edit | |
| Financial Theft | Impact | Adversaries may steal monetary resources from targets through extortion, social engineering, technic… | Edit | |
| Firmware Corruption | Impact | Adversaries may overwrite or corrupt the flash memory contents of system BIOS or other firmware in d… | Edit | |
| Inhibit System Recovery | Impact | Adversaries may delete or remove built-in data and turn off services designed to aid in the recovery… | Edit | |
| Network Denial of Service | Impact | Adversaries may perform Network Denial of Service (DoS) attacks to degrade or block the availability… | Edit | |
| Network Denial of Service: Direct Network Flood | Impact | Adversaries may attempt to cause a denial of service (DoS) by directly sending a high-volume of netw… | Edit | |
| Network Denial of Service: Reflection Amplification | Impact | Adversaries may attempt to cause a denial of service (DoS) by reflecting a high-volume of network tr… | Edit | |
| Resource Hijacking | Impact | Adversaries may leverage the resources of co-opted systems to complete resource-intensive tasks, whi… | Edit | |
| Resource Hijacking: Bandwidth Hijacking | Impact | Adversaries may leverage the network bandwidth resources of co-opted systems to complete resource-in… | Edit | |
| Resource Hijacking: Cloud Service Hijacking | Impact | Adversaries may leverage compromised software-as-a-service (SaaS) applications to complete resource-… | Edit | |
| Resource Hijacking: Compute Hijacking | Impact | Adversaries may leverage the compute resources of co-opted systems to complete resource-intensive ta… | Edit | |
| Resource Hijacking: SMS Pumping | Impact | Adversaries may leverage messaging services for SMS pumping, which may impact system and/or hosted s… | Edit | |
| Service Stop | Impact | Adversaries may stop or disable services on a system to render those services unavailable to legitim… | Edit | |
| System Shutdown/Reboot | Impact | Adversaries may shutdown/reboot systems to interrupt access to, or aid in the destruction of, those … | Edit | |
| ERP System Unavailability | Operational Impact | Core business processes (finance, procurement, logistics) are halted while encrypted ERP servers are… | Edit |