Quiz Entry - updated: 2026.07.05
What are the four types of threats that may arise after a threat actor gains access to a network?
Information theft, data loss/manipulation, identity theft, and disruption of service.
Once a threat actor is inside a network, the damage falls into four broad categories. They are worth distinguishing because each targets a different asset — confidentiality, integrity, identity, or availability — and so calls for a different defence:
- Information Theft - Breaking in to steal confidential information (attacks confidentiality). Example: copying a company's research data to sell to a competitor.
- Data Loss and Manipulation - Destroying or altering data records (attacks integrity). Example: a virus reformatting a hard drive, or quietly changing prices in a billing system.
- Identity Theft - Stealing personal information to impersonate someone, then using that identity to obtain documents or credit illegally.
- Disruption of Service - Preventing legitimate users from reaching services they are entitled to (attacks availability) — the goal of denial-of-service attacks.
Go deeper:
Computer security — Wikipedia — surveys the full threat landscape (malware, DoS, MITM, social engineering) and the assets each one targets.