Appendix - Threat Assessment

This appendix contains material from the threat assessment issued and consulted on in March 2004. It comprises a list of threats to trust in government over the Internet, and for each threat an explanation and some example mitigation strategies. It is provided to further explain the threats referred to in the main paper.

Threats may be to the Internet infrastructure, or may affect Internet users and therefore public confidence. All of these threaten e-government. Threats listed may be amplified by adverse media coverage or by activism on the Internet.

It is hard to create a scheme to categorise threats. Because of the complex technical environment on the Internet, and the way in which some techniques exploit human frailties and technical weaknesses simultaneously, any classification is likely to have overlapping categories. The list below aims to be comprehensive rather than mutually exclusive.

1. Viruses/Worms

2. Spam

3. Identity Theft

4. Inadequate Government IT Security

5. Phishing

6. Copyright lawsuits

7. DRM etc

8. Cracking

9. Spyware

10. De-centralised Internet Governance

11. Pornography/Child Abuse

12. Fraud and scams

13. Fear of surveillance

14. Availability of 'Dangerous' Information

15. Insulting Behaviour and Defamation

16. Denial of Service Attacks

17. Trojans

Each of the threats in the table above are described below in more detail, together with example mitigation strategies. These should not be taken as actual proposals, rather as talking points.