Have FullAccess on an Application spread UnsafeUserActivity to other Hardware systems via a User that has physical access to them.
This is made to represent the concept that malware worms can spread themselves to other Hardware systems via removable media. Because this uses the existing DeliverMaliciousRemovableMedia attack step on the User the malware does not trivially spread to the other machines that the User has access to, which is likely to be apt given that it is unreliable in practice to wait for Users to connect removable drives to specific systems.
The NoRemovableMediaUsage defence has been introduced on the User too, and is enabled by default, in order to only conditionally enable this behaviour if the modeller is interested in it for their specific scenario. This defence also restricts the existing DeliverMaliciousRemovableMedia attack step on the User since it relied on removable media usage too and both initial and subsequent spread via removable media use the same attack logic.
If the specific scenario involves reliable transmission via media drives the Dependence association introduced in #86 can be used.
Have
FullAccess
on anApplication
spreadUnsafeUserActivity
to otherHardware
systems via aUser
that has physical access to them.This is made to represent the concept that malware worms can spread themselves to other
Hardware
systems via removable media. Because this uses the existingDeliverMaliciousRemovableMedia
attack step on theUser
the malware does not trivially spread to the other machines that theUser
has access to, which is likely to be apt given that it is unreliable in practice to wait forUsers
to connect removable drives to specific systems.The
NoRemovableMediaUsage
defence has been introduced on theUser
too, and is enabled by default, in order to only conditionally enable this behaviour if the modeller is interested in it for their specific scenario. This defence also restricts the existingDeliverMaliciousRemovableMedia
attack step on theUser
since it relied on removable media usage too and both initial and subsequent spread via removable media use the same attack logic.If the specific scenario involves reliable transmission via media drives the
Dependence
association introduced in #86 can be used.