Event 1
Agent: External (Type: Organized crime; Role: Participated directly and deliberately; Origin: Europe-East)
Action: Hacking (Type: SQLinjection; Path: Web Application)
Asset: Servers & Applications (Type: Web app/server, Database)
Attribute: Integrity
Event 2
Agent: External (Type: Organized crime; Role: Participated directly and deliberately; Origin: Europe-East)
Action: Malware (Type: Keylogger, Packet sniffer; Path: Installed / injected by remote attacker)
Asset: Servers & Applications (Type: Web app/server)
Attribute: Confidentiality
Event 3
Agent: External (Type: Organized crime; Role: Participated directly and deliberately; Origin: Europe-East)
Action: Hacking (Type: Use of stolen credentials; Path: Remote access and control services/software)
Asset: Servers & Applications, Networks & NW Devices (Type: multiple)
Attribute: Confidentiality, Integrity
Source: https://habr.com/ru/post/108019/