User
Purpose
The User object is representing a legitimate user in the environment.
Connections
Identity
User objects can be connected to Identity objects to define which identities a user has access to and is permitted to use. This is the way users interact with assets in the model.
Users are permitted to use identities which is the way they interact with assets in the model.
Properties
AttackSteps
| Attack step name | Attack step purpose |
|---|---|
| AttemptDeliverMaliciousRemovableMedia | Prerequisite to DeliverMaliciousRemovableMedia. |
| AttemptSocialEngineering | Attempting to convince the user to do UnsafeUserActivity. |
| CredentialTheft | Stealing passwords and similar credentials. |
| DeliverMaliciousRemovableMedia | The attacker operation of delivering for instance a USB drive to a location accessible to the target user. |
| PasswordReuseCompromise | If a user has multiple identities and the user-defense NoPasswordReuse is not enabled, chances are that the same credentials will unlock multiple identities. |
| PhishUser | Convincing the user to do UnsafeUserActivity. |
| UnsafeUserActivity | Making the user execute malware or do similar operations on behalf of the attacker. |
Defenses
| Defense name | Defense purpose |
|---|---|
| NoPasswordReuse | The user is expected to use unique passwords to all identities. |
| SecurityAwareness | Lowers the probability of succeeding with UnsafeUserActivity (i.e. succeeding with the prerequisite attempt-operations related to UnsafeUserActivity). |
Updated about 1 year ago