Tactics: An Introduction ◾ 105
e important thing to remember about assault is that it is the only scenario that can result
in the theft of assets. eft requires a conscious (human) decision. e other attack scenarios
may facilitate the thief ’s access to an asset, but they cannot result in the attacker taking pos-
session of that asset.
2. Bash—mechanized assaults; the use of vehicles, heavy equipment, aircraft, and the like, to
overcome physical protections (e.g., 9/11 airliner crashes). is scenario is frequently used in
combination with a people-based assault to quickly defeat physical protections, but it may
also be used to disrupt operations by destroying critical resources or threatening the safety of
facility personnel. e best example of this technique is the video of the thief who backs his
truck through the front window of a convenience store to bash an ATM off its base, which
he then throws into the back of his truck and drives off !
3. Blast—the use of explosives, compressed gas, or other blast agents to overcome physical pro-
tections, destroy equipment and facilities, or disrupt operations. is scenario is sometimes
used in conjunction with an assault to quickly defeat physical protections.
4. Burn—the use of fi re, acid, or other deterioration agents to overcome physical protections,
destroy equipment and facilities, or disrupt operations. is scenario is sometimes used as a
diversion in assaults but is more often employed for sabotage or revenge attacks because it is
simple to execute.
5. Flood—the use of water or other liquids to destroy equipment and facilities or disrupt oper-
ations. While water is particularly eff ective against electronics and computer equipment, it
is not a common attack scenario. Most computing facilities carefully monitor and control
the use and availability of water within the facility.
6. Poison—the use of air, liquid, or food-borne agents to overcome personnel and disrupt
operations; examples include gas, smoke, and stink agents. is scenario is sometimes used
as a diversion in assaults but is more often used for sabotage or revenge attacks because mate-
rials are readily available and the attack is simple to execute.
7. Siege—cutoff of access; power; communications; heating, ventilating, and air conditioning;
water, or other necessities in an eff ort to damage or destroy equipment and disrupt opera-
tions. is is a very eff ective scenario, but it can be very diffi cult to execute and sustain it for
an extended period of time. Most computing facilities are designed to withstand these types
of failures, and help is readily available in most cases.
e remaining techniques might be classifi ed as annoyance attacks, including false alarms,
bomb scares, and light and noise annoyances, which are aimed primarily at disrupting operations.
ere are any number of possible ways to carry out these attacks. Understanding the attack meth-
ods is less important than understanding the limitations (scope) of each scenario. Focusing on
attack methods results in point solutions, whereas focusing on attack scenarios results in compre-
hensive (or multipoint) solutions—solutions that counter multiple attack methods in overlapping
scenarios. For example, if we understand that all physical attacks (with the exception of assault)
at worst will result in a loss of data availability, we can focus our tactics and control objectives on
measures that counter that loss across the entire spectrum of attacks. Let’s call this tactic business
continuity planning. e best tactics are those that use tactical principles to effi ciently and eff ec-
tively counterattack scenarios—something we must never lose sight of in our strategic and tactical
endeavors.
TAF-K11348-10-0301-C007.indd 105TAF-K11348-10-0301-C007.indd 105 8/18/10 3:08:05 PM8/18/10 3:08:05 PM