Coercion, blackmail or corruption may lead to the impairment of the security of information
or business processes. Through the threat of violence or other disadvantages, an attacker may
for example try to force the victim to ignore security policies or bypass security safeguards
(coercion).
Instead of threatening, attackers may also specifically offer money or other advantages in
order to make employees or other people their instruments for carrying out security
violations (corruption). For example, there is the risk that a corruptible employee may forward
confidential documents to unauthorised persons.
In principle, coercion or corruption can impair all fundamental information security values.
Amongst other things, attacks may seek to forward confidential information to unauthorised
persons, manipulate business-critical information or disrupt the smooth operation of business
processes.
There is a particularly high risk if these attacks are directed against senior managers or people
in positions of special trust.