Thus, the threat to the security of computer systems – is a potential incident, whether intentional or not, which may adversely affect the system itself, as well as information stored in it. In other words, the threat – it is something bad that ever could happen. The vulnerability of computer systems – it's sort of unfortunate characteristic that makes possible the emergence of the threat. In other words, precisely because for vulnerabilities in the system there are adverse events. Finally, the attack on computer system – is the action taken by an attacker, which is to search for and use of a particular vulnerability. Thus, the attack – is the realization of the threat. Note that this interpretation of the attack (with the participation of someone with malicious intent), excludes the presence in the definition of the threat element of chance, but, as experience shows, it is often impossible to distinguish between intentional and accidental actions, and a good security system should respond adequately to any of them.
Furthermore, researchers usually distinguish three major types of security threats – the threats of disclosure, integrity and denial of service. The threat of disclosure is that information becomes known to him to whom should not have to know it. In terms of computer security threat to the disclosure takes place whenever access to some confidential information stored in a computer system, or transmitted from one system to another. Sometimes, instead of the word 'revelation', the terms 'theft' or 'leak'. Threat Integrity includes any intentional change (modification or deletion) of data stored in a computer system, or transmitted from one system to another. It is usually assumed that the threat of disclosure subject to more government agencies, and the threat of integrity – a business or commercial. The threat of denial of service occurs whenever a result of certain actions of blocking access to some resource Computer sistemy.Realno block may be permanent, so that the requested resource was never received, or it may cause a delay of only the requested resource, long enough for it to become useless. In such cases we say that the resource is exhausted.