NIST SP 800-209 SECURITY GUIDELINES FOR STORAGE INFRASTRUCTURE
This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-209
a point prior to its encryption or after its decryption, or by managing to gather enough data to
break the encryption).
Certain transmission compromises can extend beyond just interception of the data (also referred
to as passive eavesdropping), and involve injection, removal, or alteration of transmitted data,
metadata, or control traffic.
3.1.9 Insecure Images, Software and Firmware
Adversaries may attempt to interfere with a storage device’s software distribution, update, or
installation process in order to introduce incorrect, outdated, or maliciously modified code (e.g.,
binaries, images, firmware, drivers, etc.). Affected storage components can include disk drives,
tape drives and libraries, network cards and controllers (e.g., HBAs, network interface cards - or
NICs, FCoE adapters, etc.), switches and other network equipment, storage enclosures and
arrays, Storage OS, Client OS storage components, etc. Software update processes can rely on
complex delivery chains: an issuer (e.g., vendor, third party, open source community), delivery
methods (e.g., transmission or download, shipping of installation media, file copy by vendor
employee), local copies kept by an individual organization (e.g., proxies, internal file-servers),
and other. Each link in the chain could be targeted to introduce tampered software. Issuers, for
example, could be infiltrated to infect source-code libraries, to obtain access to signing software
or equipment, to publish altered signed binaries on their download sites or update servers, etc. A
variety of other strategies could be devised to compromise other links in the chain.
3.2 Risks to Storage Infrastructure
Security risk is defined as:
“…the extent to which an entity is threatened by a potential circumstance or
event. Risk typically is a function of: (i) the adverse impacts that would arise if
the circumstance or event occurs; and (ii) the likelihood of occurrence.
Information system-related security risks arise from the loss of confidentiality,
integrity, or availability of information or information systems. These risks reflect
the potential adverse impacts to organizational operations (including mission,
functions, image, or reputation), organizational assets, individuals, other
organizations, and the Nation.” [28]
3.2.1 Data Breach and Data Exposure
A data breach is an incident that involves sensitive, protected information being copied,
transmitted, viewed, deliberately exposed to the public, or used by individuals or entities
unauthorized to do so. Exposed information may include banking and credit card numbers,
personal information (including health-related, home address, phone numbers, dates of birth),
session tokens, passwords, customer data, company trade secrets, matters of national security, or
any other proprietary or sensitive information.
Data breaches can be exercised by an external source, such as a hacker or cybercriminal, or by an
internal one, such as a malicious insider or disgruntled employee. Data breaches can be
performed in a covert manner with traces being concealed or entirely removed, or in a manner