"A risk assessment of the Piql Services" by FFI

as extortion and force them to act a certain way which is beneficial to the threat actor. The threat actor can either be working alone or it can be an organised effort, where the piqlFilm is the target of organised crime. Perhaps the largest concern, as mentioned previously in this chapter, is that the theft can be executed with the help of an insider. There is an important distinction to be made with regards to theft of the information stored with the Piql Preservation Services between physical and logical theft: by logical theft we mean stealing the information while it is stored or transferred electronically; 39 and by physical theft we mean stealing the physical storage medium, i.e. piqlFilm, which stores the digital data. As the Piql Preservation Services is mainly an offline storage medium, there is limited opportunity for a threat actor to attempt to steal the information stored on the piqlFilm by logical means. This is only possible when the information is in contact with online networks, i.e. during the production phase. 40 The Piql technology is true WORM – Write Once, Read Many – and once it is written, it cannot be modified. Because there is less need for migration of the data than with other storage media due to this feature, there is also less need for contact with online networks. Fewer parties are involved with managing the information as well, as there is less need for maintenance. The opportunities for logical theft are thus fewer, and the risk thereof decreases as a result. Nevertheless, a threat actor could gain access to the data during the production phase, which we will elaborate on in the section below regarding computer security. If a threat actor wishes to steal information stored on the piqlFilm at any other point in the service journey, this must involve the physical removal of the piqlFilm. As mentioned earlier in the analysis, this risk is greatest during transportation, when security is at a minimum because the piqlFilms are not in a Piql-controlled environment. The risk of physical theft is also very much present during storage, however, as it is possible for someone to gain access to the storage facility despite the presence of security measures. This can be done by force or by cunning. Once again, though, the choice of an automated storage system can serve to mitigate certain risks, here the ease with which theft is possible. In a manual system, the threat actor needs only gain access to the storage room, grab the correct piqlBox and run. With the automated system, however, an outsider would have more difficulty in, first, gaining access to the piqlVault system, and, second, understanding how to work the system. This would require additional planning and intelligence gathering beforehand, which might be enough to deter a threat actor from acting. They can, unfortunately, instead enlist the help of an insider, which, as mentioned, is a big concern. In doing so, they bypass the problem of not having intimate knowledge of the system altogether.

9.1.14

Sabotage

Sabotage of the Piql Preservation Services is also a major concern, as there are so many components of the system that can be tampered with. Especially when one considers that the

39 By logical threats or hazards we mean risks against the Piql Preservation Services while the information is stored or transferred electronically. See [56, p.18]. 40 The reader will remember that some of the information stored on the piqlFilm will also be connected to online networks during data retrieval, but this step in not directly included in this assessment.

79

FFI-RAPPORT 16/00707