New approaches to categorising economically-motivated digital threats
Anthony Arrott, David Perry Trend Micro
download slides (PDF)
While no generally accepted industry standard for categorizing digital threats has been established, various
categorization systems have gained currency in the security industry. Many of these categorization systems have
evolved over time and reflect the historical development of the digital threats they attempt to categorize.
In recent years there has been a major shift from threats motivated by vandalism to those motivated by economic gain
- particularly through fraud and over-aggressive marketing related to online advertising.
This shift requires an overall re-examination of the basis for most threat categorization systems.
The authors discuss the relevant drivers and suggest new approaches to categorizing digital threats in ways more
meaningful to the people being protected. These new approaches account for four separate aspects of economically
motivated digital threats: (1) how threats get installed; (2) how threats make money; (3) how threats exploit their
hosts; and (4) how threats protect themselves from being eliminated.
