FORWARD Threat Report
Book, 2009
This document is the compilation of the three threat reports that were produced
independently by the three FORWARD working groups during the second phase
of the project. These working groups were established after the first FORWARD
workshop that was held in Goteborg, Sweden in April 2008. They are briefly described
in the following paragraphs:
The Malware and Fraud working group is concerned with the malware and
fraud-related threats on the Internet. It covers topics that range from novel malware
developments over botnets to cyber crime and Internet fraud.
The Smart Environments working group is concerned with ordinary environments
that have been enhanced by interconnected computer equipment. There is
general expectation that a large number of small devices such as sensors and mobile
phones will be interconnected. The group aims to identify emerging trends
with respect to security in this domain.
The Critical Systems working group focuses on critical systems whose disruption
of operation can lead to significant material loss or threaten human life. It
attempts to identify emerging threats in this area.
For our work, we introduce the following definition of threat:
Threat - Definition : A threat is any indication, circumstance, or event with the
potential to cause harm to an ICT infrastructure and the assets that depend
on this infrastructure.
Our version is related to a variety of other definitions that exist in the literature,
such as the ones provided by ISO/IEC and the EU Green Paper for Critical
infrastructure protection, 2005 [20]. In both cases, a threat is described as a event,
circumstance, or incident that has the potential to cause destruction or, more general,
harm to the system or organization that is exposed to the threat. We adapt our
definition to explicitly refer to ICT infrastructures and assets, as this is the scope of the project. However, we observe that the definition is reasonably general to
accommodate a wide range of possible threats and scenarios. This is necessary to
allow different working groups to identify interesting threats without being constrained
by an overly narrow, initial definition.
Creating a list of emerging and future threats is a challenging endeavor. The
past has witnessed many stunning scientific and technical advances, and these advances
have transformed society and the way people use and rely on information
technology. Of course, also attackers are creative and constantly invent new ways
of abusing technologies and applications for financial profit or simply because they
enjoy virtual vandalism. Thus, trying to imagine potential developments is always
at risk of failing to accurately predict the future. Nevertheless, it is important to
actively think about the potential risks and threats that emerging technologies and
their applications entail. Otherwise, one would simply concede to the adversaries
and, at most, react to their new attacks.
One way to think about emerging and future threats is to bring together a group
of domain experts and let them enter a dialogue in which they will (hopefully)
come up with a set of possible threats. This is one possible way, and in part an approach
that FORWARD leverages through its working groups. However, it would
be desirable to introduce a more systematic methodology to think about emerging
threats. In FORWARD, we attempt to do this by introducing a number of “axes”
along which developments can happen (or are currently unfolding). These axes
serve as the main drivers of development in general, and allow us to set a framework
in which each working group can systematically explore threats. [...]
dependable and trusted Infrastructures
Secure