Difference between Threat and Attack
Prerequisite – System Security
Threat and attack are two important events from a security perspective. It is really important to understand the difference between both from the perspective of network security.
A Threat is a possible security violation that might exploit the vulnerability of a system or asset. The origin of threat may be accidental, environmental (natural disaster), human negligence or human failure. Difference types of security threats are interruption, interception, fabrication and modification.
Attack is an deliberate unauthorized action on a system or asset. Attack can be classified as active and passive attack. An attack will have a motive and will follow a method when opportunity arise.
The difference between threat and attack are:
|1||Can be intentional or unintentional||Is intentional|
|2||May or may not be malicious||Is malicious|
|3||Circumstance that has ability to cause damage||Objective is to cause damage|
|4||Information may or may not be altered or damaged||Chance for information alteration and damage is very high|
|5||Comparatively hard to detect||Comparatively easy to detect|
|6||Can be blocked by control of vulnerabilities||Cannot be blocked by just controlling the vulnerabilities|
|7||Can be initiated by system itself as well as outsider||Is always initiated by outsider (system or user)|