| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to a cyberattack on the US Customs and Border Protection (CBP) involving the loss of photos of travelers occurred with a subcontractor named Perceptics. Perceptics, which makes license plate scanners and surveillance equipment for CBP, was suspended following the cyberattack incident [87866].
(b) The incident involving a cyberattack and data breach at the US Customs and Border Protection (CBP) with the subcontractor Perceptics is a notable case of a software failure incident affecting multiple organizations. This incident impacted under 100,000 people who entered and exited the US in a vehicle through specific lanes at one land border during a 1.5-month period. Additionally, sensitive CBP data, including government agency contracts and budget spreadsheets, was stolen by hackers from Perceptics [87866]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident in this case was primarily related to a design failure. The incident occurred due to a subcontractor transferring sensitive images collected by CBP to their company network, which was then compromised by a cyberattack [87866]. This breach highlighted issues with the system's design in terms of data handling and security protocols.
(b) Additionally, there were operational failures involved in the incident as well. The misuse of the system by the subcontractor, who violated CBP policies by transferring the images, contributed to the breach [87866]. This operational failure in following proper procedures and protocols also played a role in the software failure incident. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) within_system: The software failure incident reported in the article is primarily attributed to factors within the system. The incident involved a subcontractor of the US Customs and Border Protection (CBP) transferring sensitive data, including license plate images and traveler images, to its company network in violation of CBP policies. This internal action led to a cyberattack on the subcontractor's network, resulting in the loss of photos of travelers entering and exiting the US [87866].
(b) outside_system: The software failure incident also had elements originating from outside the system. The cyberattack that compromised the subcontractor's network and led to the data breach was initiated externally by hackers targeting the subcontractor's system. This external intrusion resulted in the theft of sensitive CBP data from the subcontractor, including government agency contracts and budget spreadsheets [87866]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident in this case was primarily due to a "malicious cyberattack" on the subcontractor's network, which resulted in the loss of photos of travelers into and out of the country [87866]. This cyberattack was a non-human action that led to the compromise of sensitive data and the breach of the system.
(b) Human actions also played a role in this incident as a subcontractor had violated CBP policies by transferring copies of license plate images and traveler images to the subcontractor's company network, which ultimately contributed to the cyberattack [87866]. Additionally, there were concerns raised about the agency's data practices and the need for transparency in handling personal information by government officials [87866]. |
| Dimension (Hardware/Software) |
software |
(a) The software failure incident reported in Article 87866 was primarily due to a "malicious cyberattack" on the subcontractor, Perceptics, which resulted in the loss of photos of travelers. This cyberattack compromised the subcontractor's network, leading to the exposure of sensitive CBP data. The incident was attributed to external factors (cyberattack) rather than internal hardware issues [87866].
(b) The software failure incident was also related to software issues as the subcontractor had transferred copies of license plate images and traveler images collected by CBP to its company network in violation of policies. This software-related action led to the exposure of the data to the cyberattack. Additionally, the incident highlighted concerns about the expansion of CBP's face recognition system and the collection of sensitive information from travelers, emphasizing the importance of data security and privacy in software systems [87866]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident in this case was malicious. The incident involved a "malicious cyberattack" on a subcontractor of the US Customs and Border Protection (CBP) which resulted in the loss of photos of travelers entering and exiting the country [87866]. The cyberattack compromised the subcontractor's network, affecting under 100,000 people who entered and exited the US in a vehicle through specific lanes at one land border during a 1.5-month period. Additionally, sensitive CBP data was stolen by hackers from the subcontractor, including government agency contracts, budget spreadsheets, and Powerpoint presentations [87866]. The incident was characterized by intentional actions aimed at causing harm to the system and extracting sensitive information. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The software failure incident involving the US Customs and Border Protection (CBP) and Perceptics was primarily due to poor decisions made by a subcontractor. The subcontractor violated CBP policies by transferring sensitive images to its company network, which ultimately led to a cyberattack compromising the data of under 100,000 travelers [87866].
Additionally, the incident highlighted concerns about CBP's expansion of face recognition systems and collection of sensitive traveler information, with critics emphasizing the need for better data practices and transparency to avoid breaches of personal data [87866]. |
| Capability (Incompetence/Accidental) |
accidental |
(a) The software failure incident reported in Article 87866 was not directly attributed to development incompetence. The incident was primarily caused by a "malicious cyberattack" on a subcontractor, Perceptics, which resulted in the loss of photos of travelers into and out of the country. The cyberattack compromised the subcontractor's network, leading to the exposure of sensitive CBP data. The subcontractor's actions, such as transferring images to its network in violation of CBP policies, and subsequent cyberattack were the key factors in this incident [87866].
(b) The software failure incident reported in Article 87866 was primarily accidental in nature. The incident was described as a "malicious cyberattack" on a subcontractor, Perceptics, which resulted in the loss of photos of travelers into and out of the country. The cyberattack was not intentional on the part of the subcontractor but rather a result of external malicious actors compromising their network. Additionally, the subcontractor denied any illegal or unethical behavior, indicating that the incident was not intentional on their part [87866]. |
| Duration |
temporary |
(a) The software failure incident in this case can be considered temporary. The incident was a result of a cyberattack on a subcontractor's network that compromised data of under 100,000 people who entered and exited the US in a vehicle through specific lanes at one land border during a 1.5-month period [87866]. The breach was not permanent as it was a specific event caused by the cyberattack on the subcontractor's network. |
| Behaviour |
other |
(a) crash: The software failure incident in this case did not involve a crash where the system lost state and did not perform any of its intended functions. The incident was related to a cyberattack compromising a subcontractor's network and leading to the loss of photos of travelers [87866].
(b) omission: The failure was not due to the system omitting to perform its intended functions at an instance(s). Instead, the incident involved the unauthorized transfer of license plate images and traveler images to the subcontractor's network, which was then compromised by a cyberattack [87866].
(c) timing: The failure was not due to the system performing its intended functions correctly, but too late or too early. The incident did not involve timing issues but rather a breach of data security resulting from a cyberattack on the subcontractor's network [87866].
(d) value: The failure was not due to the system performing its intended functions incorrectly. The incident did not involve the system providing incorrect outputs but rather the unauthorized access and theft of sensitive CBP data from the subcontractor's network [87866].
(e) byzantine: The failure was not due to the system behaving erroneously with inconsistent responses and interactions. The incident did not involve inconsistent behavior but rather a clear breach of data security through a cyberattack on the subcontractor's network [87866].
(f) other: The behavior of the software failure incident can be categorized as a security breach resulting from a cyberattack on a subcontractor's network, leading to the loss of photos of travelers and the theft of sensitive CBP data. The incident highlighted issues related to data privacy and security practices within the CBP subcontractor's operations [87866]. |