Social engineering, vulnerabilities, and network attacks. I guess malware too? It's kinda the end result of most of these. I think a really small percentage of malware actually performs keylogging etc. I don't run into many pages trying to steal my identity - mostly pages trying to exploit or trick me.
Your lists contains potential enemies, malicious goals, and methods used by the first to gain the second. It might help to narrow the focus of the topic along with identifying the target of the threat, eg. home users, business, industry, infrastructure, etc. Without specifying, all of them apply.
I really can't vote/answer such a question as only statistics can give an idea of what is going on, but I can certainly say that what I fear most are keyloggers and identity/credit cards theft.
I voted malware, meaning particularly rootkits, but it depends: if the poll targets the harmfulness, for a single pc or for the web ( botnet.... ) I say " rootkits "; if the poll targets the spread, I say Social Media/Network Attacks.
Depending on how one's view is on major security threats.To me a major security threat is Identity theft/fraud because its my personal security and piece of mind.As far as just a computer being infected then my vote go's to Malware and social media/Network Attacks.
I added *other* apart from the 3 I voted for. The *other* (who) are users who surf the internet without caution by visiting rogue websites.
While I agree that the choices available don't quite narrow it down enough (considering basically you've just listed who does what and how they do it), I went ahead and voted for data breaching and malicious insiders. While the interest will always be there, home users are becoming less of a target as far as direct attacks. Data is money, and, Anon idiots aside, money is what hackers generally want. Sure, I can keylog your machine, and collect your passwords, eventually getting good stuff (if you bank online and/or do other very sensitive things with your system). But, if your hospital has weak security, or your bank, or your credit card company..guess who I'm going after? Also, more than a few times has a disgruntled employee or some insider out for themselves, abused their access to sensitive data or caused some other sort of disaster.
Identity Theft/Fraud - it is better to let someone else to pay for something almost without risk and just with little trash digging and/or some "harmless" social engineering. Social Engineering follows as well, since it works in 60% cases and it is sooooo much easier than bothering with creating mallware or hacking, which requires high IT skills.
Voted other. User apathy and learning computer security puts users at risk which echoes the previous post.
This poll will vary depending on the audience. For the average computer users: -Identity Theft/Fraud -Exploited Vulnerabilities -Malware Would probably be the top 3 of your choices For those in a cybersec role in a business or organization: -Data Loss/Breach -Malicious Insiders -Social Engineering -Exploited Vulnerabilities
Mostly "Identity Theft/Fraud", using "Social Engineering" and/or "Social Media/Network Attacks". I think malware will still be an issue, even though more people become aware of the problem.
Voted Social Engineering because it focuses in the weakest part of the "chain" of security: the user. One thing that concerns me is the abusive clauses in the EULA's, because most AV's can't target applications that use them. But the worst security threat is undoubtedly the legislation that probably will be approved this year in EU and USA that intend to violate people privacy, anonymity, and undermine their freedom of speech; under the false pretext of "fight against terrorism" and "national security".
Cybercrime Groups, they are becoming more and more prevalent and a worry to Corporations, Governments, and Individuals with their large scale attacks.
