Information Security Threat Catalog
by Lawrence Pingree
1. Software malfunction or failure
2. Social Engineering
3. Process malfunction such as documentation is not available to those who need it
4. Volcanoe
5. Electro-magnetic or radiation phenomenon
6. Eavesdropping
7. Physical
7.1. Eavesdropping
7.2. Abuse of privilege
7.3. Lightning
7.3.1. Earthquake
7.3.1.1. Tsunami
7.4. Logical
7.4.1. Social Engineering
7.4.2. Malicious Unauthorized Logical Access
7.4.2.1. Violation such as sharing account and password or bypassing procedures
7.4.3. Malware such as virus, worm or trojan
7.4.4. Abuse of privilege
7.5. Fraud or Forgery
8. Hardware malfunction or failure such as telecom equipment or utilities
9. Vandalism of equipment or media
9.1. Vandalism of equipment or media
10. Equipment loss
11. Accident such as car or plane crash involving key personnel, facilities, equipment or media
12. Single Source
13. Meteorological phenomenon
13.1. Hurricane
13.2. Tornado
13.3. Rain
13.4. Sleet
13.5. Flood
14. Water Spout
15. Epidemic/Pandemic
16. Malicious Activity
17. Malfunction
18. Human Error
18.1. Power Outage
18.2. Fraud or Forgery
18.2.1. Miscommunication such as lack of documentation or documentation error
19. Environmental
19.1. Fire
19.2. Water-related phenomenon such as plumbing leak or flood
19.3. Extreme temperature and/or humidity
19.3.1. Environmental contamination such as dust, pollution or corrosives