Purpose

The User object is representing a legitimate user in the environment.

Connections

Identity

User objects can be connected to Identity objects to define which identities a user has access to and is permitted to use. This is the way users interact with assets in the model.

427427

Users are permitted to use identities which is the way they interact with assets in the model.

Properties

AttackSteps

Attack step name

Attack step purpose

AttemptDeliverMaliciousRemovableMedia

Prerequisite to DeliverMaliciousRemovableMedia.

AttemptSocialEngineering

Attempting to convince the user to do UnsafeUserActivity.

CredentialTheft

Stealing passwords and similar credentials.

DeliverMaliciousRemovableMedia

The attacker operation of delivering for instance a USB drive to a location accessible to the target user.

PasswordReuseCompromise

If a user has multiple identities and the user-defense NoPasswordReuse is not enabled, chances are that the same credentials will unlock multiple identities.

PhishUser

Convincing the user to do UnsafeUserActivity.

UnsafeUserActivity

Making the user execute malware or do similar operations on behalf of the attacker.

Defenses

Defense name

Defense purpose

NoPasswordReuse

The user is expected to use unique passwords to all identities.

SecurityAwareness

Lowers the probability of succeeding with UnsafeUserActivity (i.e. succeeding with the prerequisite attempt-operations related to UnsafeUserActivity).