Here is the final list of the top ten cybersecurity threats for 2008:

— On-line masquerading to abuse, attack, blackmail, bully, extort, or molest others.

— Criminal fraud by password and identity theft via phishing, spyware, malware and theft of hardware.

— Criminal use of botnets and botnet-like technologies for economic gain, for example email spam and denial of service attacks.

— Cyberterrorism, bulling, vandalism and other forms of electronic violence and malfeasance.

— Subversion of democratic political processes.

— Criminal manipulation and subversion of financial markets.

— Spying and theft of data by governments, industry, terrorists and other criminals.

— Denial-of-service attacks by criminals and terrorists.

— Sabotage, theft and other attacks by disgruntled employees and insiders.

— Natural disasters, accidents or errors without malicious intent.

Acknowledgements and References

A special word of appreciation for the reviews, comments and suggestions from the Certified Information Systems and Security Professionals (CISSPs) community and the LinkedIn professional network.

In particular, comments and suggestions from Gary Hinson, Bill Marlow, Eugene Schultz, Mike Smith, Lea Viljanen, and Alex Voytov were used to refine and improve the list.  Thank you.

This project was motivated by my friend and colleague in Thailand, Dr. Prinya Hom-anek.

An on-line Google spreadsheet of the comments on The Top Ten Cybersecurity Threats for 2008 - Final Draft and my resolution of the comments can be found here.