3. CMPRPATI/699434
CONFIDENTIAL
Introduction
A formal risk assessment was completed to analyse the assessment of Coursework
Assessment Data in relation to the UK Government “HMG Information Assurance
Standard No 1” which has been developed by CESG or better known as IS1. The IS1
was carried out by using the IS1 toolkit in order to adhere to guidelines and follow
procedures for a more effective reasoning of Blackboard and its processes.
Findings
From carrying out the assessment all forms were collated and a model system
designed in Figure 1 and 2. Illustrating information handling processes and in
particular demonstrating where all restricted and non-restricted access points are in
regards for the potential of risks factors and underpinning reasoning and making valid
judgements relating to such risks.
Client
The client Dr Bob Askwith commissioned the risk assessment due to wanting to
further understand the complexities of risk in terms of how and if such an attack was
to happen and if so how and what type of factors would be involved for such an event
to happen.
Instructions for any queries about the system should be communicated through the
blackboard forum i.e. not understanding and requiring information to help with the
final summary of the assessment or help to realise potential solutions where if any
may or may not be required. However, there would need to be sufficient data to move
onto the next stage.
The risk assessment took longer then first thought due to outside influences time cut
short being able to ask the Client added information which may have been vital to the
adding evidence to support the risk assessment. A list of questions had been designed
but where not loaded onto the forum.
From the initial risk assessment it is clear more could be done to protect Blackboard
and all other online systems, arranging a face to face meeting with the client to ask the
questions to be posed would help to clarify in which direction to take the review and
process a secondary risk assessment to see if at all changes to the system had made
any difference to the initial analysis.
For example, changing password policy to increase the amount of times Actors would
be required to change such details, rather than waiting if at all for uses to do it without
being instructed which in some cases would not be updated at all because it’s not a
high priority.
CONFIDENTIAL
4. CMPRPATI/699434
CONFIDENTIAL
LJMU modelling of online information systems and demonstrating the flow of processes:
It is clear that LJMU relies mostly on using hardware, software and applications which are interconnected from the internet to finding out the
latest coursework assignments on blackboard connected via the intranet or use of LJMU web application. This is used as the front interface from
where users are navigated by clicking links and gaining further access using password protected usernames.
CONFIDENTIAL
5. CMPRPATI/699434
CONFIDENTIAL
Blackboard modelling of online information systems and demonstrating the flow of handling assessment
coursework in relation to reliance scope and accreditation scope:
It is clear that Blackboard does truly rely on the processes of the online systems that include hardware, software and applications which are
interconnected from the internet to the intranet which allow students to gain access to vital information about lecturers, found out what grades
they have received when completing exams on blackboard. It is a very useful application when running on full capacity and not offline because
at those times nothing can be accessed nor can you work offline whilst maintenance takes place, possible design flaw but could there be a
solution to such issues?
CONFIDENTIAL
6. CMPRPATI/699434
CONFIDENTIAL
Link References for design modelling:
• Prescientdigital.com,. 'Intranet Governance: Ownership, Management & Policy — Intranet
Design, Intranet Consultant, Social Intranet, Website Planning – Prescient Digital'.
N.p., 2014. Web. 19 Nov. 2014.
• Slideshare.net,. 'THE MCKINSEY 7S MODEL FRAMEWORK FOR E-LEARNING
SYSTEM READINESS ASSES…'. N.p., 2014. Web. 17 Nov. 2014.
Main considerations for risk model for blackboard bullet pointed:
Figure 3. Coursework assessment information:
Teaching and learning material
Assessment guidelines
Final assessment results
Coursework
Other:
Surveys
Tests – policy of university etc
Attendance
Information Messages - Announcements
Actors:
Assessment board
Academic staff
Students / Past students
Blackboard
IT
Student union
Past students
Security staff
Administration department /Finance department
All other Employees
Hackers/crackers
Outsourced companies
Visitors
Educational board
Directors
Other universities
Local community
Government and local authorities
Online information systems:
Blackboard
Student Information System (SIS)
Online payments
Terminal server and citrix server (desktop access from outside university)
Library
Activate/change password
Other systems: LJMU email, Word, Excel, local desktop PCs and various storage devices - Oracle
Internet
Network - Facebook, Twitter, YouTube
Mobile apps
CONFIDENTIAL
7. CMPRPATI/699434
CONFIDENTIAL
Web application
Processes:
Publish documents
Prepares coursework submission
Submits coursework
Assess the work, provide feedback, and collate marks
Feedback
Records all assessment results
Supports decision making for assessment
Definitive record of a student’s progress
Input, edit, store and delete personal information
LJMU and blackboard has many assets which could be become at risk from threats
such as environment, human error and technology. Figure 3.pinpoints the most
relevant processes which could come under risk and from that the risk assessment
valuates the level to which it may be potentially harmful or never even be though
about.
Risk Assessment - IS1
This is the standard to which the risk assessment has been applied to ensuring
conformity which the government uses across all computer systems within the UK. It
assesses and has provided for the suggestion of solutions which relate and encompass
such functionality issues regarding technical risk with confidentiality (C), integrity (I),
and availability (A).
Creating a design model allows for the IS1 assessment to be understood in more
general terms of assets and the flow of resources. Disadvantages are that the
information contain is not secure or protected in anyway but solely is to help assess
the risks in terms of with confidentiality (C), integrity (I), and availability (A).
On completion of the IS1, a further documented report should then be produced and is
known as the IS2 and deals with the management and government accredited systems
and will be completed once the IS1 risk assessment report has been marked and no
issues need addressing.
CONFIDENTIAL
8. CMPRPATI/699434
CONFIDENTIAL
Form 1 Asset List
1.1 1.2 1.3
Asset Identifier Description / Notes
Impact Levels
C I A
1 - Blackboard Plug-in learning environment application which is connected online to the LJMU
website. Functionality handling programme material, coursework is submitted in
conjunction with Turnitin. If application is disconnected for maintenance work then
students can not access their areas leading lack of being to complete work or submit
work. Academic staffs are required to update blackboard for grading and ensure the
right materials are there for students to access 24/7. Passwords and usernames are
weak and policies requiring changing.
5 5 5
2 - Student Info - (SIS) All hardware and software that compromise blackboard and LJMU. It is the
pinnacle point where all information of student’s progress and their assessment
records are stored after grading. Used also for decision making for assessment
boards. The system is also devised by Oracle leaving the door open to those who
have been trained or could be taught the language in order to gain access and locate
relevant information or misuse it. Weakness comes from not everyone knows
oracle and could potentially misuse system accidentally leading to misspelt names
or trying to operate wrong functions i.e. deleting files and inability to retrieve the
record leading to students being wiped from the system worst case student records
copied and unknown person takes their identity for other purposes i.e. fraud.
5 5 5
3 - Online Payment Facilities All hardware and software that allow for user to add credit in order to be able to
print or buy USB’s from the Library. People are able to top up using credit /debit
card. This facility allows for user to top-up for other users on their cards. This is
unsafe and no real protection or verification preventing the other person stealing the
password or card details. The person who gave the details would only find out
when supplied with an email or if checking there bank statement. Off-line facilities:
cash machines are available but could be a potential for the wiser to build a replica
and place round the university leading to students putting money in and not
receiving their credit. Compromise passwords and personal information can be
3 4 5
CONFIDENTIAL
9. CMPRPATI/699434
CONFIDENTIAL
assessed which could give access to other parts of the system like blackboard.
4 - Terminal Server All information hardware and software that compromise blackboard, LJMU and
home networks or other devices depending where login takes place to gain access
to the system to complete work. Terminal server is a secure VPN that gives access
to personal desktop from outside the university but still could be copied and a
mirror image made allowing the skilled to gain access from the comfort of not
coming into contact with the university, once a correct password is identified. If a
device is left on with terminal server connected any one person could take hold of
the device and cause disruption, the user should always log out when not using the
system for better safety of their data and keeping security to maximum capability.
3 4 4
5 - Citrix All information, hardware and software that compromise blackboard, LJMU and
home networks or other devices depending where login takes place to gain access
to the system to complete work. Citrix is similar to Terminal server but is aimed at
the library resources and with fewer applications. It could still be copied and a
mirror image made allowing the skilled to gain access from the comfort of not
coming into contact with the university, once a correct password is identified. If a
device is left on with terminal server connected any one person could take hold of
the device and cause disruption, the user should always log out when not using the
system for better safety of their data and keeping security to maximum capability.
3 4 4
6 - Library All information, hardware and software that hold relevant information, articles,
papers and artefacts which might be of interest depending on the subject matter i.e.
how to hack for dummies could compromise blackboard and LJMU and to the
Internet / Eduroam, if a person was to do more than read but practice such topics.
1 1 1
7 - Internet All information, hardware and software that deal with browsing and other
capabilities which may compromise blackboard, LJMU from outside of LJMU
boundaries.
4 4 4
8 - LJMU Email All information, hardware and software that deal with browsing and other
capabilities which may compromise blackboard, LJMU from outside of LJMU
boundaries. In-house email system for all those who work, teach and learn at
LJMU.
5 3 5
CONFIDENTIAL
10. CMPRPATI/699434
CONFIDENTIAL
9 - Eduroam All information, hardware and software that deal with browsing and other
capabilities which may compromise blackboard, LJMU from inside of LJMU
boundaries and possible connect to outside sources leading to servers and databases
which are connected via internet.
3 3 3
10 - Networks All information hardware and software that comprise blackboard, LJMU and all
other devices connected to the intranet and possible internet and beyond. Password
protected - restricted areas are imposed to stop people from gaining access to
confidential information or the ability to find the solutions to coursework which
puts all systems at risk.
2 2 2
11 - Blackboard Mobile Scaled down version of the plug-in learning environment application which is
connected online to the LJMU website. Allows users to login and learn using
tablets or mobiles and keep up to date with emails and notifications. Is efficient but
if there is no Eduroam or own internet the app becomes redundant this applies to no
battery or if device is stolen or broken.
1 1 1
12 - LJMU Web application All information, hardware and software that deal with the interface, browsing and
other capabilities which may compromise blackboard, LJMU from outside of
LJMU boundaries because all other software apps are linked or connected to this
enabling users to easily navigate through the site. Access is restricted to non-
university people but still can successfully look at some parts by clicking on tabs or
pictures. The web app could be copied and a fake backend database could be setup
to gain essential details to access the proper site. Possibly incorporate watermarks
or unique identifiers that could be changed on an alternate week plan adding
security.
4 4 4
13 - Databases All Information, data packets, hardware and software that could compromise on the
edge and inside of LJMU by users being sent or sending emails of which are not
validated by the University. Spam emails could be opened unsuspectingly by
anyone with little knowledge
5 5 5
14 - Servers All Information, data packets, hardware and software that could compromise on the
edge and inside of LJMU. This includes the Internet, Student Information System
(SIS), and Liverpool John Moores University as a whole because they hold a
4 4 4
CONFIDENTIAL
11. CMPRPATI/699434
CONFIDENTIAL
separate server to the Blackboard application. This is better demonstrated on Figure
1. Online information systems model, it gives a truer picture of where the system is
weakest and more likely to incur issues of threat with possible attack in the future,
if someone was motivated to find out the information.
15 - Turnitin Software to check for plagiarism of student's coursework and providing a
percentage of validity and honesty. Stores all coursework which is how it can be
cross referenced against new students work. Allows lecturers to find out if students
have copied other work from students or gained information from online sources.
Downside students could argue that the percentage is wrong by providing sources
with Harvard referencing with their assignments. The application is not 100% full
proof with students being able to upload work and if software is not working
properly (crashes) then no percentage of work will be displayed, leading to a
student getting better grades if the person marking the marking the work is unaware
of the specific topic being covered or onto of what new information / data is online.
Could become too reliant on software when hard evidence like books publish
established facts and can be better crossed referenced.
1 1 1
16 - Other Emails All information, data packets, hardware and software that could compromise on the
edge and inside of LJMU. Many different email companies which provide storage
also user to add data. Not all are recognised by the email system. Students are
asked to use the standard LJMU email to ensure validity
2 2 2
17 - YouTube All information, hardware and software that compromises LJMU and blackboard.
Images, videos and links could carry possible viruses causing concern of how safe
and why we should trust using YouTube. Everyone uses it to locate help wihen
issues arise with coursework. There is possibility of someone recording a video of
how to break in to blackboard or LJMU website. There are all already information
out there to crack passwords with little effort and also software which can be
downloaded (Hash Kracker). It only takes the simplest of steps to make the
connection. But in reality what’s the point and there would need to be a real
motivation to do so, which is less likely as people just aren’t that interested but
have more fascination with say finding cat videos to watch. This in itself would be
5 3 4
CONFIDENTIAL
12. CMPRPATI/699434
CONFIDENTIAL
a more likely threat of attaching malware to a popular video and sending it viral -
causing more harm, possibly this threat could or could not crash the backbone of
the internet. No one would know without trying it and what would be the incentive
because if it did the end result would taking away the source which feeds people's
new way of communicating. It would be like stepping back in time for a short
period and that will not happen as it provides both good uses for people and until
such time bad uses for criminal activity.
18 - Twitter/Facebook All of the private / public information, hardware and software and links which
allow LJMU to become possibly compromised and include Blackboard. On-click of
a fake profile or adding a friend which is fake could allow a person to become
manipulated and provide the other person which the information they require to
progress. Students could also share there assignments back and forth without the
realisation of breaking university policies about plagiarism - this is harder to
measure and control.
2 2 2
19 - Other network
communications
All other networking sites, hardware, software and verbal communications from
LJMU to outside organisations, local community, businesses and Government. For
example, social events, LinkedIn and dealing with the council or other Universities.
Depending on programmes LJMU are running there could be stiff competition for
example - Cyber Security have just received funding for further developing its
arena giving opportunities for students to gain hands on experience and gaining
better job prospects. Threat could be Liverpool University wanting to stop this from
happening and developing their own idea, leading to staff trying to gain
information via underhanded ways or offering money to students to steal
information or hack system and cause disruption.
1 1 1
20 - Dreamspark All hardware and software that allow for user to download applications to the
desktop and allow them to be applied onto home devices. Possible the wrong
software could have fault in the program and cause damage when user tries to
resolve issues when locating updates to which they may not understand exactly
what they are clicking onto even automatic updates could cause potential issues for
example slowing workstations down leading users to type incorrectly or allow other
1 1 2
CONFIDENTIAL
13. CMPRPATI/699434
CONFIDENTIAL
to remember or record what another persons details because they are watching
them.
21 - Notes All descriptions and research was carried out by personal experience and targeting
the LJMU site and blackboard with the intention to realise all processes and
functionality.
Source of information; http://www.LJMU.ac.uk/student/
1 1 1
22 - Other systems All information, data packets, hardware and software for example Microsoft Server
/ SQL, word, desktops and other various devices and storage - Google docs.
3 2 2
A meeting is to be set up with client to further understand and explain the assets at LJMU. This will permit further to discussion of relevance of
Figure 1. in relation to other hardware, software, documentation, policies are at present being used and require more in-depth analysis of risk and
correlate the threats with looking to research more suitable ways of protecting students, academic staff from disruption or provide solutions to
give understanding and possible training securing all personal information and data held on all systems including manual systems.
Link References for listing assets and modelling:
• Ctb.ku.edu,. 'Chapter 3. Assessing Community Needs and Resources | Section 8. Identifying Community Assets and Resources | Main
Section | Community Tool Box'. N.p., 2014. Web. 21 Dec. 2014.
• Madcapmedia.com, 'DFC Content: Executive's Basic Guide To Intranets: What Type Of Security Issues Are Involved With An Intranet?’
N.P., 2014. Web. 20 Dec. 2014.
CONFIDENTIAL
14. CMPRPATI/699434
CONFIDENTIAL
Form 2 Threat Sources
2.1 2.2 2.3 2.
4
2.5 2.6 2.7 2.8
Source
Name Description (and Rationale)
Property
Capability
Priority
ThreatLevel
Source of
Threat
Assessment
Influencer
ThreatActor
1 -
Assessment
Board
Employees
Assessment Board Employees could make wrong decisions about how
grades are assessed. Students may learn in different ways to previous
years and so the decision could be detrimental to their overall
performance and final grading. Grades could also be incorrectly
inputted to Blackboard without cross checking or referencing.
Employees may also have differences of opinion and give grade
differently without consistency students could risk gaining poor/better
grades which leads to issues when applying for placements.
C 4 3 Substantial In-House Y Y
I 4 2 Moderate In-House Y Y
A 3 3 Moderate In-House Y Y
2 -
Academic
Staff
Academic Staff may differ in their view of what is to assessed in
relation to assignment and performance of students. Laciness in
uploading coursework and not checking resources leading to students
becoming misinformed and misunderstand subject matter. Lack of
understanding of how blackboard operates impedes staff and students
are left with delays in learning what grade they have gained from
assessment and are not given full feedback of how performance could
be improved. Some students receiving grades prior to hand back date
and or information becoming for all view - lack of privacy could cause
some students to alienated through others not working with them
because the grades are poor.
C 4 3 Substantial In-House Y Y
I 3 3 Moderate In-House Y Y
A 5 2 Substantial In-House Y Y
CONFIDENTIAL
15. CMPRPATI/699434
CONFIDENTIAL
3 - Students Students forgetting and not changing passwords within the LJMU policy
time limits. Leaving or not remembering USB sticks in computers
leading them to being stolen or damaged depending what information is
on them. Downloading corrupt software at home and bringing it on the
stolen USB which could potentially infect LJMU and Blackboard. The
lack of knowledge for new students on how to use Blackboard with how
to work out exactly how to operate the system puts them at a
disadvantage and possible lead to some not using it or asking others to
enter their space to upload work leaving the door open to plagiarism if
the other student looks at or copies the assignment or even end with
saying they had uploaded when in fact they didn’t causing students to
fail or cause disruption.
C 1 2 Negligible In-House Y Y
I 3 3 Moderate In-House Y Y
A 4 2 Moderate In-House Y Y
4 - Past
Students
Past students with prior knowledge of system could try and re-login
with old emails to gain access to look what’s changed or manipulate the
system as a "prank" to show it can be done because they no longer
governed by the controls set by LJMU. Possible to send messages to
new students offering their services to do their assignments for them and
charge a fee because they know what is expected of the module.
Disgruntled students may just want to cause damage to the system due
to poor grades.
C 1 1 Negligible In-House Y Y
I 2 2 Negligible In-House Y Y
A 3 3 Moderate In-House Y Y
5 -
Blackboard
employees
Blackboard employees - software programming could be manipulated,
SQL Injected or error handling issues found in system leading to
problems of user ability or time limit of how long blackboard may be
used to stop others copying the system or make updates without the
original designer the coding could be unreadable. A disgruntled
employee may break the system to cause issues for Blackboard itself
leaving its users with lack of inability to use the system until it is fixed.
User’s information would then be compromised as there is no real back
up system for securing the data stored on blackboards system.
C 5 1 Moderate In-House Y Y
I 2 3 Low In-House Y Y
A 3 4 Moderate In-House Y Y
CONFIDENTIAL
16. CMPRPATI/699434
CONFIDENTIAL
6 - IT staff IT Staff - lack of knowledge of the blackboard system would lead to
delays for the system to be off- line. Not knowing where or when
something could happen leads to lack of upholding security to the most
part assuming that all systems are safe. This leaves all systems more
open to threat because an event is more likely to occur when it is least
expected - as unware and cannot see into the future. IT staff only able to
monitor to a certain point and where students have issues of losing or
forgetting passwords ensure that the system is protected as much as it
can in uncertain times. Change of policies wold also only happen when
an event would take place because it can seen rather than waiting for the
unknown - hard evidence can make claims true without it does anyone
really take notice? No - people always think it could never happen to me
but that it is wrong because unless awareness is pinpointed you would
never know an attack had happened. Emails are a prime example to that
point - no one can be sure that an attachment is safe even after being
scrutinised by applications like AVG. It is only ever just that one click
or process from a threat becoming reality
C 1 4 Low In-House Y Y
I 3 1 Low In-House Y Y
A 4 2 Moderate In-House Y Y
7 - Security
staff
Security staff that are in disagreement to how the building is secured
and choose to abuse the system by not upholding regulations and
allowing for example people who are unknown into any part of the
building across all sites.
C 5 1 Moderate In-House Y Y
I 2 1 Negligible In-House Y Y
A 3 1 Low In-House Y Y
8 -
Administrat
ion
Department
Administration department could be manipulated via a telephone to gain
vital information about students and staff leading to personal
information becoming breached or used inappropriately to access
further details in order to manipulate targeted audiences to gain access
to the main LJMU site and its networks.
C 4 2 Moderate In-House Y Y
I 3 2 Low In-House Y Y
A 4 2 Moderate In-House Y Y
9 - Finance
Department
Finance department could be in disagreement about how funding,
finances are handled across the university and want management to
make changes could stage a protest and expose information.
C 4 1 Low In-House Y Y
I 3 1 Low In-House Y Y
A 2 5 Moderate In-House Y Y
CONFIDENTIAL
17. CMPRPATI/699434
CONFIDENTIAL
10 - All
other LJMU
staff
All other LJMU staff that wish to access and gain information from
blackboard and or LJMU systems. For example an employee may have
a keen interest in a certain programme and may try to access systems to
retrieve course notes and slides without proper authority.
C 1 1 Negligible In-House Y Y
I 2 1 Negligible In-House Y Y
A 3 1 Low In-House Y Y
11 -
Outsourced
Organisatio
ns
Outsourced Organisations using tablets, mobiles and workstations in
LJMU could accidentally supply incorrect information to students or
staff.
C 1 1 Negligible In-House Y Y
I 2 1 Negligible In-House Y Y
A 1 1 Negligible In-House Y Y
12 -
Hackers
Hackers who wish to gain access to information from blackboard and
further find a path way to the main servers and databases where data is
held and could be more use to them depending on what and why they
are targeting the system original.
C 3 1 Low In-House Y Y
I 4 3 Substantial In-House Y Y
A 5 1 Moderate In-House Y Y
13 - Visitors Visitors using library resources and mistyping information onto
workstations to research subject matter. could accidently click onto a
wrong link and infect with malware from internet.
C 3 1 Low In-House Y Y
I 1 2 Negligible In-House Y Y
A 3 2 Low In-House Y Y
14 -
Educational
Board
Educational Board wanting to make changes to policy or find a new
way of handling coursework rather than using blackboard because of the
potential of inconsistency.
C 3 1 Low In-House Y Y
I 4 2 Moderate In-House Y Y
A 2 1 Negligible In-House Y Y
15 -
Directors
Directors requiring grading and feedback issues to become more
realistic and bring down marking periods to give information back to
students quicker and so the environment becomes and feels it is a fair
but firm institution.
C 2 2 Negligible In-House Y Y
I 3 2 Low In-House Y Y
A 4 1 Low In-House Y Y
16 - Other
Universities
Other Universities who disagree with how blackboard is connected and
operated in relation to if one university becomes under threat could lead
to them becoming threatened and pressure mounts because it may or
may not happen in the process.
C 4 2 Moderate In-House Y Y
I 4 1 Low In-House Y Y
A 4 1 Low In-House Y Y
17 - Local
community
Local community who disagree with how students interact outside of
university buildings and wish to make complaints about specific persons
for example poor use of language at organised events could cause the
C 1 1 Negligible In-House Y Y
I 3 1 Low In-House Y Y
A 2 1 Negligible In-House Y Y
CONFIDENTIAL
18. CMPRPATI/699434
CONFIDENTIAL
university to become under question about how they teach students to
18 -
Government
& Local
Authorities
Government & local authorities changing regulations to security aspects
and or to Data Protection Act. They may require systems to become
more streamlined and fit for purpose to ensure quality for students to
gain the best service from LJMU.
C 4 3 Substantial In-House Y Y
I 4 2 Moderate In-House Y Y
A 3 1 Low In-House Y Y
19 - All
other Actors
All other Actors who is anyone with an intent or regard to LJUM or
Blackboard who may have vested interest. For example Parents, Police,
Fire and other such organisations connected in some way that could
cause a knock on effect.
C 1 1 Negligible In-House Y Y
I 1 1 Negligible In-House Y Y
A 1 1 Negligible In-House Y Y
20 - Notes Notes - pinpointing threat sources will require a secondary opinion and
should be completed by asking questions directly to the above sources
to gain more relevant reasons first hand to contribute to the final
assessment of assessment with blackboard and LJMU as a whole.
C Y Y
I Y Y
A Y Y
Sources of threat are most substantial in terms of confidential issues regarding privacy. Hackers could become a risk in terms of integrity when
they decide to stop being honest but this could be applied to other actors as well. There is no definitive answer as to why people start misusing,
abusing, or stealing information to make for financial gain. It could be just a bad day at university or loss of job which changes people’s
behaviour patterns making the switch from wrong to right and so realising where risk could come from is impossibility.
CONFIDENTIAL
19. CMPRPATI/699434
CONFIDENTIAL
Form 3 Foci of Interest
3.1 3.2 3.3 3.4
FoI Name
Asse
ts
Rationale
Max Impacts
C I A
All of
Blackboard
1 This includes the online learning environment and the actual company itself. Publishing all
programme materials, submissions of coursework, feedback systems and deadlines.
Notifications and emails connected to announcements could be a potential issue because
your trusting that they are safe and when users click on them they are safe and not cause
issues in anyway. Passwords can be attained quite easily with the correct knowledge to gain
such information and the amount time blackboard gives its user to change settings is too
long in relation to the slot period an attacker has to use such an assess point. People are lazy
and keep to using simple passwords because it saves time and don’t like the risk of
forgetting if it becomes to long or combination of letters too detailed. Playing a major part
of why systems in general are targeted in this way.
5 5 5
All of LJMU and
web application
12 This includes Eduroam, LJMU email and Internet as a whole. The hardware and software
play apart in securing students and all others who use the systems across the different levels
of networking.
4 4 4
Student
Information
System (SIS)
2 This includes all records and progress reports for students and how making decisions can
become more of an issue when requiring making changes or accidentally an employee
deletes information about individuals. If hard copies are not kept as back-up this leads to
students disappearing from view and may also not be able to get such information back
without the use of forensic tools which wastes time but would be required because of data
protection act becoming breached.
5 5 5
Other systems 22 This includes all software and some hardware i.e. desktops, tablets, pcs, storage facilities,
word and applications students use such as java automated programs.
3 2 2
Online payment
facilities
3 This includes students offering to pay for other students when they have lack of credit to
print or require buying a USB. Details can be accessed and misused once the original person
allows the student to use their details i.e. credit card or debit card - they also become privy
to D.O.B and username and password.
3 4 5
CONFIDENTIAL
20. CMPRPATI/699434
CONFIDENTIAL
Databases 13 This includes protecting all other information stored behind the front end interface which is
used by all actors on the system. It is the main area to which a threat is most likely to occur
because of the volume of data stored there and could mean big financial gains who want to
steal and sell details on to other people i.e. competition or telemarketers.
5 5 5
Servers 14 Hardware which moves information around from devices to the back end databases.
Potentially is this was targeted information packets could be redirected to another database
and in its place inject the original database with corrupt information. It is a high risk but
reality is hackers like behaviourally to "hit and run" not leaving any kind of trace until the
system starts to become an issue i.e., crashes.
4 4 4
Turnitin 15 This processes student’s coursework to identify any plagiarism and catch those who attempt
to cheat the system.
1 1 1
Social media,
Communications
and other
software
applications
4, 5,
16,
17,
18,
19,
20
This includes YouTube, Facebook, Twitter, Terminal Server and Citrix because they are
interconnected with how a student accesses information and applies to complete work on
appropriate applications and there is potential for systems to manipulated and damaged.
5 4 4
Networks and
Library
6, 10 This includes all documentation and resources connected to LJMU and blackboard for
example there are private networks which only specific users can login into because they are
at a higher level and require more security to safe guard information becoming disrupted
from say a student logging into their own workspace. Library is another point of access put
there is little software and resources stored on the desktop to prevent people abusing the
system or trying to download or copy resources.
2 2 2
Internet &
Eduroam
7, 9 This includes downloading or uploading documents, researching on unknown sites which
could cause the system to slow down with the volume of traffic.
4 4 4
CONFIDENTIAL
21. CMPRPATI/699434
CONFIDENTIAL
FoI All of Blackboard Form 4 Threat Actors
4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11
Threat Actor
Group Name
TATypes
Clearance
Property
NativeCapability
NativeMotivation
Native
Threat
Level
Dominant
Influencing
Threat
Source
EnhancedCapability
EnhancedMotivation
Enhanced Threat Level
Final Threat
Level
Students BY,
HAN,
IC,
NU,
PWR,
PI,
PU
UC
C 3 2 Low Students 3 2 Low Low
I 2 2 Negligible Students 2 2 Negligible Negligible
A 3 1 Low Past Students 3 2 Low Low
Accidental Compromise Low
Academic Staff HAN,
IC,
IEP,
NU,
PWR,
PI,
PU,
SC,
SP,
SSS
BS
C 4 2 Moderate
Academic
Staff
4 2 Moderate Moderate
I 4 2 Moderate
Educational
Board
4 2 Moderate Moderate
A 4 2 Moderate
Academic
Staff
4 2 Moderate Moderate
Accidental Compromise Moderate
There is more possibility that academic staff poses more of a risk than students because there is no barrier to stop them from accessing the restricted parts of the blackboard system and
is reflected in the levels shown above. However, the motivationally students are on level because they can’t assess and so could show interest by trying to access restricted areas.
CONFIDENTIAL
22. CMPRPATI/699434
CONFIDENTIAL
FoI All of LJMU and web application Form 4 Threat Actors
4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11
Threat Actor
Group Name
TATypes
Clearance
Property
NativeCapability
NativeMotivation
Native
Threat
Level
Dominant
Influencing
Threat
Source
EnhancedCapability
EnhancedMotivation
Enhanced
Threat
Level
Final Threat Level
All actors who
come into contact
with LJMU and
the web
application.
BY,
HAN,
IC,
IEP,
NU,
PWR,
PI,
PU,
SC,
SP,
SSS
UC
C 4 2 Moderate Students 4 2 Moderate Moderate
I 3 2 Low
Academic
Staff
3 2 Low Low
A 4 1 Low Past Students 4 1 Low Low
Accidental Compromise Low
CONFIDENTIAL
23. CMPRPATI/699434
CONFIDENTIAL
FoI Student Information System (SIS) Form 4 Threat Actors
4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11
Threat Actor
Group Name
TATypes
Clearance
Property
NativeCapability
NativeMotivation
Native
Threat
Level
Dominant
Influencing
Threat
Source
EnhancedCapability
EnhancedMotivation
Enhanced
Threat
Level
Final Threat Level
Employees of
LJMU
BY,
HAN,
IC,
IEP,
NU,
PWR,
PI,
PU,
SC,
SP,
SSS,
SUP
BS
C 2 1 Negligible
Administratio
n Department
2 1 Negligible Negligible
I 3 1 Low
Assessment
Board
Employees
3 1 Low Low
A 3 1 Low
Educational
Board
3 1 Low Low
Accidental Compromise Low
CONFIDENTIAL
24. CMPRPATI/699434
CONFIDENTIAL
FoI Other systems Form 4 Threat Actors
4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11
Threat Actor
Group Name
TATypes
Clearance
Property
NativeCapability
NativeMotivation
Native
Threat
Level
Dominant
Influencing
Threat
Source
EnhancedCapability
EnhancedMotivation
Enhanced
Threat
Level
Final Threat Level
All Actors who
come into contact
with other
systems.
BY,
HAN,
IC,
IEP,
NU,
PWR,
PI,
PU,
SC,
SP,
SSS,
SUP
UC
C 2 1 Negligible
All other
LJMU staff
2 1 Negligible Negligible
I 2 2 Negligible Negligible
A 3 1 Low IT staff 3 1 Low Low
Accidental Compromise N/A
CONFIDENTIAL
25. CMPRPATI/699434
CONFIDENTIAL
FoI Online payment facilities Form 4 Threat Actors
4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11
Threat Actor
Group Name
TATypes
Clearance
Property
NativeCapability
NativeMotivation
Native
Threat
Level
Dominant
Influencing
Threat
Source
EnhancedCapability
EnhancedMotivation
Enhanced
Threat
Level
Final Threat Level
Students /
Academic Staff
HAN,
PWR,
PU,
SC
UC
C 3 2 Low
Academic
Staff
3 2 Low Low
I 2 1 Negligible Students 3 1 Low Low
A 4 2 Moderate Students 4 2 Moderate Moderate
Accidental Compromise Low
CONFIDENTIAL
26. CMPRPATI/699434
CONFIDENTIAL
FoI Databases Form 4 Threat Actors
4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11
Threat Actor
Group Name
TATypes
Clearance
Property
NativeCapability
NativeMotivation
Native
Threat
Level
Dominant
Influencing
Threat
Source
EnhancedCapability
EnhancedMotivation
Enhanced
Threat
Level
Final Threat Level
Academic Staff HAN,
IC,
IEP,
PU,
SC,
SP,
SSS,
SUP
BS
C 4 1 Low
Administratio
n Department
4 1 Low Low
I 4 1 Low
Finance
Department
4 1 Low Low
A 4 2 Moderate
Academic
Staff
4 2 Moderate Moderate
Accidental Compromise Low
Students BY,
IC,
NU,
PWR,
PI,
PU
UC
C 4 2 Moderate Students 4 2 Moderate Moderate
I 4 2 Moderate Students 4 2 Moderate Moderate
A 2 3 Low Students 2 3 Low Low
Accidental Compromise Moderate
CONFIDENTIAL
27. CMPRPATI/699434
CONFIDENTIAL
FoI Servers Form 4 Threat Actors
4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11
Threat Actor
Group Name
TATypes
Clearance
Property
NativeCapability
NativeMotivation
Native
Threat
Level
Dominant
Influencing
Threat
Source
EnhancedCapability
EnhancedMotivation
Enhanced
Threat
Level
Final Threat Level
IT Staff
PI,
PU,
SUP
BS
C 5 1 Moderate Hackers 5 1 Moderate Moderate
I 2 3 Low Hackers 2 3 Low Low
A 3 3 Moderate IT staff 3 3 Moderate Moderate
Accidental Compromise Moderate
CONFIDENTIAL
28. CMPRPATI/699434
CONFIDENTIAL
FoI Turnitin Form 4 Threat Actors
4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11
Threat Actor
Group Name
TATypes
Clearance
Property
NativeCapability
NativeMotivation
Native
Threat
Level
Dominant
Influencing
Threat
Source
EnhancedCapability
EnhancedMotivation
Enhanced
Threat
Level
Final Threat Level
Academic staff
HAN,
IC,
NU,
PU,
SSS,
SUP
BS
C 2 1 Negligible
Academic
Staff
2 1 Negligible Negligible
I 2 1 Negligible
Academic
Staff
2 1 Negligible Negligible
A 3 1 Low
Academic
Staff
3 1 Low Low
Accidental Compromise Low
Students BY,
IC,
NU,
PWR,
PI
UC
C 3 2 Low Students 3 2 Low Low
I 3 2 Low Students 3 2 Low Low
A 3 3 Moderate
Academic
Staff
3 3 Moderate Moderate
Accidental Compromise Low
CONFIDENTIAL
29. CMPRPATI/699434
CONFIDENTIAL
FoI Social media, Communications and other
software applications
Form 4 Threat Actors
4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11
Threat Actor
Group Name
TATypes
Clearance
Property
NativeCapability
NativeMotivation
Native
Threat
Level
Dominant
Influencing
Threat
Source
EnhancedCapability
EnhancedMotivation
Enhanced
Threat
Level
Final Threat Level
All Actors who
come into contact
with social media,
communications
and other
software
applications.
BY,
HAN,
IC,
IEP,
NU,
PWR,
PI,
PU,
SC,
SP,
SSS,
SUP
UC
C 4 1 Low Students 4 2 Moderate Moderate
I 3 2 Low Students 3 2 Low Low
A 4 2 Moderate Students 4 2 Moderate Moderate
Accidental Compromise Moderate
CONFIDENTIAL
30. CMPRPATI/699434
CONFIDENTIAL
FoI Networks and Library Form 4 Threat Actors
4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11
Threat Actor
Group Name
TATypes
Clearance
Property
NativeCapability
NativeMotivation
Native
Threat
Level
Dominant
Influencing
Threat
Source
EnhancedCapability
EnhancedMotivation
Enhanced
Threat
Level
Final Threat Level
All Actors who
come into contact
with networks and
library resources.
BY,
HAN,
IC,
IEP,
NU,
PWR,
PI,
PU,
SC,
SP,
SSS,
SUP
UC
C 3 1 Low Students 3 1 Low Low
I 4 1 Low Visitors 4 1 Low Low
A 4 1 Low
All other
LJMU staff
4 1 Low Low
Accidental Compromise Low
CONFIDENTIAL
31. CMPRPATI/699434
CONFIDENTIAL
FoI Internet & Eduroam Form 4 Threat Actors
4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11
Threat Actor
Group Name
TATypes
Clearance
Property
NativeCapability
NativeMotivation
Native
Threat
Level
Dominant
Influencing
Threat
Source
EnhancedCapability
EnhancedMotivation
Enhanced
Threat
Level
Final Threat Level
All those who
come into contact
with the internet
and Eduroam
facilities.
BY,
HAN,
IC,
IEP,
NU,
PWR,
PI,
PU,
SC,
SP,
SSS,
SUP
UC
C 5 1 Moderate Students 5 2 Substantial Substantial
I 5 1 Moderate Past Students 5 1 Moderate Moderate
A 5 1 Moderate
All other
Actors
5 1 Moderate Moderate
Accidental Compromise Moderate
CONFIDENTIAL
32. CMPRPATI/699434
CONFIDENTIAL
Form 5 Risk Assessment
Form 5 Number 1
Focus of Interest All of Blackboard
Threat Actor Group Students
Threat Actor Type(s) BY, HAN, IC, NU, PWR, PI, PU
Threat Actor Clearance UC
Influencing Threat Sources Confidentiality - Students, Integrity - Students, Availability - Past Students
5.1 5.2 5.3 5.4 5.5
Property
MaxBIL
Compromise Method Threat Level Risk Level
RiskID
C 5 Observes information from All of Blackboard Low Medium 1.1
C 5 Impersonates a user of All of Blackboard Low Medium 1.2
I 5 Impersonates a user of All of Blackboard Negligible Medium 1.3
A 5 Impersonates a user of All of Blackboard Low Medium 1.4
C 5 Tampers with equipment in All of Blackboard Low Medium 1.5
I 5 Tampers with equipment in All of Blackboard Negligible Medium 1.6
A 5 Tampers with equipment in All of Blackboard Low Medium 1.7
C 5 Tampers with equipment in All of Blackboard Low Medium 1.8
I 5 Tampers with equipment in All of Blackboard Negligible Medium 1.9
A 5 Tampers with equipment in All of Blackboard Low Medium 1.10
C 5 Misuses business or Network connections to or from All of Blackboard Low Medium 1.11
I 5 Misuses business or Network connections to or from All of Blackboard Negligible Medium 1.12
A 5 Misuses business or Network connections to or from All of Blackboard Low Medium 1.13
C 5 Accidentally releases information from All of Blackboard Low Medium 1.14
I 5 Accidentally disrupts All of Blackboard Low Medium 1.15
A 5 Accidentally disrupts All of Blackboard Low Medium 1.16
CONFIDENTIAL
33. CMPRPATI/699434
CONFIDENTIAL
C 5 Deliberately releases information from All of Blackboard Low Medium 1.17
I 5 Deliberately disrupts All of Blackboard Negligible Medium 1.18
A 5 Deliberately disrupts All of Blackboard Low Medium 1.19
C 5 Changes the configuration of All of Blackboard Low Medium 1.20
I 5 Changes the configuration of All of Blackboard Negligible Medium 1.21
A 5 Changes the configuration of All of Blackboard Low Medium 1.22
C 5 Intercepts traffic from or to All of Blackboard Low Medium 1.23
I 5 Injects information into All of Blackboard Negligible Medium 1.24
A 5 Jams All of Blackboard Low Medium 1.25
C 5 Tampers with equipment in All of Blackboard Low Medium 1.26
I 5 Tampers with equipment in All of Blackboard Negligible Medium 1.27
A 5 Tampers with equipment in All of Blackboard Low Medium 1.28
C 5 Accidentally releases information from All of Blackboard Low Medium 1.29
I 5 Accidentally disrupts All of Blackboard Low Medium 1.30
A 5 Accidentally disrupts All of Blackboard Low Medium 1.31
C 5 Deliberately releases information from All of Blackboard Low Medium 1.32
I 5 Deliberately disrupts All of Blackboard Negligible Medium 1.33
A 5 Deliberately disrupts All of Blackboard Low Medium 1.34
C 5 Changes the configuration of All of Blackboard Low Medium 1.35
I 5 Changes the configuration of All of Blackboard Negligible Medium 1.36
A 5 Changes the configuration of All of Blackboard Low Medium 1.37
CONFIDENTIAL
34. CMPRPATI/699434
CONFIDENTIAL
Form 5 Risk Assessment
Form 5 Number 2
Focus of Interest All of Blackboard
Threat Actor Group Academic Staff
Threat Actor Type(s) HAN, IC, IEP, NU, PWR, PI, PU, SC, SP, SSS
Threat Actor Clearance BS
Influencing Threat Sources Confidentiality - Academic Staff, Integrity - Educational Board, Availability - Academic Staff
5.1 5.2 5.3 5.4 5.5
Property
MaxBIL
Compromise Method Threat
Level
Risk
Level
RiskID
C 5
Tampers with equipment in All of Blackboard
Moderate
Medium
-High
2.1
I 5
Tampers with equipment in All of Blackboard
Moderate
Medium
-High
2.2
A 5
Tampers with equipment in All of Blackboard
Moderate
Medium
-High
2.3
C 5
Misuses business or Network connections to or from All of Blackboard
Moderate
Medium
-High
2.4
I 5
Misuses business or Network connections to or from All of Blackboard
Moderate
Medium
-High
2.5
A 5
Misuses business or Network connections to or from All of Blackboard
Moderate
Medium
-High
2.6
C 5
Misuses business or Network connections to or from All of Blackboard
Moderate
Medium
-High
2.7
I 5
Misuses business or Network connections to or from All of Blackboard
Moderate
Medium
-High
2.8
CONFIDENTIAL
35. CMPRPATI/699434
CONFIDENTIAL
A 5
Misuses business or Network connections to or from All of Blackboard
Moderate
Medium
-High
2.9
C 5
Accidentally releases information from All of Blackboard
Moderate
Medium
-High
2.10
I 5
Accidentally disrupts All of Blackboard
Moderate
Medium
-High
2.11
A 5
Accidentally disrupts All of Blackboard
Moderate
Medium
-High
2.12
C 5
Deliberately releases information from All of Blackboard
Moderate
Medium
-High
2.13
I 5
Deliberately disrupts All of Blackboard
Moderate
Medium
-High
2.14
A 5
Deliberately disrupts All of Blackboard
Moderate
Medium
-High
2.15
C 5
Changes the configuration of All of Blackboard
Moderate
Medium
-High
2.16
I 5
Changes the configuration of All of Blackboard
Moderate
Medium
-High
2.17
A 5
Changes the configuration of All of Blackboard
Moderate
Medium
-High
2.18
C 5
Intercepts traffic from or to All of Blackboard
Moderate
Medium
-High
2.19
I 5
Injects information into All of Blackboard
Moderate
Medium
-High
2.20
A 5
Jams All of Blackboard
Moderate
Medium
-High
2.21
C 5
Tampers with equipment in All of Blackboard
Moderate
Medium
-High
2.22
I 5 Tampers with equipment in All of Blackboard Moderate Medium 2.23
CONFIDENTIAL
36. CMPRPATI/699434
CONFIDENTIAL
-High
A 5
Tampers with equipment in All of Blackboard
Moderate
Medium
-High
2.24
C 5
Accidentally releases information from All of Blackboard
Moderate
Medium
-High
2.25
I 5
Accidentally disrupts All of Blackboard
Moderate
Medium
-High
2.26
A 5
Accidentally disrupts All of Blackboard
Moderate
Medium
-High
2.27
C 5
Deliberately releases information from All of Blackboard
Moderate
Medium
-High
2.28
I 5
Deliberately disrupts All of Blackboard
Moderate
Medium
-High
2.29
A 5
Deliberately disrupts All of Blackboard
Moderate
Medium
-High
2.30
C 5
Changes the configuration of All of Blackboard
Moderate
Medium
-High
2.31
I 5
Changes the configuration of All of Blackboard
Moderate
Medium
-High
2.32
A 5
Changes the configuration of All of Blackboard
Moderate
Medium
-High
2.33
C 5
Misuses business or Network connections to or from All of Blackboard
Moderate
Medium
-High
2.34
I 5
Misuses business or Network connections to or from All of Blackboard
Moderate
Medium
-High
2.35
A 5
Misuses business or Network connections to or from All of Blackboard
Moderate
Medium
-High
2.36
C 5
Tampers with equipment provided by All of Blackboard
Moderate
Medium
-High
2.37
CONFIDENTIAL
37. CMPRPATI/699434
CONFIDENTIAL
I 5
Tampers with equipment provided by All of Blackboard
Moderate
Medium
-High
2.38
A 5
Tampers with equipment provided by All of Blackboard
Moderate
Medium
-High
2.39
C 5
Intercepts traffic from or to All of Blackboard
Moderate
Medium
-High
2.40
I 5
Corrupts All of Blackboard
Moderate
Medium
-High
2.41
A 5
Disrupts All of Blackboard
Moderate
Medium
-High
2.42
C 5
Misuses business or Network connections to or from All of Blackboard
Moderate
Medium
-High
2.43
I 5
Misuses business or Network connections to or from All of Blackboard
Moderate
Medium
-High
2.44
A 5
Misuses business or Network connections to or from All of Blackboard
Moderate
Medium
-High
2.45
CONFIDENTIAL
38. CMPRPATI/699434
CONFIDENTIAL
Form 5 Risk Assessment
Form 5 Number 3
Focus of Interest All of LJMU and web application
Threat Actor Group All actors who come into contact with LJMU and the web application.
Threat Actor Type(s) BY, HAN, IC, IEP, NU, PWR, PI, PU, SC, SP, SSS
Threat Actor Clearance UC
Influencing Threat Sources Confidentiality - Students, Integrity - Academic Staff, Availability - Past Students
5.1 5.2 5.3 5.4 5.5
Property
MaxBIL
Compromise Method Threat
Level
Risk
Level
RiskID
C 4 Observes information from All of LJMU and web application Moderate Medium 3.1
C 4 Impersonates a user of All of LJMU and web application Moderate Medium 3.2
I 4 Impersonates a user of All of LJMU and web application Low Medium 3.3
A 4 Impersonates a user of All of LJMU and web application Low Medium 3.4
C 4 Tampers with equipment in All of LJMU and web application Moderate Medium 3.5
I 4 Tampers with equipment in All of LJMU and web application Low Medium 3.6
A 4 Tampers with equipment in All of LJMU and web application Low Medium 3.7
C 4 Tampers with equipment in All of LJMU and web application Moderate Medium 3.8
I 4 Tampers with equipment in All of LJMU and web application Low Medium 3.9
A 4 Tampers with equipment in All of LJMU and web application Low Medium 3.10
C 4 Misuses business or Network connections to or from All of LJMU and web application Moderate Medium 3.11
I 4 Misuses business or Network connections to or from All of LJMU and web application Low Medium 3.12
A 4 Misuses business or Network connections to or from All of LJMU and web application Low Medium 3.13
C 4 Misuses business or Network connections to or from All of LJMU and web application Moderate Medium 3.14
I 4 Misuses business or Network connections to or from All of LJMU and web application Low Medium 3.15
A 4 Misuses business or Network connections to or from All of LJMU and web application Low Medium 3.16
CONFIDENTIAL
39. CMPRPATI/699434
CONFIDENTIAL
C 4 Accidentally releases information from All of LJMU and web application Low Medium 3.17
I 4 Accidentally disrupts All of LJMU and web application Low Medium 3.18
A 4 Accidentally disrupts All of LJMU and web application Low Medium 3.19
C 4 Deliberately releases information from All of LJMU and web application Moderate Medium 3.20
I 4 Deliberately disrupts All of LJMU and web application Low Medium 3.21
A 4 Deliberately disrupts All of LJMU and web application Low Medium 3.22
C 4 Changes the configuration of All of LJMU and web application Moderate Medium 3.23
I 4 Changes the configuration of All of LJMU and web application Low Medium 3.24
A 4 Changes the configuration of All of LJMU and web application Low Medium 3.25
C 4 Intercepts traffic from or to All of LJMU and web application Moderate Medium 3.26
I 4 Injects information into All of LJMU and web application Low Medium 3.27
A 4 Jams All of LJMU and web application Low Medium 3.28
C 4 Tampers with equipment in All of LJMU and web application Moderate Medium 3.29
I 4 Tampers with equipment in All of LJMU and web application Low Medium 3.30
A 4 Tampers with equipment in All of LJMU and web application Low Medium 3.31
C 4 Accidentally releases information from All of LJMU and web application Low Medium 3.32
I 4 Accidentally disrupts All of LJMU and web application Low Medium 3.33
A 4 Accidentally disrupts All of LJMU and web application Low Medium 3.34
C 4 Deliberately releases information from All of LJMU and web application Moderate Medium 3.35
I 4 Deliberately disrupts All of LJMU and web application Low Medium 3.36
A 4 Deliberately disrupts All of LJMU and web application Low Medium 3.37
C 4 Changes the configuration of All of LJMU and web application Moderate Medium 3.38
I 4 Changes the configuration of All of LJMU and web application Low Medium 3.39
A 4 Changes the configuration of All of LJMU and web application Low Medium 3.40
C 4 Misuses business or Network connections to or from All of LJMU and web application Moderate Medium 3.41
I 4 Misuses business or Network connections to or from All of LJMU and web application Low Medium 3.42
A 4 Misuses business or Network connections to or from All of LJMU and web application Low Medium 3.43
C 4 Tampers with equipment provided by All of LJMU and web application Moderate Medium 3.44
I 4 Tampers with equipment provided by All of LJMU and web application Low Medium 3.45
CONFIDENTIAL
40. CMPRPATI/699434
CONFIDENTIAL
A 4 Tampers with equipment provided by All of LJMU and web application Low Medium 3.46
C 4 Intercepts traffic from or to All of LJMU and web application Moderate Medium 3.47
I 4 Corrupts All of LJMU and web application Low Medium 3.48
A 4 Disrupts All of LJMU and web application Low Medium 3.49
C 4 Misuses business or Network connections to or from All of LJMU and web application Moderate Medium 3.50
I 4 Misuses business or Network connections to or from All of LJMU and web application Low Medium 3.51
A 4 Misuses business or Network connections to or from All of LJMU and web application Low Medium 3.52
CONFIDENTIAL
41. CMPRPATI/699434
CONFIDENTIAL
Form 5 Risk Assessment
Form 5 Number 4
Focus of Interest Student Information System (SIS)
Threat Actor Group Employees of LJMU
Threat Actor Type(s) BY, HAN, IC, IEP, NU, PWR, PI, PU, SC, SP, SSS, SUP
Threat Actor Clearance BS
Influencing Threat Sources Confidentiality - Administration Department, Integrity - Assessment Board Employees, Availability -
Educational Board
5.1 5.2 5.3 5.4 5.5
Property
MaxBIL
Compromise Method Threat Level Risk Level
RiskID
C 5 Observes information from Student Information System (SIS) Negligible Medium 4.1
C 5 Impersonates a user of Student Information System (SIS) Negligible Medium 4.2
I 5 Impersonates a user of Student Information System (SIS) Low Medium 4.3
A 5 Impersonates a user of Student Information System (SIS) Low Medium 4.4
C 5 Tampers with equipment in Student Information System (SIS) Negligible Medium 4.5
I 5 Tampers with equipment in Student Information System (SIS) Low Medium 4.6
A 5 Tampers with equipment in Student Information System (SIS) Low Medium 4.7
C 5 Tampers with equipment in Student Information System (SIS) Negligible Medium 4.8
I 5 Tampers with equipment in Student Information System (SIS) Low Medium 4.9
A 5 Tampers with equipment in Student Information System (SIS) Low Medium 4.10
C 5 Misuses business or Network connections to or from Student Information System (SIS) Negligible Medium 4.11
I 5 Misuses business or Network connections to or from Student Information System (SIS) Low Medium 4.12
A 5 Misuses business or Network connections to or from Student Information System (SIS) Low Medium 4.13
C 5 Misuses business or Network connections to or from Student Information System (SIS) Negligible Medium 4.14
I 5 Misuses business or Network connections to or from Student Information System (SIS) Low Medium 4.15
CONFIDENTIAL
42. CMPRPATI/699434
CONFIDENTIAL
A 5 Misuses business or Network connections to or from Student Information System (SIS) Low Medium 4.16
C 5 Accidentally releases information from Student Information System (SIS) Low Medium 4.17
I 5 Accidentally disrupts Student Information System (SIS) Low Medium 4.18
A 5 Accidentally disrupts Student Information System (SIS) Low Medium 4.19
C 5 Deliberately releases information from Student Information System (SIS) Negligible Medium 4.20
I 5 Deliberately disrupts Student Information System (SIS) Low Medium 4.21
A 5 Deliberately disrupts Student Information System (SIS) Low Medium 4.22
C 5 Changes the configuration of Student Information System (SIS) Negligible Medium 4.23
I 5 Changes the configuration of Student Information System (SIS) Low Medium 4.24
A 5 Changes the configuration of Student Information System (SIS) Low Medium 4.25
C 5 Intercepts traffic from or to Student Information System (SIS) Negligible Medium 4.26
I 5 Injects information into Student Information System (SIS) Low Medium 4.27
A 5 Jams Student Information System (SIS) Low Medium 4.28
C 5 Tampers with equipment in Student Information System (SIS) Negligible Medium 4.29
I 5 Tampers with equipment in Student Information System (SIS) Low Medium 4.30
A 5 Tampers with equipment in Student Information System (SIS) Low Medium 4.31
C 5 Accidentally releases information from Student Information System (SIS) Low Medium 4.32
I 5 Accidentally disrupts Student Information System (SIS) Low Medium 4.33
A 5 Accidentally disrupts Student Information System (SIS) Low Medium 4.34
C 5 Deliberately releases information from Student Information System (SIS) Negligible Medium 4.35
I 5 Deliberately disrupts Student Information System (SIS) Low Medium 4.36
A 5 Deliberately disrupts Student Information System (SIS) Low Medium 4.37
C 5 Changes the configuration of Student Information System (SIS) Negligible Medium 4.38
I 5 Changes the configuration of Student Information System (SIS) Low Medium 4.39
A 5 Changes the configuration of Student Information System (SIS) Low Medium 4.40
C 5 Misuses business or Network connections to or from Student Information System (SIS) Negligible Medium 4.41
I 5 Misuses business or Network connections to or from Student Information System (SIS) Low Medium 4.42
A 5 Misuses business or Network connections to or from Student Information System (SIS) Low Medium 4.43
C 5 Tampers with equipment provided by Student Information System (SIS) Negligible Medium 4.44
CONFIDENTIAL
43. CMPRPATI/699434
CONFIDENTIAL
I 5 Tampers with equipment provided by Student Information System (SIS) Low Medium 4.45
A 5 Tampers with equipment provided by Student Information System (SIS) Low Medium 4.46
C 5 Intercepts traffic from or to Student Information System (SIS) Negligible Medium 4.47
I 5 Corrupts Student Information System (SIS) Low Medium 4.48
A 5 Disrupts Student Information System (SIS) Low Medium 4.49
C 5 Misuses business or Network connections to or from Student Information System (SIS) Negligible Medium 4.50
I 5 Misuses business or Network connections to or from Student Information System (SIS) Low Medium 4.51
A 5 Misuses business or Network connections to or from Student Information System (SIS) Low Medium 4.52
C 5 Tampers with equipment in Student Information System (SIS) Negligible Medium 4.53
I 5 Tampers with equipment in Student Information System (SIS) Low Medium 4.54
A 5 Tampers with equipment in Student Information System (SIS) Low Medium 4.55
CONFIDENTIAL
44. CMPRPATI/699434
CONFIDENTIAL
Form 5 Risk Assessment
Form 5 Number 5
Focus of Interest Other systems
Threat Actor Group All Actors who come into contact with other systems.
Threat Actor Type(s) BY, HAN, IC, IEP, NU, PWR, PI, PU, SC, SP, SSS, SUP
Threat Actor Clearance UC
Influencing Threat Sources Confidentiality - All other LJMU staff, Availability - IT staff
5.1 5.2 5.3 5.4 5.5
Property
MaxBIL
Compromise Method Threat
Level
Risk Level
RiskID
C 3 Observes information from Other systems Negligible Very Low 5.1
C 3 Impersonates a user of Other systems Negligible Very Low 5.2
I 2 Impersonates a user of Other systems Negligible Very Low 5.3
A 2 Impersonates a user of Other systems Low Low 5.4
C 3 Tampers with equipment in Other systems Negligible Very Low 5.5
I 2 Tampers with equipment in Other systems Negligible Very Low 5.6
A 2 Tampers with equipment in Other systems Low Low 5.7
C 3 Tampers with equipment in Other systems Negligible Very Low 5.8
I 2 Tampers with equipment in Other systems Negligible Very Low 5.9
A 2 Tampers with equipment in Other systems Low Low 5.10
C 3 Misuses business or Network connections to or from Other systems Negligible Very Low 5.11
I 2 Misuses business or Network connections to or from Other systems Negligible Very Low 5.12
A 2 Misuses business or Network connections to or from Other systems Low Low 5.13
C 3 Misuses business or Network connections to or from Other systems Negligible Very Low 5.14
I 2 Misuses business or Network connections to or from Other systems Negligible Very Low 5.15
A 2 Misuses business or Network connections to or from Other systems Low Low 5.16
CONFIDENTIAL
45. CMPRPATI/699434
CONFIDENTIAL
C 3 Accidentally releases information from Other systems 5.17
I 2 Accidentally disrupts Other systems 5.18
A 2 Accidentally disrupts Other systems 5.19
C 3 Deliberately releases information from Other systems Negligible Very Low 5.20
I 2 Deliberately disrupts Other systems Negligible Very Low 5.21
A 2 Deliberately disrupts Other systems Low Low 5.22
C 3 Changes the configuration of Other systems Negligible Very Low 5.23
I 2 Changes the configuration of Other systems Negligible Very Low 5.24
A 2 Changes the configuration of Other systems Low Low 5.25
C 3 Intercepts traffic from or to Other systems Negligible Very Low 5.26
I 2 Injects information into Other systems Negligible Very Low 5.27
A 2 Jams Other systems Low Low 5.28
C 3 Tampers with equipment in Other systems Negligible Very Low 5.29
I 2 Tampers with equipment in Other systems Negligible Very Low 5.30
A 2 Tampers with equipment in Other systems Low Low 5.31
C 3 Accidentally releases information from Other systems 5.32
I 2 Accidentally disrupts Other systems 5.33
A 2 Accidentally disrupts Other systems 5.34
C 3 Deliberately releases information from Other systems Negligible Very Low 5.35
I 2 Deliberately disrupts Other systems Negligible Very Low 5.36
A 2 Deliberately disrupts Other systems Low Low 5.37
C 3 Changes the configuration of Other systems Negligible Very Low 5.38
I 2 Changes the configuration of Other systems Negligible Very Low 5.39
A 2 Changes the configuration of Other systems Low Low 5.40
C 3 Misuses business or Network connections to or from Other systems Negligible Very Low 5.41
I 2 Misuses business or Network connections to or from Other systems Negligible Very Low 5.42
A 2 Misuses business or Network connections to or from Other systems Low Low 5.43
C 3 Tampers with equipment provided by Other systems Negligible Very Low 5.44
I 2 Tampers with equipment provided by Other systems Negligible Very Low 5.45
CONFIDENTIAL
46. CMPRPATI/699434
CONFIDENTIAL
A 2 Tampers with equipment provided by Other systems Low Low 5.46
C 3 Intercepts traffic from or to Other systems Negligible Very Low 5.47
I 2 Corrupts Other systems Negligible Very Low 5.48
A 2 Disrupts Other systems Low Low 5.49
C 3 Misuses business or Network connections to or from Other systems Negligible Very Low 5.50
I 2 Misuses business or Network connections to or from Other systems Negligible Very Low 5.51
A 2 Misuses business or Network connections to or from Other systems Low Low 5.52
C 3 Tampers with equipment in Other systems Negligible Very Low 5.53
I 2 Tampers with equipment in Other systems Negligible Very Low 5.54
A 2 Tampers with equipment in Other systems Low Low 5.55
CONFIDENTIAL
47. CMPRPATI/699434
CONFIDENTIAL
Form 5 Risk Assessment
Form 5 Number 6
Focus of Interest Online payment facilities
Threat Actor Group Students / Academic Staff
Threat Actor Type(s) HAN, PWR, PU, SC
Threat Actor Clearance UC
Influencing Threat Sources Confidentiality - Academic Staff, Integrity - Students, Availability - Students
5.1 5.2 5.3 5.4 5.5
Property
MaxBIL
Compromise Method Threat Level Risk Level
RiskID
C 3 Tampers with equipment in Online payment facilities Low Low 6.1
I 4 Tampers with equipment in Online payment facilities Low Medium 6.2
A 5 Tampers with equipment in Online payment facilities Moderate Medium-High 6.3
C 3 Intercepts traffic from or to Online payment facilities Low Low 6.4
I 4 Injects information into Online payment facilities Low Medium 6.5
A 5 Jams Online payment facilities Moderate Medium-High 6.6
C 3 Accidentally releases information from Online payment facilities Low Low 6.7
I 4 Accidentally disrupts Online payment facilities Low Medium 6.8
A 5 Accidentally disrupts Online payment facilities’ Low Medium 6.9
C 3 Deliberately releases information from Online payment facilities Low Low 6.10
I 4 Deliberately disrupts Online payment facilities Low Medium 6.11
A 5 Deliberately disrupts Online payment facilities Moderate Medium-High 6.12
C 3 Changes the configuration of Online payment facilities Low Low 6.13
I 4 Changes the configuration of Online payment facilities Low Medium 6.14
A 5 Changes the configuration of Online payment facilities Moderate Medium-High 6.15
C 3 Misuses business or Network connections to or from Online payment facilities Low Low 6.16
CONFIDENTIAL
48. CMPRPATI/699434
CONFIDENTIAL
I 4 Misuses business or Network connections to or from Online payment facilities Low Medium 6.17
A 5 Misuses business or Network connections to or from Online payment facilities Moderate Medium-High 6.18
C 3 Tampers with equipment provided by Online payment facilities Low Low 6.19
I 4 Tampers with equipment provided by Online payment facilities Low Medium 6.20
A 5 Tampers with equipment provided by Online payment facilities Moderate Medium-High 6.21
CONFIDENTIAL
49. CMPRPATI/699434
CONFIDENTIAL
Form 5 Risk Assessment
Form 5 Number 7
Focus of Interest Databases
Threat Actor Group Academic Staff
Threat Actor Type(s) HAN, IC, IEP, PU, SC, SP, SSS, SUP
Threat Actor Clearance BS
Influencing Threat Sources Confidentiality - Administration Department, Integrity - Finance Department, Availability - Academic
Staff
5.1 5.2 5.3 5.4 5.5
Property
MaxBIL
Compromise Method Threat Level Risk Level
RiskID
C 5 Tampers with equipment in Databases Low Medium 7.1
I 5 Tampers with equipment in Databases Low Medium 7.2
A 5 Tampers with equipment in Databases Moderate Medium-High 7.3
C 5 Misuses business or Network connections to or from Databases Low Medium 7.4
I 5 Misuses business or Network connections to or from Databases Low Medium 7.5
A 5 Misuses business or Network connections to or from Databases Moderate Medium-High 7.6
C 5 Misuses business or Network connections to or from Databases Low Medium 7.7
I 5 Misuses business or Network connections to or from Databases Low Medium 7.8
A 5 Misuses business or Network connections to or from Databases Moderate Medium-High 7.9
C 5 Accidentally releases information from Databases Low Medium 7.10
I 5 Accidentally disrupts Databases Low Medium 7.11
A 5 Accidentally disrupts Databases Low Medium 7.12
C 5 Deliberately releases information from Databases Low Medium 7.13
I 5 Deliberately disrupts Databases Low Medium 7.14
A 5 Deliberately disrupts Databases Moderate Medium-High 7.15
CONFIDENTIAL
50. CMPRPATI/699434
CONFIDENTIAL
C 5 Changes the configuration of Databases Low Medium 7.16
I 5 Changes the configuration of Databases Low Medium 7.17
A 5 Changes the configuration of Databases Moderate Medium-High 7.18
C 5 Misuses business or Network connections to or from Databases Low Medium 7.19
I 5 Misuses business or Network connections to or from Databases Low Medium 7.20
A 5 Misuses business or Network connections to or from Databases Moderate Medium-High 7.21
C 5 Tampers with equipment provided by Databases Low Medium 7.22
I 5 Tampers with equipment provided by Databases Low Medium 7.23
A 5 Tampers with equipment provided by Databases Moderate Medium-High 7.24
C 5 Intercepts traffic from or to Databases Low Medium 7.25
I 5 Corrupts Databases Low Medium 7.26
A 5 Disrupts Databases Moderate Medium-High 7.27
C 5 Misuses business or Network connections to or from Databases Low Medium 7.28
I 5 Misuses business or Network connections to or from Databases Low Medium 7.29
A 5 Misuses business or Network connections to or from Databases Moderate Medium-High 7.30
C 5 Tampers with equipment in Databases Low Medium 7.31
I 5 Tampers with equipment in Databases Low Medium 7.32
CONFIDENTIAL
51. CMPRPATI/699434
CONFIDENTIAL
Form 5 Risk Assessment
Form 5 Number 8
Focus of Interest Databases
Threat Actor Group Students
Threat Actor Type(s) BY, IC, NU, PWR, PI, PU
Threat Actor Clearance UC
Influencing Threat Sources Confidentiality - Students, Integrity - Students, Availability - Students
5.1 5.2 5.3 5.4 5.5
Property
MaxBIL
Compromise Method Threat Level Risk Level
RiskID
C 5 Observes information from Databases Moderate Medium-High 8.1
C 5 Impersonates a user of Databases Moderate Medium-High 8.2
I 5 Impersonates a user of Databases Moderate Medium-High 8.3
A 5 Impersonates a user of Databases Low Medium 8.4
C 5 Tampers with equipment in Databases Moderate Medium-High 8.5
I 5 Tampers with equipment in Databases Moderate Medium-High 8.6
A 5 Tampers with equipment in Databases Low Medium 8.7
C 5 Misuses business or Network connections to or from Databases Moderate Medium-High 8.8
I 5 Misuses business or Network connections to or from Databases Moderate Medium-High 8.9
A 5 Misuses business or Network connections to or from Databases Low Medium 8.10
C 5 Accidentally releases information from Databases Moderate Medium-High 8.11
I 5 Accidentally disrupts Databases Moderate Medium-High 8.12
A 5 Accidentally disrupts Databases Moderate Medium-High 8.13
C 5 Deliberately releases information from Databases Moderate Medium-High 8.14
I 5 Deliberately disrupts Databases Moderate Medium-High 8.15
A 5 Deliberately disrupts Databases Low Medium 8.16
CONFIDENTIAL
52. CMPRPATI/699434
CONFIDENTIAL
C 5 Changes the configuration of Databases Moderate Medium-High 8.17
I 5 Changes the configuration of Databases Moderate Medium-High 8.18
A 5 Changes the configuration of Databases Low Medium 8.19
C 5 Intercepts traffic from or to Databases Moderate Medium-High 8.20
I 5 Injects information into Databases Moderate Medium-High 8.21
A 5 Jams Databases Low Medium 8.22
C 5 Tampers with equipment in Databases Moderate Medium-High 8.23
I 5 Tampers with equipment in Databases Moderate Medium-High 8.24
A 5 Tampers with equipment in Databases Low Medium 8.25
C 5 Accidentally releases information from Databases Moderate Medium-High 8.26
I 5 Accidentally disrupts Databases Moderate Medium-High 8.27
A 5 Accidentally disrupts Databases Moderate Medium-High 8.28
C 5 Deliberately releases information from Databases Moderate Medium-High 8.29
I 5 Deliberately disrupts Databases Moderate Medium-High 8.30
A 5 Deliberately disrupts Databases Low Medium 8.31
C 5 Changes the configuration of Databases Moderate Medium-High 8.32
I 5 Changes the configuration of Databases Moderate Medium-High 8.33
A 5 Changes the configuration of Databases Low Medium 8.34
CONFIDENTIAL
53. CMPRPATI/699434
CONFIDENTIAL
Form 5 Risk Assessment
Form 5 Number 9
Focus of Interest Servers
Threat Actor Group IT Staff
Threat Actor Type(s) PI, PU, SUP
Threat Actor Clearance BS
Influencing Threat Sources Confidentiality - Hackers, Integrity - Hackers, Availability - IT staff
5.1 5.2 5.3 5.4 5.5
Property
MaxBIL
Compromise Method Threat
Level
Risk
Level
RiskID
C 4 Tampers with equipment in Servers Moderate Medium 9.1
I 4 Tampers with equipment in Servers Low Medium 9.2
A 4 Tampers with equipment in Servers Moderate Medium 9.3
C 4 Accidentally releases information from Servers Moderate Medium 9.4
I 4 Accidentally disrupts Servers Moderate Medium 9.5
A 4 Accidentally disrupts Servers Moderate Medium 9.6
C 4 Deliberately releases information from Servers Moderate Medium 9.7
I 4 Deliberately disrupts Servers Low Medium 9.8
A 4 Deliberately disrupts Servers Moderate Medium 9.9
C 4 Changes the configuration of Servers Moderate Medium 9.10
I 4 Changes the configuration of Servers Low Medium 9.11
A 4 Changes the configuration of Servers Moderate Medium 9.12
C 4 Tampers with equipment in Servers Moderate Medium 9.13
I 4 Tampers with equipment in Servers Low Medium 9.14
A 4 Tampers with equipment in Servers Moderate Medium 9.15
CONFIDENTIAL
54. CMPRPATI/699434
CONFIDENTIAL
Form 5 Risk Assessment
Form 5 Number 10
Focus of Interest Turnitin
Threat Actor Group Academic staff
Threat Actor Type(s) HAN, IC, NU, PU, SSS, SUP
Threat Actor Clearance BS
Influencing Threat Sources Confidentiality - Academic Staff, Integrity - Academic Staff, Availability - Academic Staff
5.1 5.2 5.3 5.4 5.5
Property
MaxBIL
Compromise Method Threat
Level
Risk Level
RiskID
C 1 Tampers with equipment in Turnitin Negligible Very Low 10.1
I 1 Tampers with equipment in Turnitin Negligible Very Low 10.2
A 1 Tampers with equipment in Turnitin Low Very Low 10.3
C 1 Misuses business or Network connections to or from Turnitin Negligible Very Low 10.4
I 1 Misuses business or Network connections to or from Turnitin Negligible Very Low 10.5
A 1 Misuses business or Network connections to or from Turnitin Low Very Low 10.6
C 1 Accidentally releases information from Turnitin Low Very Low 10.7
I 1 Accidentally disrupts Turnitin Low Very Low 10.8
A 1 Accidentally disrupts Turnitin Low Very Low 10.9
C 1 Deliberately releases information from Turnitin Negligible Very Low 10.10
I 1 Deliberately disrupts Turnitin Negligible Very Low 10.11
A 1 Deliberately disrupts Turnitin Low Very Low 10.12
C 1 Changes the configuration of Turnitin Negligible Very Low 10.13
I 1 Changes the configuration of Turnitin Negligible Very Low 10.14
A 1 Changes the configuration of Turnitin Low Very Low 10.15
C 1 Accidentally releases information from Turnitin Low Very Low 10.16
CONFIDENTIAL
55. CMPRPATI/699434
CONFIDENTIAL
I 1 Accidentally disrupts Turnitin Low Very Low 10.17
A 1 Accidentally disrupts Turnitin Low Very Low 10.18
C 1 Deliberately releases information from Turnitin Negligible Very Low 10.19
I 1 Deliberately disrupts Turnitin Negligible Very Low 10.20
A 1 Deliberately disrupts Turnitin Low Very Low 10.21
C 1 Changes the configuration of Turnitin Negligible Very Low 10.22
I 1 Changes the configuration of Turnitin Negligible Very Low 10.23
A 1 Changes the configuration of Turnitin Low Very Low 10.24
C 1 Misuses business or Network connections to or from Turnitin Negligible Very Low 10.25
I 1 Misuses business or Network connections to or from Turnitin Negligible Very Low 10.26
A 1 Misuses business or Network connections to or from Turnitin Low Very Low 10.27
C 1 Tampers with equipment in Turnitin Negligible Very Low 10.28
I 1 Tampers with equipment in Turnitin Negligible Very Low 10.29
A 1 Tampers with equipment in Turnitin Low Very Low 10.30
CONFIDENTIAL
56. CMPRPATI/699434
CONFIDENTIAL
Form 5 Risk Assessment
Form 5 Number 11
Focus of Interest Turnitin
Threat Actor Group Students
Threat Actor Type(s) BY, IC, NU, PWR, PI
Threat Actor Clearance UC
Influencing Threat Sources Confidentiality - Students, Integrity - Students, Availability - Academic Staff
5.1 5.2 5.3 5.4 5.5
Property
MaxBIL
Compromise Method Threat Level Risk Level
RiskID
C 1 Observes information from Turnitin Low Very Low 11.1
C 1 Impersonates a user of Turnitin Low Very Low 11.2
I 1 Impersonates a user of Turnitin Low Very Low 11.3
A 1 Impersonates a user of Turnitin Moderate Very Low 11.4
C 1 Tampers with equipment in Turnitin Low Very Low 11.5
I 1 Tampers with equipment in Turnitin Low Very Low 11.6
A 1 Tampers with equipment in Turnitin Moderate Very Low 11.7
C 1 Misuses business or Network connections to or from Turnitin Low Very Low 11.8
I 1 Misuses business or Network connections to or from Turnitin Low Very Low 11.9
A 1
Misuses business or Network connections to or from Turnitin
Moderate Very Low
11.1
0
C 1
Accidentally releases information from Turnitin
Low Very Low
11.1
1
I 1
Accidentally disrupts Turnitin
Low Very Low
11.1
2
A 1 Accidentally disrupts Turnitin Low Very Low 11.1
CONFIDENTIAL
57. CMPRPATI/699434
CONFIDENTIAL
3
C 1
Deliberately releases information from Turnitin
Low Very Low
11.1
4
I 1
Deliberately disrupts Turnitin
Low Very Low
11.1
5
A 1
Deliberately disrupts Turnitin
Moderate Very Low
11.1
6
C 1
Changes the configuration of Turnitin
Low Very Low
11.1
7
I 1
Changes the configuration of Turnitin
Low Very Low
11.1
8
A 1
Changes the configuration of Turnitin
Moderate Very Low
11.1
9
C 1
Intercepts traffic from or to Turnitin
Low Very Low
11.2
0
I 1
Injects information into Turnitin
Low Very Low
11.2
1
A 1
Jams Turnitin
Moderate Very Low
11.2
2
C 1
Tampers with equipment in Turnitin
Low Very Low
11.2
3
I 1
Tampers with equipment in Turnitin
Low Very Low
11.2
4
A 1
Tampers with equipment in Turnitin
Moderate Very Low
11.2
5
CONFIDENTIAL
58. CMPRPATI/699434
CONFIDENTIAL
Form 5 Risk Assessment
Form 5 Number 12
Focus of Interest Social media, Communications and other software applications
Threat Actor Group All Actors who come into contact with social media, communications and other software applications.
Threat Actor Type(s) BY, HAN, IC, IEP, NU, PWR, PI, PU, SC, SP, SSS, SUP
Threat Actor Clearance UC
Influencing Threat Sources Confidentiality - Students, Integrity - Students, Availability - Students
5.1 5.2 5.3 5.4 5.5
Property
MaxBIL
Compromise Method Threat
Level
Risk Level
RiskID
C 5
Observes information from Social media, Communications and other software applications
Moderate
Medium-
High
12.1
C 5
Impersonates a user of Social media, Communications and other software applications
Moderate
Medium-
High
12.2
I 4 Impersonates a user of Social media, Communications and other software applications Low Medium 12.3
A 4 Impersonates a user of Social media, Communications and other software applications Moderate Medium 12.4
C 5
Tampers with equipment in Social media, Communications and other software applications
Moderate
Medium-
High
12.5
I 4 Tampers with equipment in Social media, Communications and other software applications Low Medium 12.6
A 4 Tampers with equipment in Social media, Communications and other software applications Moderate Medium 12.7
C 5
Tampers with equipment in Social media, Communications and other software applications
Moderate
Medium-
High
12.8
I 4 Tampers with equipment in Social media, Communications and other software applications Low Medium 12.9
A 4 Tampers with equipment in Social media, Communications and other software applications Moderate Medium 12.10
C 5
Misuses business or Network connections to or from Social media, Communications and other
software applications
Moderate
Medium-
High
12.11
CONFIDENTIAL
59. CMPRPATI/699434
CONFIDENTIAL
I 4
Misuses business or Network connections to or from Social media, Communications and other
software applications
Low Medium 12.12
A 4
Misuses business or Network connections to or from Social media, Communications and other
software applications
Moderate Medium 12.13
C 5
Misuses business or Network connections to or from Social media, Communications and other
software applications
Moderate
Medium-
High
12.14
I 4
Misuses business or Network connections to or from Social media, Communications and other
software applications
Low Medium 12.15
A 4
Misuses business or Network connections to or from Social media, Communications and other
software applications
Moderate Medium 12.16
C 5
Accidentally releases information from Social media, Communications and other software
applications
Moderate
Medium-
High
12.17
I 4 Accidentally disrupts Social media, Communications and other software applications Moderate Medium 12.18
A 4 Accidentally disrupts Social media, Communications and other software applications Moderate Medium 12.19
C 5
Deliberately releases information from Social media, Communications and other software
applications
Moderate
Medium-
High
12.20
I 4 Deliberately disrupts Social media, Communications and other software applications Low Medium 12.21
A 4 Deliberately disrupts Social media, Communications and other software applications Moderate Medium 12.22
C 5
Changes the configuration of Social media, Communications and other software applications
Moderate
Medium-
High
12.23
I 4 Changes the configuration of Social media, Communications and other software applications Low Medium 12.24
A 4 Changes the configuration of Social media, Communications and other software applications Moderate Medium 12.25
C 5
Intercepts traffic from or to Social media, Communications and other software applications
Moderate
Medium-
High
12.26
I 4 Injects information into Social media, Communications and other software applications Low Medium 12.27
A 4 Jams Social media, Communications and other software applications Moderate Medium 12.28
C 5
Tampers with equipment in Social media, Communications and other software applications
Moderate
Medium-
High
12.29
I 4 Tampers with equipment in Social media, Communications and other software applications Low Medium 12.30
CONFIDENTIAL
60. CMPRPATI/699434
CONFIDENTIAL
A 4 Tampers with equipment in Social media, Communications and other software applications Moderate Medium 12.31
C 5
Accidentally releases information from Social media, Communications and other software
applications
Moderate
Medium-
High
12.32
I 4 Accidentally disrupts Social media, Communications and other software applications Moderate Medium 12.33
A 4 Accidentally disrupts Social media, Communications and other software applications Moderate Medium 12.34
C 5
Deliberately releases information from Social media, Communications and other software
applications
Moderate
Medium-
High
12.35
I 4 Deliberately disrupts Social media, Communications and other software applications Low Medium 12.36
A 4 Deliberately disrupts Social media, Communications and other software applications Moderate Medium 12.37
C 5
Changes the configuration of Social media, Communications and other software applications
Moderate
Medium-
High
12.38
I 4 Changes the configuration of Social media, Communications and other software applications Low Medium 12.39
A 4 Changes the configuration of Social media, Communications and other software applications Moderate Medium 12.40
C 5
Misuses business or Network connections to or from Social media, Communications and other
software applications
Moderate
Medium-
High
12.41
I 4
Misuses business or Network connections to or from Social media, Communications and other
software applications
Low Medium 12.42
A 4
Misuses business or Network connections to or from Social media, Communications and other
software applications
Moderate Medium 12.43
C 5
Tampers with equipment provided by Social media, Communications and other software
applications
Moderate
Medium-
High
12.44
I 4
Tampers with equipment provided by Social media, Communications and other software
applications
Low Medium 12.45
A 4
Tampers with equipment provided by Social media, Communications and other software
applications
Moderate Medium 12.46
C 5
Intercepts traffic from or to Social media, Communications and other software applications
Moderate
Medium-
High
12.47
I 4 Corrupts Social media, Communications and other software applications Low Medium 12.48
A 4 Disrupts Social media, Communications and other software applications Moderate Medium 12.49
CONFIDENTIAL
61. CMPRPATI/699434
CONFIDENTIAL
C 5
Misuses business or Network connections to or from Social media, Communications and other
software applications
Moderate
Medium-
High
12.50
I 4
Misuses business or Network connections to or from Social media, Communications and other
software applications
Low Medium 12.51
A 4
Misuses business or Network connections to or from Social media, Communications and other
software applications
Moderate Medium 12.52
C 5
Tampers with equipment in Social media, Communications and other software applications
Moderate
Medium-
High
12.53
I 4 Tampers with equipment in Social media, Communications and other software applications Low Medium 12.54
A 4 Tampers with equipment in Social media, Communications and other software applications Moderate Medium 12.55
CONFIDENTIAL
62. CMPRPATI/699434
CONFIDENTIAL
Form 5 Risk Assessment
Form 5 Number 13
Focus of Interest Networks and Library
Threat Actor Group All Actors who come into contact with networks and library resources.
Threat Actor Type(s) BY, HAN, IC, IEP, NU, PWR, PI, PU, SC, SP, SSS, SUP
Threat Actor Clearance UC
Influencing Threat Sources Confidentiality - Students, Integrity - Visitors, Availability - All other LJMU staff
5.1 5.2 5.3 5.4 5.5
Property
MaxBIL
Compromise Method Threat Level Risk
Level
RiskID
C 2 Observes information from Networks and Library Low Low 13.1
C 2 Impersonates a user of Networks and Library Low Low 13.2
I 2 Impersonates a user of Networks and Library Low Low 13.3
A 2 Impersonates a user of Networks and Library Low Low 13.4
C 2 Tampers with equipment in Networks and Library Low Low 13.5
I 2 Tampers with equipment in Networks and Library Low Low 13.6
A 2 Tampers with equipment in Networks and Library Low Low 13.7
C 2 Tampers with equipment in Networks and Library Low Low 13.8
I 2 Tampers with equipment in Networks and Library Low Low 13.9
A 2 Tampers with equipment in Networks and Library Low Low 13.10
C 2 Misuses business or Network connections to or from Networks and Library Low Low 13.11
I 2 Misuses business or Network connections to or from Networks and Library Low Low 13.12
A 2 Misuses business or Network connections to or from Networks and Library Low Low 13.13
C 2 Misuses business or Network connections to or from Networks and Library Low Low 13.14
I 2 Misuses business or Network connections to or from Networks and Library Low Low 13.15
A 2 Misuses business or Network connections to or from Networks and Library Low Low 13.16
CONFIDENTIAL
63. CMPRPATI/699434
CONFIDENTIAL
C 2 Accidentally releases information from Networks and Library Low Low 13.17
I 2 Accidentally disrupts Networks and Library Low Low 13.18
A 2 Accidentally disrupts Networks and Library Low Low 13.19
C 2 Deliberately releases information from Networks and Library Low Low 13.20
I 2 Deliberately disrupts Networks and Library Low Low 13.21
A 2 Deliberately disrupts Networks and Library Low Low 13.22
C 2 Changes the configuration of Networks and Library Low Low 13.23
I 2 Changes the configuration of Networks and Library Low Low 13.24
A 2 Changes the configuration of Networks and Library Low Low 13.25
C 2 Intercepts traffic from or to Networks and Library Low Low 13.26
I 2 Injects information into Networks and Library Low Low 13.27
A 2 Jams Networks and Library Low Low 13.28
C 2 Tampers with equipment in Networks and Library Low Low 13.29
I 2 Tampers with equipment in Networks and Library Low Low 13.30
A 2 Tampers with equipment in Networks and Library Low Low 13.31
C 2 Accidentally releases information from Networks and Library Low Low 13.32
I 2 Accidentally disrupts Networks and Library Low Low 13.33
A 2 Accidentally disrupts Networks and Library Low Low 13.34
C 2 Deliberately releases information from Networks and Library Low Low 13.35
I 2 Deliberately disrupts Networks and Library Low Low 13.36
A 2 Deliberately disrupts Networks and Library Low Low 13.37
C 2 Changes the configuration of Networks and Library Low Low 13.38
I 2 Changes the configuration of Networks and Library Low Low 13.39
A 2 Changes the configuration of Networks and Library Low Low 13.40
C 2 Misuses business or Network connections to or from Networks and Library Low Low 13.41
I 2 Misuses business or Network connections to or from Networks and Library Low Low 13.42
A 2 Misuses business or Network connections to or from Networks and Library Low Low 13.43
C 2 Tampers with equipment provided by Networks and Library Low Low 13.44
I 2 Tampers with equipment provided by Networks and Library Low Low 13.45
CONFIDENTIAL
64. CMPRPATI/699434
CONFIDENTIAL
A 2 Tampers with equipment provided by Networks and Library Low Low 13.46
C 2 Intercepts traffic from or to Networks and Library Low Low 13.47
I 2 Corrupts Networks and Library Low Low 13.48
A 2 Disrupts Networks and Library Low Low 13.49
I 2 Misuses business or Network connections to or from Networks and Library Low Low 13.50
A 2 Misuses business or Network connections to or from Networks and Library Low Low 13.51
C 2 Tampers with equipment in Networks and Library Low Low 13.52
I 2 Tampers with equipment in Networks and Library Low Low 13.53
A 2 Tampers with equipment in Networks and Library Low Low 13.54
CONFIDENTIAL
65. CMPRPATI/699434
CONFIDENTIAL
Form 5 Risk Assessment
Form 5 Number 14
Focus of Interest Internet & Eduroam
Threat Actor Group All those who come into contact with the internet and Eduroam facilities.
Threat Actor Type(s) BY, HAN, IC, IEP, NU, PWR, PI, PU, SC, SP, SSS, SUP
Threat Actor Clearance UC
Influencing Threat Sources Confidentiality - Students, Integrity - Past Students, Availability - All other Actors
5.1 5.2 5.3 5.4 5.5
Property
MaxBIL
Compromise Method Threat
Level
Risk Level
RiskID
C 4 Observes information from Internet & Eduroam Substantial Medium-High 14.1
C 4 Impersonates a user of Internet & Eduroam Substantial Medium-High 14.2
I 4 Impersonates a user of Internet & Eduroam Moderate Medium 14.3
A 4 Impersonates a user of Internet & Eduroam Moderate Medium 14.4
C 4 Tampers with equipment in Internet & Eduroam Substantial Medium-High 14.5
I 4 Tampers with equipment in Internet & Eduroam Moderate Medium 14.6
A 4 Tampers with equipment in Internet & Eduroam Moderate Medium 14.7
C 4 Tampers with equipment in Internet & Eduroam Substantial Medium-High 14.8
I 4 Tampers with equipment in Internet & Eduroam Moderate Medium 14.9
A 4 Tampers with equipment in Internet & Eduroam Moderate Medium 14.10
C 4 Misuses business or Network connections to or from Internet & Eduroam Substantial Medium-High 14.11
I 4 Misuses business or Network connections to or from Internet & Eduroam Moderate Medium 14.12
A 4 Misuses business or Network connections to or from Internet & Eduroam Moderate Medium 14.13
C 4 Misuses business or Network connections to or from Internet & Eduroam Substantial Medium-High 14.14
I 4 Misuses business or Network connections to or from Internet & Eduroam Moderate Medium 14.15
A 4 Misuses business or Network connections to or from Internet & Eduroam Moderate Medium 14.16
CONFIDENTIAL
66. CMPRPATI/699434
CONFIDENTIAL
C 4 Accidentally releases information from Internet & Eduroam Moderate Medium 14.17
I 4 Accidentally disrupts Internet & Eduroam Moderate Medium 14.18
A 4 Accidentally disrupts Internet & Eduroam Moderate Medium 14.19
C 4 Deliberately releases information from Internet & Eduroam Substantial Medium-High 14.20
I 4 Deliberately disrupts Internet & Eduroam Moderate Medium 14.21
A 4 Deliberately disrupts Internet & Eduroam Moderate Medium 14.22
C 4 Changes the configuration of Internet & Eduroam Substantial Medium-High 14.23
I 4 Changes the configuration of Internet & Eduroam Moderate Medium 14.24
A 4 Changes the configuration of Internet & Eduroam Moderate Medium 14.25
C 4 Intercepts traffic from or to Internet & Eduroam Substantial Medium-High 14.26
I 4 Injects information into Internet & Eduroam Moderate Medium 14.27
A 4 Jams Internet & Eduroam Moderate Medium 14.28
C 4 Tampers with equipment in Internet & Eduroam Substantial Medium-High 14.29
I 4 Tampers with equipment in Internet & Eduroam Moderate Medium 14.30
A 4 Tampers with equipment in Internet & Eduroam Moderate Medium 14.31
C 4 Accidentally releases information from Internet & Eduroam Moderate Medium 14.32
I 4 Accidentally disrupts Internet & Eduroam Moderate Medium 14.33
A 4 Accidentally disrupts Internet & Eduroam Moderate Medium 14.34
C 4 Deliberately releases information from Internet & Eduroam Substantial Medium-High 14.35
I 4 Deliberately disrupts Internet & Eduroam Moderate Medium 14.36
A 4 Deliberately disrupts Internet & Eduroam Moderate Medium 14.37
C 4 Changes the configuration of Internet & Eduroam Substantial Medium-High 14.38
I 4 Changes the configuration of Internet & Eduroam Moderate Medium 14.39
A 4 Changes the configuration of Internet & Eduroam Moderate Medium 14.40
C 4 Misuses business or Network connections to or from Internet & Eduroam Substantial Medium-High 14.41
I 4 Misuses business or Network connections to or from Internet & Eduroam Moderate Medium 14.42
A 4 Misuses business or Network connections to or from Internet & Eduroam Moderate Medium 14.43
C 4 Tampers with equipment provided by Internet & Eduroam Substantial Medium-High 14.44
I 4 Tampers with equipment provided by Internet & Eduroam Moderate Medium 14.45
CONFIDENTIAL
67. CMPRPATI/699434
CONFIDENTIAL
A 4 Tampers with equipment provided by Internet & Eduroam Moderate Medium 14.46
C 4 Intercepts traffic from or to Internet & Eduroam Substantial Medium-High 14.47
I 4 Corrupts Internet & Eduroam Moderate Medium 14.48
A 4 Disrupts Internet & Eduroam Moderate Medium 14.49
C 4 Misuses business or Network connections to or from Internet & Eduroam Substantial Medium-High 14.50
I 4 Misuses business or Network connections to or from Internet & Eduroam Moderate Medium 14.51
A 4 Misuses business or Network connections to or from Internet & Eduroam Moderate Medium 14.52
C 4 Tampers with equipment in Internet & Eduroam Substantial Medium-High 14.53
I 4 Tampers with equipment in Internet & Eduroam Moderate Medium 14.54
A 4 Tampers with equipment in Internet & Eduroam Moderate Medium 14.55
CONFIDENTIAL
68. CMPRPATI/699434
CONFIDENTIAL
Form 6 Prioritised Risk List
6.1 6.2 6.3
Risk
ID
Description Risk Level
12.38
All Actors who come into contact with social media, communications and other software applications. (influenced by
Students), as a Privileged User, Changes the configuration of Social media, Communications and other software
applications, compromising its confidentiality and having a potential Business Impact at BIL 5.
Medium-
High
12.41
All Actors who come into contact with social media, communications and other software applications. (influenced by
Students), as a Service Consumer, Misuses business or Network connections to or from Social media, Communications and
other software applications, compromising its confidentiality and having a potential Business Impact at BIL 5.
Medium-
High
12.32
All Actors who come into contact with social media, communications and other software applications., as a Privileged User,
Accidentally releases information from Social media, Communications and other software applications, compromising its
confidentiality and having a potential Business Impact at BIL 5.
Medium-
High
12.35
All Actors who come into contact with social media, communications and other software applications. (influenced by
Students), as a Privileged User, Deliberately releases information from Social media, Communications and other software
applications, compromising its confidentiality and having a potential Business Impact at BIL 5.
Medium-
High
8.26
Students, Privileged User: Accidentally releases information from Databases, compromising its confidentiality and having a
potential Business Impact at BIL 5.
Medium-
High
12.50
All Actors who come into contact with social media, communications and other software applications. (influenced by
Students), as a Shared Service Subscriber, Misuses business or Network connections to or from Social media,
Communications and other software applications, compromising its confidentiality and having a potential Business Impact at
BIL 5.
Medium-
High
12.53
All Actors who come into contact with social media, communications and other software applications. (influenced by
Students), as a Supplier, Tampers with equipment in Social media, Communications and other software applications,
compromising its confidentiality and having a potential Business Impact at BIL 5.
Medium-
High
12.44
All Actors who come into contact with social media, communications and other software applications. (influenced by
Students), as a Service Consumer, Tampers with equipment provided by Social media, Communications and other software
applications, compromising its confidentiality and having a potential Business Impact at BIL 5.
Medium-
High
12.47 All Actors who come into contact with social media, communications and other software applications. (influenced by Medium-
CONFIDENTIAL
