A negative effect or undesired event. Threat is a potential occurrence described as an effect that might damage or compromise an asset or objective. It may or may not be malicious in nature.
A threat is an action or event that might violate the security of an information systems environment.
There are three components of threat:
Targets: The aspect of security that might be attacked. The targets of threat are generally the security services, confidentiality, integrity and availability.
Agents: The people or organizations originating the threat. The agents of threat are the people who may wish to do harm to an organization.
Events: The type of action that poses the threat. Events are the ways in which an agent of threat may cause the harm to an organization. For instance, an attacker may cause harm by maliciously altering an organization’s Web site. Or the events to consider what harm could possibly be done if the agent gained access.
Threats can be classified as:
- Threat of exposure, which is against on confidentiality of the system
- Threat of Integrity, which is against on integrity
- Denial of Service, which is against on availability
Threat of Exposure:
Confidentiality is targeted when the disclosure of information to unauthorized individuals or organizations is the motivation. In this case, the attacker wishes to know something that would normally be kept from him, such as classified government information.
However, information that is normally kept private within commercial organizations, such as salary information or medical histories, can also be a target.
Threat of Integrity:
Integrity is the target when the threat wishes to change the information. The attacker in this case is seeking to gain from modifying some information about him or another, for example, making a change to a bank account to increase the amount of money in the account.
Another example might be the modification of some data in an important database to cast a doubt on the correctness of the data as well.
Denial of Service:
Availability is targeted through the performance of Denial of Service (DoS) attack. Such attacks can target the availability can be short-term or long-term as well.