A cyber threat is a computer or computer network hazard. It is a potential attack that preys on weaknesses or flaws in hardware and software systems. An exploit is defined as an unauthorized action performed on an information system such as a corporate network, desktop PC, enterprise server, web site, factory control systems, Supervisory Control And Data Analysis (SCADA) network, or home computer. A zero-day exploit is a previously unknown or unrecognized exploit. A remote exploit is an unauthorized access to an information system from a distance—from across a network.

There are a number of highly varied types of threats ranging from malicious software designed to penetrate entire systems to phishing e-mail exploits designed to betray users into giving out personal information, and numerous other types of threats designed to cause a nuisance or very serious theft of intellectual property, financial gain, and espionage. Perhaps the worst exploit is a rootkit, because it yields complete control of a computer to a hacker and requires an entire rebuild of the victim computer to remove. We will categorize all of these as malicious software to make the terminology simple.

This chapter is about exploits—the potential unauthorized acts against the information technology sector (IT) for the purpose of gaining control, stealing information, destroying data, and denying service to the authorized users of IT systems. We assume that the information systems of greatest ...