Security threats paint a constantly evolving landscape, and there is no end in sight in terms of threats that keep appearing. Enterprises have survived through extraordinary cycles of security threats, including the 2003 "summer of worms"; the 2004 proliferation of DDoS-based (distributed denial of service) cyber extortion of online betting sites; and the rise of botnets used for spam, targeted attacks and worse in 2005 and 2006. With the new calendars freshly hung on the wall, an important question surfaces: What security threats are on the rise for 2007?
Looking across the threat landscape, it appears that 2007 will bring more narrowly defined threats or "targeted threats," which are different from what weve seen before. They are more focused on individual information as opposed to mass-mailing worms that are sent over the Internet to randomly infect victims. These attacks can extract personalized information to use later in attacking a single person or company. Targeted threats can be so narrowly focused as to constitute industrial or even political espionage, trying to gain sensitive information from a single company or individual rather than the indiscriminate approach of letting a worm loose to randomly find victims wherever it may go.