Most of the focus has been on the Chinese and the Russians, but this is also a great leveler for the 2nd-tier countries. You don't need a great deal of infrastructure to start an attack on this playing field, and many of the developed countries are to varying degrees vulnerable. This is going to be a great growth area for the next few years on all sides.
It seems ludicrous to resign oneself to the assumption that nothing is secure anymore. That would be scary, indeed. Of course there should be monitoring and multiple layers, and of course continued research is needed to stay one step ahead. However, such a statement seems hyper-pessimistic, in my estimation.
I agree with you Nic. There is a lot of scary stuff. Stuxnet is scary. Symantec CEO Enrique Salem yesterday at the conference described it as the first time they've seen a worm go beyond espionage to the realm of sabotage. And he suggested the possibility of future attacks that could create explosions, etc. Scary indeed.
Hey, it ain't just about the "Russian" and the "Chinese" trojans anymore. It's more global and it's more scary. An NYT article details how the Egypt government was able to pull the plug on the Internet in their country en masse. That's what happens where the government controls all. And there are plenty of countries in the world where that is the case.
The NYT article is here: http://www.nytimes.com/2011/02/16/technology/16internet.html