cybersecurity or IT security,

Computer security, also known as cybersecurity or IT security, is security applied to computers, computer networks, and the data stored and transmitted over them.

The field is of growing importance due to the increasing reliance of computer systems in most societies.^[1]Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things, and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Computer security covers all the processes and mechanisms by which digital equipment, information and services are protected from unintended or unauthorized access, change or destruction and the process of applying security measures to ensure confidentiality, integrity, and availability of data both in transit and at rest.^[

Vulnerabilities

Main article: Vulnerability (computing)

A vulnerability is a system susceptibility or flaw, and an exploitable vulnerability is one for which at least one working attack exists. Many vulnerabilities are documented in the Common Vulnerabilities and Exposures (CVE) database and vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities.

To understand the techniques for securing a computer system, it is important to first understand the various types of "attacks" that can be made against it, and these threats can typically be classified into one of the categories in the sections below:

Backdoors

A backdoor in a computer system, a cryptosystem or an algorithm, is any secret method of bypassing normal authentication or security controls.

Denial-of-service attack

Main article: Denial-of-service attack

Denial of service attacks are designed to make a machine or network resource unavailable to its intended users. Attackers can deny service to individual victims, such as by deliberately entering a wrong password enough consecutive times to cause the victim account to be locked, or they may overload the capabilities of a machine or network and block all users at once.

An attack from a single IP address can be blocked by adding a new firewall rule, but many forms of Distributed denial of service (DDoS) attacks are possible, where the attack comes from a large number of points - and defending is much more difficult. Such attacks can originate from the zombie computers of abotnet, but a range of other techniques are possible including reflection and amplification attacks, where innocent systems are fooled into sending traffic to the victim.