The Sept./Oct. 2012 issue of CrossTalk: The Journal of Defense Software Engineering in the article "Identifying Cyber Ecosystem Security Capabilities" by Peter M. Fonash has a table of cyber attack categories. The list is presented here for reference:

  • Attrition (brute force)
  • Malware
  • Hacking
  • Social Tactics
  • Improper Usage (Insider Attack
  • Physical Action / Loss or Theft of Equipment
  • Multiple Component (Combining multiple techniques)
  • Other

I have found list list useful when considering areas of risk.