I think that in the year 2007 most people need only concern themselves with the Internet threats of viruses, malware and identity theft. You are far more likely to be the target of a Russian organised crime gang than a foreign intelligence service. Cyber warfare is often confused with hacktivism, a more serious and proven threat. http://en.wikipedia.org/wiki/Hacktivism With a few well publicised exceptions, cyber warfare presents very little threat to most of the people on the Internet. In the future this may change but I can't see it happening any time soon.

Keep in mind that, even in the future, the worst that can happen is that you will lose access to your favourite web sites, banking and bill paying services. Your computer won't explode in your face and your Internet connected microwave oven won't start cooking your food with malice. Your Government, reacting to the new threats, will make sure your power, water, sewage and other critical (SCADA) systems are not accessible from the Internet. Even the economic threats are still far less serious than the risks associated with conventional warfare. I would still far rather have my servers hacked than be shot at!

Throughout history, warfare has always evolved when new weapons, technology and tactics emerge. In the 21st century, the Internet is now part of the modern battlefield and we must consider the risk (currently small) of cyber warfare in our decision making processes.

Remember, be informed and not alarmed. ;-)

You said: "I think that in the year 2007 most people need only concern themselves with the Internet threats of viruses, malware and identity theft. You are far more likely to be the target of a Russian organised crime gang than a foreign Intelligence service."

Directly, yes, indirectly, no. An economic disaster affects everyone, even people who don't own computers.

You said: Your Government, reacting to the new threats, will make sure your power, water, sewage and other critical (SCADA) systems are not accessible from the Internet. Even the economic threats are still far less serious than the risks associated with conventional warfare. I would still far rather have my servers hacked than be shot at!

Alas, SCADA systems are attached to the Internet. I know guys who've audited large utilities here in Australia and found paths to SCADA control systems. All SCADA kit is ethernet these days, and people aren't locking those systems down as tightly as they could. Did you read Breakpoint by Richard Clarke? I love his description of attackers taking down an electricity grid in a SCADA attack. It's entirely plausible... I did an interview with Marcus Sachs on this topic which I'll put in the podcast soon. Utilities companies are refusing to disconnect their SCADA systems from their Internet connected LANS. It's frightening.

Conventional warfare is much scarier, yes, but it's also more resource intensive than the cyber stuff. Cyber warfare is assymetric in the truest sense, which makes it much more likely to actually happen.

Oh, and so readers can fully appreciate Paul's comments, he manages Cybertrust's APAC security operations centres and is studying a professional doctorate in information warfare.

(Disclaimer: Cybertrust sponsors my podcast.)