As technology advances, so do the dangers. Cyber ecosystems face an exponentially rising number of threats every day, which has led threat modelling from being an interesting concept in theory to the real-time standard of information security.
Threats can come both from within the organisation and from outside. To mitigate these threats and stop unwanted parties from exploiting data, cybersecurity and threat analysts apply threat modelling processes, particularly the STRIDE threat method, to ensure their defences are up.
What is Threat Modelling?
Threat modelling involves identifying, quantifying and addressing security risks associated with IT systems. It is a defined process which IT professionals and threat analysts use to detect security vulnerabilities and potential threats, measure the magnitude of these potent attacks and put methods into action to protect against these attacks.
From a distance, all threat modelling processes promise security and protection from threats. However, in real-life situations, threat modelling methodologies differ from one another in terms of quality, consistency and value received for the resources invested. Some of the common threat modelling methodologies are the OCTAVE methodology, Trike threat modelling, PASTA threat modelling, and the STRIDE methodology. As we focus on the STRIDE methodology today, we’ll focus on its details, uses, and what differentiates it from the other methodologies.
What is the STRIDE Methodology?
Microsoft’s STRIDE methodology aims to ensure that an application meets the security requirements of Confidentiality, Integrity, and Availability (CIA), besides Authorisation, Authentication, and Non-Repudiation. In the cybersecurity process, first, security subject experts construct a diagram-based data flow threat diagram. After that, the system engineers and/ or other subject matter experts check the application using the STRIDE methodology.
STRIDE is an acronym. It stands for
4. Information disclosure
5. Denial of service (DoS)
6. Elevation of privilege
Spoofing is another way of saying ‘impersonating’. In a spoofing attack, the attacker impersonates another person or system without any intimation, violating authentication. Your average spoofing attack uses the weaker authentication markers like passwords that are easy to guess (date of birth, surname, username etc) or simple 4-digit passwords.
While spoofing a process, the attacker builds dependency by creating a fake file. While spoofing a machine, attackers use ARP spoofing, DNS spoofing, IP spoofing or DNS compromise.
Tampering is when the attacker modifies something on memory, disk, or network. This is a violation of integrity. Only authorised users should be allowed access to restricted data or information meant for a select organisation or individuals. If there is data that is restricted, it is for a purpose, whether it’s confidentiality or something else. Any unauthorised access can make modifications to the data or steal from it, which can have serious consequences for the entire organisation.
Repudiation means denying an idea or proposal, claiming you weren’t involved in an illegal deal, which makes it impossible to link an action back to you. Attackers always want to remain hidden, so they hide their wrongdoings discreetly to avoid being caught.
They may claim that they didn’t do what they are being accused of. They may claim to be victims of fraud or even modify or add to the data that runs through the network to confuse security.
This means revealing information that was meant to be hidden, which violates confidentiality. This is one of the main reasons for data breaches. Hackers tend to do one or more of the following:
1. Taking advantage of bad database permissions
2. Access files protected by obscurity
3. Swap files or retrieve data from temp files
4. Locate crypto keys on file or memory
5. Access or boot devices in a new OS
Denial of Service (DoS)
All organisations have dedicated systems that perform dedicated functions. For example a terminal at a bank. Perpetrators prevent authorised users from entering their system, which violates availability. This stops the business’ operations and disrupts workflow, and is used to blackmail the organisation or get them to pay money in exchange for normalisation of the workflow.
DoS is carried out against a process, or store or data flow. The attacker ends up exhausting the system resources by slowing down the system or using all existing ‘Enter Password’ attempts.
Elevation of Privilege
By allowing an unauthorised person within or outside a network access to a restricted file or virtual location, hackers carry out an elevation of privilege. This is a violation of authorisation. Attackers spoof users with more access than they should have, authorising them to take risky or harmful actions.
This article has already been published on https://www.koenig-solutions.com/blog/stride-methodology-in-threat-modelling.