| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to the hack of NBC.com and related sites with the Citadel Trojan has similarities to a previous incident involving the RedKit tool. The article mentions that RedKit, the tool used to inject malicious code into NBC.com, first appeared in May 2012 and has resurfaced multiple times since then [17051].
(b) The software failure incident involving the hack of NBC.com with the Citadel Trojan is linked to a group that previously targeted Facebook and Verizon Wireless customers, phishing for account information. This connection suggests that similar incidents targeting multiple organizations have occurred in the past [17051]. |
| Phase (Design/Operation) |
design |
(a) The software failure incident described in the article is related to the design phase. The incident involved a hack of NBC.com and related sites, which resulted in visitors being infected with the Citadel Trojan through a drive-by download. The hackers used a tool called RedKit to inject malicious code into the website, exploiting weaknesses in outdated software or browser plugins to install malware on users' computers. This indicates a failure due to contributing factors introduced during system development or updates, as the hackers were able to exploit vulnerabilities in the system's design to carry out the attack [17051].
(b) The article does not provide information about the software failure incident being related to the operation phase. |
| Boundary (Internal/External) |
within_system |
(a) The software failure incident described in the article is primarily within_system. The hack of NBC.com and related sites was caused by cybercriminals embedding invisible elements on the main page, using a tool called RedKit to inject malicious code into the website. This led to the infection of visitors with the Citadel Trojan, a potent strain of malware used for cyberespionage and stealing bank account information [17051]. The attack technique involved exploiting weaknesses in outdated software or browser plugins on users' computers when they clicked on the malicious website, indicating that the failure originated from within the system itself. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident in the article was primarily due to non-human actions. The hack of NBC.com and related sites was carried out by cybercriminals who injected malicious code using the RedKit tool, leading to the infection of visitors with the Citadel Trojan through a "drive-by download" attack. The cybercriminals embedded invisible elements on the main page, rotated them periodically to avoid detection, and exploited weaknesses in outdated software or browser plugins to install malicious software on users' computers [17051].
(b) Human actions were also involved in the incident as the cybercriminals behind the attack actively engaged in hacking NBC.com and related sites to spread malware. However, the primary cause of the software failure was the deliberate actions of these cybercriminals rather than unintentional human errors or mistakes [17051]. |
| Dimension (Hardware/Software) |
software |
(a) The software failure incident reported in the article is primarily due to contributing factors originating in software rather than hardware. The incident involved a hack of NBC.com and related sites, leading to the infection of visitors with the Citadel Trojan malware. The malware was distributed through a drive-by download attack, where users visiting the compromised sites unknowingly downloaded the malicious software onto their computers. The tool used to inject the malicious code, RedKit, exploited weaknesses in outdated software or browser plugins to install the malware on users' computers [17051]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident described in the article is malicious in nature. It involved a hack of NBC.com and related sites with the objective of infecting visitors' computers with the Citadel Trojan, a potent strain of malware used for cyberespionage and stealing bank account information. The hackers utilized a tool called RedKit to inject malicious code into the website and exploit vulnerabilities in users' outdated software or browser plugins to install the malware on their computers [17051]. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The intent of the software failure incident related to poor_decisions:
- The hack of NBC.com and related sites was a sophisticated attack involving the injection of malicious code using the RedKit tool, which exploits weaknesses in outdated software or browser plugins [17051].
- The cybercriminals behind the attack embedded invisible elements on the main page that were periodically rotated to evade detection from security vendors and researchers, indicating a deliberate and calculated approach to avoid detection [17051]. |
| Capability (Incompetence/Accidental) |
accidental |
(a) The software failure incident reported in the article was not attributed to development incompetence. The hack of NBC.com and related sites was a sophisticated attack that involved the injection of malicious code using the RedKit tool, which targeted users with outdated software or browser plugins. The cybercriminals behind the attack embedded invisible elements on the main page to evade detection by security vendors and researchers, indicating a high level of sophistication in the attack [17051].
(b) The software failure incident at NBC.com was accidental in nature. Users visiting the compromised sites were unknowingly infected with the Citadel Trojan through a "drive-by download" technique. This means that users could accidentally download malware even when visiting a reputable website like NBC.com. The attack was described as invisible to the average user and challenging for security experts to track, highlighting the accidental nature of the malware infection [17051]. |
| Duration |
temporary |
(a) The software failure incident described in the article was temporary. The hack of NBC.com and related sites resulted in visitors being infected with the Citadel Trojan, a potent strain of malware used for cyberespionage and stealing bank account information. This incident was a deliberate attack by cybercriminals who embedded invisible elements on the main page to prevent detection from security vendors and researchers. The malware was injected into the website using the RedKit tool, which exploited weaknesses in outdated software or browser plugins to install malicious software on users' computers. The incident was not a permanent failure but rather a temporary disruption caused by the deliberate actions of cybercriminals [17051]. |
| Behaviour |
value, other |
(a) crash: The incident described in the article does not involve a crash where the system loses state and stops performing its intended functions. Instead, it focuses on a hack that infected visitors to NBC.com with malware, specifically the Citadel Trojan, through a drive-by download attack [Article 17051].
(b) omission: The incident does not involve a failure due to the system omitting to perform its intended functions at an instance(s). The focus is on the malicious injection of code to infect users with malware rather than the system failing to perform its functions [Article 17051].
(c) timing: The incident does not involve a failure due to the system performing its intended functions too late or too early. The attack described in the article is about injecting malicious code into NBC.com to exploit vulnerabilities in outdated software or browser plugins when users visit the site [Article 17051].
(d) value: The incident does involve a failure due to the system performing its intended functions incorrectly. The malware infection through the drive-by download attack led to the system performing unintended functions by installing malicious software on users' computers [Article 17051].
(e) byzantine: The incident does not involve a failure due to the system behaving erroneously with inconsistent responses and interactions. The focus is on the deliberate injection of malicious code to infect users with malware, rather than erratic behavior of the system [Article 17051].
(f) other: The behavior of the software failure incident in this case is primarily related to a cybersecurity attack involving the injection of the Citadel Trojan through a drive-by download on NBC.com. This behavior falls under the category of a security breach rather than a traditional software failure like a crash or omission of functions [Article 17051]. |