Infringement

Codebase Integrity Compromise

Data Loss

Delegated Execution via Artificial Intelligence Agents

Denial of Service

Digital Defacement

Disruption of Business Operations

Excessive Personal Use

Exfiltration via Automated Transcription

Exfiltration via Email

Exfiltration via Media Capture

Exfiltration via Messaging Applications

Exfiltration via Other Network Medium

Exfiltration via Physical Medium

Exfiltration via Screen Sharing

Exfiltration via SMS/MMS

Exfiltration via Web Service

External Credential Sharing

Harassment and Discrimination

Inappropriate Web Browsing

Installing Malicious Software

Installing Unapproved Software

Internal Credential Sharing

Service Account Sharing

Misappropriation of Funds

Misuse of Corporate Communication Channels

Non-Corporate Device

Physical Sabotage

Providing Access to a Unauthorized Third Party

Public Statements Resulting in Brand Damage

Regulatory Non-Compliance

Sharing on AI Chatbot Platforms

Theft

Unauthorized Changes to IT Systems

Unauthorized Presence in Restricted Physical Areas

Unauthorized Printing of Documents

Unauthorized VPN Client

Unauthorized Work Location

Undisclosed Concurrent Employment

Unlawfully Accessing Copyrighted Material

ID: IF002.007
Created: 26th July 2024
Updated: 26th July 2024
Platform: MacOS
Contributor: The ITM Team

Exfiltration via Target Disk Mode

When a Mac is booted into Target Disk Mode (by powering the computer on whilst holding the ‘T’ key), it acts as an external storage device, accessible from another computer via Thunderbolt, USB, or FireWire connections. A subject with physical access to the computer, and the ability to control boot options, can copy any data present on the target disk, bypassing the need to authenticate to the target computer.

Preventions (3)

Detections (4)

References