Which type of attack poses a threat to data at rest?

Malware attacks pose a significant threat to data at rest because malware can be designed to infiltrate systems and access stored data without user awareness. This type of attack may include malicious software that can encrypt, steal, or corrupt data stored on hard drives or database systems. For example, ransomware, a type of malware, specifically targets data at rest by encrypting files and demanding a ransom for their release, thereby directly impacting the availability and integrity of that data.

In contrast, phishing attacks primarily focus on tricking users into revealing sensitive information or login credentials, which is less about accessing data that is already stored. Denial of service attacks aim to incapacitate systems rather than manipulate or obtain stored data. Similarly, man-in-the-middle attacks involve intercepting data during transmission between two parties rather than accessing data that is securely stored on a device or server. Thus, malware attacks are uniquely positioned to threaten data at rest, making them the correct answer in this context.