1. Technology
   1. Wired
      1. Internet
         1. Exploiting Defaults
            1. Faulty IIS (Internet Information Service)
         2. Data Mining
         3. Authorization Bypass
      2. Software
         1. Trojan Horse
         2. Virus
         3. Logger
            1. Keystroke
            2. Monitor
         4. Customized Scripts
         5. Updates
         6. Worm
         7. Holes in non-updated software
      3. Malware
         1. Trojans
         2. Spyware
         3. Worms
         4. Bots
            1. Botnets
         5. Rootkits
         6. Viruses
         7. Adware
      4. Hardware
      5. Stealing Password
         1. Dictionary Attacks
         2. Hybrid Attacks
         3. Brute Force Attacks
         4. Logger Software
      6. Email
         1. Man-in-the-Middle
            1. Phishing
            2. DNS hijacking
            3. URL manipulation
         2. Email harvesters
      7. Exploit tools and kits
         1. ZeuS
   2. Wireless
      1. Eavesdropping
      2. Interference
      3. Wi-fi Tools
         1. Using localized networks
         2. Using Mobile tech
         3. Using tablets
      4. Packet Sniffing
2. Cyber Terrorism (Joe)
   1. Methods
      1. Sabotage
         1. Internal
            1. Planting a Mole
            2. Disgruntled Employee
         2. External
            1. Activists
            2. Terrorist Groups
            3. State Actors
      2. Website Defacement
         1. Send Message
         2. Publicity
      3. Denial of Service
         1. Deter Communication
         2. Suspend System Activity (permanently or temporarily)
3. Cyber Identity Theft (Laura)
   1. Precedents
      1. Bluetooth-enabled devices planted at gas pumps to read credit card details
      2. Data breaches at large companies (TJ Maxx, Heartland, ...)
      3. Pharmamed.php (email harvesting)
      4. Bluesnarfing, bluebugging, HeloMoto
   2. Methods
      1. Computers
         1. Hacking
            1. War-driving
            2. Eavesdropping
            3. Password-based attacks
            4. Compromised-key attacks
            5. Man-in-the-middle attacks
            6. Sniffers
         2. Physical acquisition
            1. Stealing devices
            2. Acquiring improperly disposed-of device
         3. Phishing
            1. Pharming
         4. Mass rebellion
            1. P2P services
         5. Disclosure by employees
            1. Disgruntled employees
            2. Bribery
            3. Unintentional disclosure
         6. Posing
            1. Scam within a scam
            2. Posing as authority, mass-emailing victims of past identity theft
            3. Spoofing
            4. Pranking
            5. Registering another person for a dating site, for example
      2. Mobile devices
         1. Hacking
            1. War-dialing
            2. Eavesdropping
            3. Password-based attacks
            4. Sniffers
            5. Bluebugging and bluesnarfing
         2. Phishing
            1. Smishing
         3. Disclosure by employees
            1. Disgruntled employees
            2. Bribery
            3. Unintentional disclosure
         4. Physical acquisition
            1. Stealing devices
            2. Acquiring improperly disposed-of device
         5. Direct observation
            1. Looking over the user's shoulder
            2. Camera/video capabilities on devices
      3. ATM skimming
   3. Predictions (2011)
      1. Exploitation of mobile GPS location information
      2. More attacks on social networking sites
      3. Increase in "mixed threats" (email, Web, social media)
4. Espionage (Leslie)
   1. Precedents
      1. Nitro Attacks to install Poison.Ivy Trojan through email
      2. Top executives spying at Renault
      3. "Gameover" DDoS attacks against Banks
      4. Phishing attacks against RSA
   2. Methods
      1. Email with attachments
         1. PDF
         2. Meeting Requests
         3. Word .DOC
         4. Pictures
         5. Software updates
      2. USB/external devices
      3. Employees
      4. Contractors/Consultants
      5. Outsiders with Access
      6. Peer-to-Peer networks
   3. Types of Data Stolen
      1. Intellectual Property
         1. Patent information
         2. Research & Development
      2. Financial
      3. Personnel
      4. Company Planning
         1. Strategic plans
         2. Pricing information
         3. Cost lists
         4. Marketing plans
         5. Customer lists
   4. Most at-risk Industries
      1. High-tech
         1. Computer hardware/software
         2. laser technology
         3. semi-conductor technology
      2. Pharamaceutical
         1. Biotech
      3. Manufacturing firms
         1. Aerospace
         2. Energy research
         3. Advanced materials & coatings
         4. Transportation & Engine technology
      4. Service Industry
      5. Defense Industries
         1. Stealth technologies
      6. Telecommunications