The report found that:
- Hacking crews and individuals are increasingly working together around the globe in virtual, anonymous networks of specialists in different types and parts of attacks, such as propagation speed, denial of service, password logging, and data theft.
- An increasing number of adversaries are developing new options for exerting leverage over the U.S. through cyberspace, creating damage as well as conducting espionage. Cyberspace provides clear avenues and the prospect of anonymity.
- Foreign governments, hackers, and industrial spies are constantly attempting to obtain information and access through clandestine entry into computer networks and systems. This is not just "surfing" the open Internet for information voluntarily placed in the public domain, but intruding into closed and protected systems to steal secrets and proprietary information.
- Because many cyber attacks are not discovered or, if discovered, are not reported, hostile actors in cyberspace act with the knowledge that they are highly unlikely to be caught, let alone prosecuted and imprisoned. Attackers discovered in other countries cannot easily be brought to justice under U.S. laws, and their conduct may not even be illegal in the jurisdiction in which they are operating.
The report indicated that these trends are exacerbated because the network and system redundancy, diversity, and excess capacity that traditionally contributed to IT infrastructure resilience are decreasing with time, in part due to economic pressures. Federal agency personnel concerned with cyber security and information assurance view this as a key contributor to increased cyber vulnerability.