Security awareness

[andrewbwm]

Introduce attack steps that represent the User engaging in unsafe actions on the Applications it has access to via its Identities.

There are two different aspects which can lead to this dangerous behaviour:

• Unforced unsafe user action, which is due to inadequate security awareness of the user, and not due to any efforts of the attacker. This represents the user exposing applications to malicious code through their regular activity.
• Forced unsafe user activity, where the attacker sets out, typically through social engineering, to fool the user into performing unsafe actions.

The resulting unsafe user behaviour can be used to trigger SoftwareVulnerabilities that require user interaction.

The SecurityAwareness defence on the User asset reduces both forced and unforced unsafe user activity.

[andrewbwm]

The current distributions on the attack steps representing the unsafe actions have been chosen arbitrarily, they should be replaced with more scientifically grounded values.

[andrewbwm]

Due to the way the Bernoulli distribution works in securiCAD and the fact that SecurityAwareness protects against both forced and unforced user activity the likelihood of unsafe user action is capped by the SecurityAwareness value. It would be useful to have the resulting attack step, from combining the impact of forced and unforced unsafe user actions, to have a higher likelihood of succeeding and not just reach the capped value more quickly.

[andrewbwm]

The unforcedUnsafeUserActivity attack step introduces a way to trigger attack steps on the Application asset without any Attacker activity. While this is not problematic it does slightly challenge the existing design philosophy of coreLang.