1 non-adversarial threat sources
1.1.1.1.1 10 -- sweeping, involving almost all of the cyber resources of the DNS
1.1.1.1.2 8 -- extensive, involving most of the cyber resources of the DNS
1.1.1.1.3 5 --wide-ranging, involving a significant portion of the cyber resources of the DNS
1.1.1.1.4 3 --limited, involving some of the cyber resources of the DNS
1.1.1.1.5 1 -- minimal, involving few if any of the cyber resources of the DNS
1.1.1.1.6.1 Nature of impact
1.1.1.1.6.1.1.1 Undermine confidence
1.1.1.1.6.1.1.1.1 in the companies
1.1.1.1.6.1.1.1.2 in the infrastructure itself
1.1.1.1.6.1.3 Action: Figure out where this fits in the methodology
1.1.1.1.6.1.3.1 This doesn't belong in the threat tree, it belongs to every threat we identify -- include in the summary materials
1.1.1.1.6.1.3.2 Olivier -- I did not suggest to evaluate it at every branch -- i just wanted to put on the record that perception would play a big role even though technical impact might be small
1.1.1.1.6.2 Not *everybody* in these categories will be affected but the impact is substantial for those who are
1.1.1.1.6.2.1 In cases of wide-ranging effects there are pockets of non-impact -- but a large majority will be effected
1.1.1.1.6.2.2 In cases of limited effects there are pockets of impact -- but a large majority will not be effected
1.1.1.1.6.2.3 Our focus as a WG is on wide-ranging effects on "The DNS" as a whole, rather than narrower events (which still have severe impact on those who are affected)
1.1.1.1.6.3 Who is impacted
1.1.1.1.6.3.1 Individuals
1.1.1.1.6.3.3 Organizations
1.1.1.1.6.3.4 Governments
1.1.1.1.6.3.5 Machines/Devices
1.1.1.1.6.3.7 Providers of "The DNS"
1.1.1.2.1 10 -- Confirmed
1.1.1.2.3 5 -- Anticipated
1.1.1.2.6 0 -- N/A -- Not currently applicable
1.2 Threat source - configuration errors by privileged users
1.2.1 "Major" zone file (COM/NET/UK/DE/Etc.)
1.2.1.1.1 10 -- sweeping, involving almost all of the cyber resources of the DNS
1.2.1.1.2 8 -- extensive, involving most of the cyber resources of the DNS
1.2.1.1.3 5 --wide-ranging, involving a significant portion of the cyber resources of the DNS
1.2.1.1.4 3 --limited, involving some of the cyber resources of the DNS
1.2.1.1.5 1 -- minimal, involving few if any of the cyber resources of the DNS
1.2.1.2.1 10 -- Confirmed
1.2.1.2.3 5 -- Anticipated
1.2.1.2.6 0 -- N/A -- Not currently applicable
1.2.2 "Lesser" zone file (that is not outsourced to a major provider)
1.2.2.1.1 10 -- sweeping, involving almost all of the cyber resources of the DNS
1.2.2.1.2 8 -- extensive, involving most of the cyber resources of the DNS
1.2.2.1.3 5 --wide-ranging, involving a significant portion of the cyber resources of the DNS
1.2.2.1.4 3 --limited, involving some of the cyber resources of the DNS
1.2.2.1.5 1 -- minimal, involving few if any of the cyber resources of the DNS
1.2.2.2.1 10 -- Confirmed
1.2.2.2.3 5 -- Anticipated
1.2.2.2.6 0 -- N/A -- Not currently applicable
1.2.3 "Major" DNSSEC server (eg??)
1.2.3.1.1 10 -- sweeping, involving almost all of the cyber resources of the DNS
1.2.3.1.2 8 -- extensive, involving most of the cyber resources of the DNS
1.2.3.1.3 5 --wide-ranging, involving a significant portion of the cyber resources of the DNS
1.2.3.1.4 3 --limited, involving some of the cyber resources of the DNS
1.2.3.1.5 1 -- minimal, involving few if any of the cyber resources of the DNS
1.2.3.2 Relevance to the organization
1.2.3.2.1 10 -- Confirmed -- Seen by the organization
1.2.3.2.1.1 Seen by the organization
1.2.3.2.2 8 -- Expected -- Seen by the organization's peers or partners
1.2.3.2.3 5 -- Anticipated -- Reported by a trusted source
1.2.3.2.4 3 -- Predicted -- Predicted by a trusted source
1.2.3.2.5 1 -- Possible -- Described by a somewhat credible source
1.2.3.2.6 0 -- N/A -- Not currently applicable
1.2.4.1.1 10 -- sweeping, involving almost all of the cyber resources of the DNS
1.2.4.1.2 8 -- extensive, involving most of the cyber resources of the DNS
1.2.4.1.3 5 --wide-ranging, involving a significant portion of the cyber resources of the DNS
1.2.4.1.4 3 --limited, involving some of the cyber resources of the DNS
1.2.4.1.5 1 -- minimal, involving few if any of the cyber resources of the DNS
1.2.4.2 Relevance to the organization
1.2.4.2.1 10 -- Confirmed -- Seen by the organization
1.2.4.2.1.1 Seen by the organization
1.2.4.2.2 8 -- Expected -- Seen by the organization's peers or partners
1.2.4.2.3 5 -- Anticipated -- Reported by a trusted source
1.2.4.2.4 3 -- Predicted -- Predicted by a trusted source
1.2.4.2.5 1 -- Possible -- Described by a somewhat credible source
1.2.4.2.6 0 -- N/A -- Not currently applicable
1.3 Threat source - business failure of key provider
1.4 Threat source - nation state -- interventions with accidental or unintended consequences -- tentative disposition, remove
1.5 Threat source - key hardware failure (storage, processing, network
1.6 key networking or operating-system software failure
1.7 Threat source - mission-specific software failure (WHOIS, EPP/RPP/billing)
1.8 Threat source - root scaling impacts
1.9 Threat source - natural disaster
1.10 Threat source - widespread telecommunications infrastructure failure
1.11 Threat source - widespread power infrastructure failure
2 adversarial threat sources
2.1 adversarial threat source
2.1.1.6 Relevance to the organization