| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to the breach of Adobe's code-signing system and the signing of malware with a valid Adobe certificate is an example of a failure happening again within the same organization. This incident is not the first time Adobe has faced security challenges. In the past, Adobe was hacked around the same time as Google and other companies in 2010, although it was not confirmed if the same attackers were responsible for hacking Adobe [14504].
(b) The incident involving the breach of digital certificates and the signing of malware with valid certificates has also occurred at other organizations. For example, Stuxnet, a piece of malware designed to sabotage Iran's nuclear program, was the first malicious code discovered in the wild to use a valid digital certificate. In that case, the attackers stole digital certificates from two companies in Taiwan to sign part of their code [14504]. |
| Phase (Design/Operation) |
design |
(a) The software failure incident in the article was related to the design phase. The breach occurred due to attackers compromising a build server that had the ability to get code approved from Adobe's code-signing system. This allowed the attackers to sign their malware with a valid digital certificate from Adobe, slipping past protective barriers that prevent unsigned software from installing automatically on a machine [14504].
(b) The software failure incident was not related to the operation phase or misuse of the system. |
| Boundary (Internal/External) |
within_system |
(a) within_system: The software failure incident involving Adobe's compromised code-signing system was primarily due to contributing factors that originated from within the system. Attackers breached a build server that had access to the signing system and were able to sign their malicious programs with a valid Adobe certificate [14504]. Adobe traced the problem to a compromised build server that had the ability to get code approved from the company's code-signing system, indicating an internal vulnerability that was exploited by the attackers. The breach of the build server allowed the attackers to sign malware with a valid digital certificate from Adobe, highlighting an internal security flaw within Adobe's infrastructure. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident in this case was primarily due to non-human actions. Attackers breached Adobe's code-signing system by compromising a build server that had access to the signing system, allowing them to sign their malware with a valid Adobe certificate without human participation [14504].
(b) However, human actions were also involved in the incident as the attackers exploited vulnerabilities in the system that were potentially caused by inadequate security measures or oversight on the part of Adobe. Additionally, the response to the incident, such as revoking the certificate and re-issuing new certificates, involved human actions to mitigate the impact of the breach [14504]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident involving Adobe's compromised code-signing system was primarily due to a hardware-related issue. The breach occurred through a compromised build server that had access to the signing system, allowing attackers to sign their malware with a valid Adobe certificate [14504].
(b) The software failure incident also had contributing factors originating in software. The attackers were able to exploit the compromised build server to sign their malicious programs, indicating vulnerabilities in Adobe's software security measures [14504]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident in this case was malicious. Attackers breached Adobe's code-signing system and used it to sign their malware with a valid digital certificate from Adobe. The attackers signed at least two malicious utility programs with the valid Adobe certificate, which were identified as "pwdump7 v7.1" and "myGeeksmail.dll" [14504].
The incident involved intentional actions by the attackers to compromise Adobe's code-signing system and sign malware with a valid certificate, indicating malicious intent to harm the system and potentially target specific entities or individuals. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The software failure incident involving Adobe's compromised code-signing system and the signing of malware with a valid Adobe certificate was primarily due to poor decisions. The breach occurred due to attackers gaining access to a compromised build server that had the ability to get code approved from the company's code-signing system [14504]. This incident highlights the importance of robust security measures and the potential consequences of inadequate security protocols in place. |
| Capability (Incompetence/Accidental) |
accidental |
(a) The software failure incident involving Adobe's code-signing system breach was not attributed to development incompetence but rather to attackers breaching a compromised build server that had access to the signing system [14504]. This breach allowed the attackers to sign their malware with a valid Adobe certificate, indicating a security vulnerability rather than a failure due to development incompetence.
(b) The incident was accidental in the sense that Adobe did not intentionally allow the breach to occur. It was a result of attackers exploiting a compromised build server, which was not a deliberate action by Adobe but rather an unintended consequence of a security vulnerability [14504]. |
| Duration |
temporary |
The software failure incident reported in the articles can be categorized as a temporary failure. This incident involved attackers breaching Adobe's code-signing system and using it to sign their malware with a valid digital certificate from Adobe. Adobe identified the compromised build server as the point of entry for the attackers to sign their malicious programs with the valid certificate. The company took immediate action to revoke the certificate, trace the issue, and re-issue new certificates for legitimate Adobe products signed with the same certificate [14504]. The incident was addressed promptly, and steps were taken to mitigate the impact of the breach, indicating that it was a temporary failure caused by specific circumstances rather than a permanent failure. |
| Behaviour |
other |
(a) crash: The software failure incident in the article does not involve a crash where the system loses state and does not perform any of its intended functions. The incident is related to a breach in Adobe's code-signing system, leading to the signing of malicious programs with a valid Adobe certificate [14504].
(b) omission: The software failure incident does not involve a failure due to the system omitting to perform its intended functions at an instance(s). Instead, the incident is about attackers breaching Adobe's code-signing system and signing malware with a valid Adobe certificate [14504].
(c) timing: The software failure incident is not related to a failure due to the system performing its intended functions too late or too early. The incident revolves around the compromise of a build server that had the ability to get code approved from Adobe's code-signing system, leading to the signing of malicious programs with a valid certificate [14504].
(d) value: The software failure incident does not involve a failure due to the system performing its intended functions incorrectly. The incident is about attackers breaching Adobe's code-signing system and using it to sign malware with a valid digital certificate from Adobe [14504].
(e) byzantine: The software failure incident does not exhibit a byzantine failure where the system behaves erroneously with inconsistent responses and interactions. The incident is focused on the compromise of a build server that allowed attackers to sign malicious programs with a valid Adobe certificate [14504].
(f) other: The behavior of the software failure incident can be categorized as a security breach leading to the unauthorized signing of malware with a valid Adobe certificate. This incident highlights a significant security vulnerability in Adobe's code-signing system, potentially impacting the trust between software makers and users [14504]. |