Any action intended to breach the security of information stored in a system by (a) gaining unauthorized access to that information usually without alerting the authorized user, (b) denial of service to the authorized user, (c) spoofing, which aims to confuse by introducing false information, usually as to the identity of the user. Some threats are with premeditated malicious intent but others are opportunistic or occur during a crash. See also vulnerability.