Ir para conteúdo

Description  

For a better way of communication between CSIRTs (National and International) it is very important that the CyberSecurity Incident Classification Taxonomy is a shared one and adopted by all.  

The Taxonomy document has been developed together with the Portuguese CSIRT's Network (RNCSIRT) and provides all the information about the adopted Taxonomy.  

The Taxonomy in force is reflected in the following:  

Incident Class Incident Type
Malicious Code
  • Infected System
  • Malware Distribution
  • C2 Server
  • Malware Configuration
Availability
  • Denial of Service
  • Distributed Denial of Service
  • Misconfiguration
  • Sabotage
  • Outage
Information Gathering
  • Scanning
  • Sniffing
  • Social Engineering
Intrusions
  • Privileged Account Compromise
  • Unprivileged Account Compromise
  • Application Compromise
  • Burglary
 Intrusion Attempts
  • Login Attempts
  • Exploitation of Known Vulnerabilities 
  • New Attack Signature
Information Content Security
  • Unauthorised access to information
  • Unauthorised modification of information
  • Data loss
Fraud
  • Unauthorised use of resources
  • Copyright
  • Masquerade
  • Phishing
Abusive Content
  • SPAM
  • Harmful Speech
  • (Child) Sexual Exploitation/Sexual/Violent Content/Racism
Vulnerability
  • Weak Crypto
  • DDoS amplifier
  • Potentially unwanted accessible services
  • Information disclosure
  • Vulnerable system
Other
  • Uncategorised
  • Undetermined
To view the document (only available in portuguese)                                                           Click here

An detailed version is available on website of Portuguese CSIRT's Network (PDF detailed version)
Last updated on 26-09-2022