Threat (computer security)

The attack can be active when it attempts to alter system resources or affect their operation: so it compromises Integrity or Availability.

[1] OWASP (see figure) depicts the same phenomenon in slightly different terms: a threat agent through an attack vector exploits a weakness (vulnerability) of the system and the related security controls causing a technical impact on an IT resource (asset) connected to a business impact.

[12] The most widespread documentation on computer insecurity is about technical threats such as a computer virus, trojan and other malware, but a serious study to apply cost effective countermeasures can only be conducted following a rigorous IT risk analysis in the framework of an ISMS: a pure technical approach will let out the psychological attacks that are increasing threats.

Ransomware attacks involve the encryption of a victim's files and a demand for payment to restore access.

Leading antivirus software vendors publish global threat level on their websites.

[18] Individuals within a threat population; Practically anyone and anything can, under the right circumstances, be a threat agent – the well-intentioned, but inept, computer operator who trashes a daily batch job by typing the wrong command, the regulator performing an audit, or the squirrel that chews through a data cable.

Yet that same asset, if disclosed, can result in significant loss of competitive advantage or reputation, and generate legal costs.

For example, a threat agent bent on financial gain is less likely to destroy a critical server than they are to steal an easily pawned asset like a laptop.

[5] OWASP collects a list of potential threat agents to prevent system designers, and programmers insert vulnerabilities in the software.

A complete security architecture deals with both intentional acts (i.e. attacks) and accidental events.

It involves analyzing the system's architecture, identifying potential threats, and prioritizing them based on their impact and likelihood.

By using threat modeling, organizations can develop a proactive approach to security and prioritize their resources to address the most significant risks.

Very large organizations tend to adopt business continuity management plans in order to protect, maintain and recover business-critical processes and systems.

The results are then stored so that they can be used to improve the automated portion of the detection system and to serve as a foundation for future hypotheses.

The SANS Institute has conducted research and surveys on the effectiveness of threat hunting to track and disrupt cyber adversaries as early in their process as possible.

[29] To protect yourself from computer threats, it's essential to keep your software up-to-date, use strong and unique passwords, and be cautious when clicking on links or downloading attachments.

Additionally, using antivirus software and regularly backing up your data can help mitigate the impact of a threat.

OWASP: relationship between threat agent and business impact
vectorial version
vectorial version