The Top Ten Cybersecurity Threats for 2008

Posted on 01/05/08 5 Comments

Here is the final list of the top ten cybersecurity threats for 2008:

— On-line masquerading to abuse, attack, blackmail, bully, extort, or molest others.

— Criminal fraud by password and identity theft via phishing, spyware, malware and theft of hardware.

— Criminal use of botnets and botnet-like technologies for economic gain, for example email spam and denial of service attacks.

— Cyberterrorism, bulling, vandalism and other forms of electronic violence and malfeasance.

— Subversion of democratic political processes.

— Criminal manipulation and subversion of financial markets.

— Spying and theft of data by governments, industry, terrorists and other criminals.

— Denial-of-service attacks by criminals and terrorists.

— Sabotage, theft and other attacks by disgruntled employees and insiders.

— Natural disasters, accidents or errors without malicious intent.

Acknowledgements and References

A special word of appreciation for the reviews, comments and suggestions from the Certified Information Systems and Security Professionals (CISSPs) community and the LinkedIn professional network.

In particular, comments and suggestions from Gary Hinson, Bill Marlow, Eugene Schultz, Mike Smith, Lea Viljanen, and Alex Voytov were used to refine and improve the list.  Thank you.

This project was motivated by my friend and colleague in Thailand, Dr. Prinya Hom-anek.

An on-line Google spreadsheet of the comments on The Top Ten Cybersecurity Threats for 2008 – Final Draft and my resolution of the comments can be found here.

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks

One Comment

  1. Givindu Jayaranga says:
    Tuesday, October 12, 2010 at 1:11am

    I received an email. The address was my Cousins email Address.But it had no name of the sender. The address was same but the only difference was The original Emails i received from my cousin had his name in it and the fake one had only the same email address but no name of sender or any signature. How can this happen?
    What has happened in this situation?

4 Trackbacks

  1. By Threats to the Democratic Process « The Complex Event Processing Blog on April 13, 2008 at 5:59 am

    [...] to the Democratic Process Our readers might recall that this post by Tim Bass, CISSP, The Top Ten Cybersecurity Threats for 2008.  One of the top ten threats to cybersecurity in 2008, according to this [...]

  2. By The 10 Top Cybersecurity Threats for 2008, AMCHAM & OWASP Thailand | The Complex Event Processing Blog on September 29, 2008 at 10:06 am

    [...] with IT security experts from (ISC)2 and the LinkedIn professional network, I published The Top Ten Cybersecurity Threats for 2008.  In a joint meeting with interested AMCHAM Thailand guests from the Open Web Application Security [...]

  3. By Cyberattack! Manipulation and Subversion of Financial Markets! | Cyberstrategics Complex Event Processing Blog on December 7, 2008 at 9:07 pm

    [...] The Top Ten Cybersecurity Threats for 2008 I mentioned one of most critical cybersecurity threats of 2008 will be the manipulation and [...]

  4. By Prelude to The Top Ten Cybersecurity Threats for 2009 - Cyberspace | Cyberstrategics Complex Event Processing Blog on December 29, 2008 at 7:44 pm

    [...] Threats for 2009. However, before doing so, let’s take a look at some interesting aspects of The Top Ten Cybersecurity Threats for 2008.  In my cybersecurity threat list for 2008, I mentioned: — Criminal manipulation and subversion [...]

Post a Comment

You must be logged in to post a comment.