Spear phishing, spyware and state-sponsored cyber-attacks will define the security agenda in 2008, a security company predicted today.

Network Box predicted a rise in targeted attacks on senior level employees, and an increase in social engineering leaving employees' personal information and corporate databases wide open to exploitation.

The company believes that the popularity of social networking sites, such as Facebook and MySpace, is allowing cyber-criminals to access information previously unobtainable.

Simon Heron, managing director of Network Box, said: "Spear phishers are using social networking sites to find targets for identity fraud.

"These sites allow information on the targets that make the attacks worthwhile. It is more profitable to target a managing director than an office junior."

Heron believes there will be a "dramatic uptake" in state-sponsored cyber-attacks, with up to 120 counties being involved.

"Worryingly, it looks as though 2008 will see a state-sponsored campaign of cyber-attacks. Already Nato, MI5 and the FBI have issued warnings about this.

"It is alleged that there could be as many as 120 countries involved, with China leading the pack. China strenuously denies this however."

The company also believes that databases are going to be a source of exploitation, with around 400,000 database servers worldwide still open to the internet.

Fuzzing techniques are also expected to increase the number of vulnerabilities found, allowing hackers more zero day exploits, which in turn will enable hackers to install malware on users' systems.

The company cites the popularity of Microsoft Office as the point of target not because it is more flawed than competitors but because it is more popular.