Network Threats

Although we use the word threat for anything problematic over the network, it is actually a mixture of three individual terms, 'vulnerability', 'Threat' and 'attack'; in increasing order of the problem they pose.The differences between these terms are subtle, and are also intersecting.

Let's start defining the terms.
 A Vulnerability as a computer term is not much different from the general meaning.A vulnerability is basically a weakness.
As quoted in wikipedia, Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw.
Vulnerabilities are quite common in the cyber world. With millions of people developing tremendous amounts of programs, It is fair to assume that a vulnerability exists somewhere in the code.
Think about it. The operating system of your PC itself has millions of lines of code. That is obviously not written by a single person/software. even a ratio as small as 0.001% makes a huge possibility of vulnerabilities. So, a vulnerability is basically an inefficiency to protect your own data.
So there are vulnerabilities. How does someone take advantage of it?

The act of 'making use of' a vulnerability is termed as an 'Exploit'. How do you make use of a vulnerability? How do you get anything done in the cyber world?
By a software or commands ofcourse.
So, an Exploit is a software, or set of commands which take advantage of a vulnerability.
A threat somewhat has a similar meaning. A Threat is some phenomenon which MIGHT exploit a vulnerability. By might, it means that a threat might as well be accidental.
So a threat refers to the possibility of the situation, while an exploit is the 'action performed'.


'Attack':
An Attack is a deliberate and illegal action of a malicious code. What is an attack for? It is a bit difficult to answer this.
A attack may be done in the intention of making some money. But that may not always be true.
" Some people aren't looking for anything logical, like money. Some people just want to watch the world burn."
So, we leave the definition of an attack as a 'deliberate' action.
The "malicious" intent is recognized in this stage. In a perfect world, it doesn't matter is there exist threats or vulnerabilities; assuming nobody would take advantages of them. But, it is not the case and since we cannot defend ourselves before anybody exploits the opportunity(since we won't know them before they do), we need to minimize the possibilities of risks, i.e threats to cut them off at the source.

Your sytem is said to be at 'risk' when-

  1. there is a private data or information you consider an 'asset' and try to protect
  2. there is a vulnerability i.e a leak or a gap in that protection
  3. There is a threat against your asset.

Comments

Popular posts from this blog

Deep Web, Dark Web.

Why do we blog?

Waste management