Which country has the best hackers: Russia or China?

Both are notorious for high-contour attacks, advanced persistent threats, and theft of money or intellectual property. And the award goes to …

For many years I worked for Foundstone teaching hacking classes and doing penetration testing. It was the nigh enjoyable job I e’er had.

As part of that job, I traveled the world, including Prc, and got to decide firsthand which land had the best hackers. Although I didn’t travel to Russia during that time, lots of Russian-born hackers showed upwardly in my classes.

Rumblings of cyberwar

Strange hacking is top of heed right now, cheers to Russia’s attempts to shake up the U.S. presidential election. With a high caste of confidence, U.S. intelligence agencies say the highest levels of Russia’south government are backside the Democratic National Committee electronic mail leaks intended to embarrass Hillary Clinton. Co-ordinate to the reports I’ve read, most of these Russian hacks seems to be based on unproblematic password phishing.

China has been involved in hacking American (and other) companies for decades. Most reckoner security experts believe that Red china already has every intellectual property underground it wants. I didn’t believe the Chinese hacking rumors for years because accusers failed to provide public evidence. I’ve since changed my melody because many companies have released that testify, and it appears quite disarming. Too, the Chinese government’s tight control over its domestic internet makes information technology unlikely that Chinese hackers could have hacked U.Southward. targets without either direct orders — or at least tacit credence.

Regardless, contempo prove suggests that Chinese hacking against American companies has decreased since President Obama and Chinese leaders signed an antihacking agreement last yr. I’ve been involved in dealing with avant-garde persistent threat (APT) attacks for more than than a decade, and I’thou personally hearing less complaints nigh Chinese intrusions.

Which hackers crusade the most harm?

If by “impairment” you hateful frequency and severity of attacks, Chinese hackers take the No. 1 spot. Very probable tens of thousands of them, funded past the government, have cleaved into any company they similar. I’one thousand convinced they’ve stolen more secrets and intellectual holding than whatsoever other country, with a single breach potentially incurring many millions of dollars in damage.

I’ve seen American companies work on a underground new production, only to accept a Chinese company release a very like, if non identical product first. Sometimes even the diction in the documentation is identical. I’ve seen unabridged American company divisions close down every bit a result.

Russia’s hackers are more than focused on straight financial crime and probably incur hundreds of millions of dollars in damage each year. Who knows — information technology could be billions of dollars. Just if I compare the straight financial costs of Russia versus Prc, China probably wins that battle due to its theft of high-value intellectual property.

What nigh Russian federation’s touch on on the American elections, especially if that hacking results in a presidency friendly to the Russian authorities? Luckily, despite Russia’s best efforts, the American voting system is probably likewise much of a hodgepodge systems to be afflicted in a material way.

Best hacking skills

In my personal experience, the best hackers accept always come from the United States or i of its friendly allies. I know that sounds biased, simply when I taught hacking classes, the U.S. hackers always completed the hacking tests the fastest.

In the Foundstone classes we ran petty tests during the day that allowed our students to practice some skill we had taught them. Most students, regardless of land, tended to perform roughly the same. At the terminate of the course, we had a major capture-the-flag test, which required that students put together everything nosotros had taught them, just in slightly dissimilar ways. It required thinking exterior the box. U.S. students were e’er able to complete the major test and were e’er fastest.

Unfortunately, my Foundstone experiences ended x years agone. Since and so, several other countries have risen to become part of the aristocracy guild of hackers. Israel, for such a pocket-sized country, has an enormous number of incredible hackers, and they enjoy a well-earned reputation as the best-thinking defenders.

Who’s the best?

Distressing to disappoint you, simply the real respond is that we don’t know who’south best. To be a “expert” hacker you have to exist invisible. The best hackers are the ones we don’t see and don’t know about.

But the real irony is that breaking into nigh organizations requires little in the way of avant-garde techniques anyway. Even the elite hacking units don’t utilize their all-time stuff unless they take to. Why hack smart and give away your best stuff when yous can hack similar whatever script kiddie and go into the same results without being discovered?

Copyright © 2016 IDG Communications, Inc.