Business Processes The TwoHands Corporation has business processes that can be categorized into three categories: 1. Operational Processes 2. Supporting Processes 3. Management Processes. Operational Processes The operational processes create the primary value stream for the company and are imperative to TwoHands Corporation's line of business. These operational processes are research and development, manufacturing, and marketing. Research begins at the corporation's research laboratory where new glove designs and coatings are developed and tested. The scientists in R&D use the Internet to obtain valuable research information. The manufacturing process takes place in factories and warehouses across the country. In the instance of producing gloves to handle waste, material is chosen first, the material is cut, the material is sewn together, the gloves are coated, the gloves are cleaned and checked, and then finally packed for distribution. The last process of marketing is handled by the sales team in the main headquarters where they receive orders and dispatch them to the appropriate factories. Supporting Processes The supporting processes help maintain and enhance the core operational processes. Accounting, sales (purchasing), human resources, and payroll are processes that support the three main operational processes; however, IT-support is the process that sustains the other four. Management processes The management processes govern the operation of TwoHands Corporation's system. Communication between employees, management, and the different departments all from different locations is extremely important to the corporation's business. Human resources, inventory management, order processing, accounting, purchasing, IT, senior management, and all employees at work, working from home, and traveling communicate with each other daily through phone lines and the company's network. Goals of an Attack The objective of an attack to TwoHands Corporation could be classified into three main categories: 1) Damage to assets 2) Damage to productivity (causing loss of revenue), and 3) Damage to public image and morale.  When the attacker is targeting assets, their goal is to interrupt business processes and cause loss of revenue by damaging or stealing information assets, connectivity/bandwidth assets, and hardware.  Damage to productively can be achieved by disrupting normal business processes to cause loss of manhours and to delay orders.  By damaging public image and morale, TwoHands Corporation will lose clients and employee productively will be disrupted.  An attacker can achieve this objective by damaging the company's website, emails, or payroll and compensation.  Damage of Assets Information Assets Violation of CIA (confidentiality, integrity, availability) Passive network interception NMAP Packet Collection Ethereal Packet Analysis Active electronic invasion (Spyware, Remote Access) Remote Spyware, Remote Access Immediate Credential faking and illegitimate access Pre-boot OS & Persistent Storage Analysis Passive physical data collection (dumpster diving) Active physical data collection (trespassing, bribery and theft) Footprinting Employee Stalking Enterprise/Internet Interface Listening Connectivity/Bandwidth Assets Exterior DoS Interior Packetstorming Interior Switch Poisoning Theft of Hardware Assets Intersects with attack on data assets when includes permanent storage devices Theft of intellectual property in invested hardware (prototypes and other reverse engineering material) Damage to public image and morale Website defamation Email defamation Attack on payroll/compensation