By Roger A. Grimes, Columnist, CSO from IDG
Be scared| ! The Russians are attacking us. If it’s not the Russians, it’s the Chinese — or maybe the North Koreans.
Yes, foreign governments are attacking us. But we’re also attacking them. It’s spycraft as usual. The U.S. government and the media’s continued warnings about who is hacking us reminds me of a womanizing cheat worried about his wife.
Everybody is spying on everyone and has been since before computers were connected to networks. Heck, even my all-time favorite computer hacking book, “The Cuckoo’s Egg,” by Clifford Stoll, was written about a Russian KGB operative hacking way back in 1986, before the Internet was the Internet.
The only difference is that U.S. spies are likely the best ones in the world — and get in and out without being discovered most of the time. How do I know? A few reasons.
To begin, I have firsthand experience. For a significant part of my career I taught hacking (at Foundstone and other computer security education companies) around the world. I can tell you how well people from different countries hacked, how good they were overall, and what they excelled at. Bear with me while I indulge in geographic stereotyping.
Hacking around the world
I can proudly say that, overall, American hackers easily outperformed those from other countries. They were simply more innovative. They learned quickly — and pushed the limits of what could be done.
Hackers from other countries were great at learning exactly what I taught them, but were not as good at finding new ways to do something or at putting previous lessons together to create a new attack chain.
That said, hackers from many other countries also excelled: the United Kingdom, Poland, and Bulgaria, to name three. Hackers from Bulgaria were especially good at writing malware, as were Russian hackers (surprise, surprise). But more impressive was the way Russian hackers looked at hacking as a business. The Russians are great at mixing legitimate business models and frameworks with malware writing and hacking. They also excel at cracking and using encryption, probably for the same reason.
Israel is a special case. Not only does it have great hackers, but they are probably the best in the world I’ve met at defence. It’s no surprise that many (if not most) of the best defence ideas and companies have come out of Israel. Two years ago I went over there to teach about honeypots, a subject of a book I’ve written. The students in that class schooled me. It was almost embarrassing.
Perhaps it’s personal bias or a patriotic streak that made me most impressed with American hackers. I think it’s more than that.
When you look at the newest hacking innovations (there are only a few a year — everyone else is copying) they most often originate with American hackers. I don’t mean the latest malware or hacking kit. I’m talking about who is cooking up ideas that haven’t been thought of before and lead in an entirely new direction. Over the course of 20 years of hacking history, the United States leads in innovation by a mile.
I think this is due to several factors. One, the United States has led the computer revolution since shortly after it began (that is, after Alan Turing). The United States started the mainframe and personal computer revolutions. Some degree of computer literacy, along with a standard of living that enables access to a computer, is part of the culture.
But the real difference, if you ask me, is the American entrepreneurial spirit, which won’t take no for an answer. We’re taught to question everything. We question our parents, our bosses, our politicians.
I think this part of the American psyche — although it has its downsides — fosters innovation. Don’t like the way your boss or company does something? Go start your own company. The biggest monopolies in the United States are lucky if they can last 20 years before the next great thing knocks them off the top of the competitive stack.
This ultracompetitive behaviour carries over to hacking. Americans are always looking for a better way to do something, including breaking into places electronically. I’m not saying that other countries don’t have great hackers or come up with innovative hacking techniques, but if you’re looking for ingenious new lines of attack, you’d be remiss if you didn’t check out the U.S. hacker scene first.
Armies of hackers
I can’t provide conclusive, objective proof for my assertion. But I ask you this: When was the last time you heard about U.S. government hackers getting identified and caught?
The United States probably has the biggest offensive cyber capability in the world. I’ll wager a guess that we have at least tens of thousands of hackers working for the U.S. government. I know of a single entity that contains 5,000 hackers — and that isn’t considered one of the large divisions. We spend billions of dollars on offensive hacking.
The most news you’ve heard about U.S. hacking is related to the NSA. In various leaked documents, you’ll find a treasure trove of ingenious hacking devices. There are catalogues from which spies can select the latest gizmo guaranteed to gain unlimited, nearly undetectable access. This is hacking innovation at its most extreme.
Outside of the infamous leak, I’m willing to bet you’ve never read about a country, company, or individual who has been hacked by the U.S. government. Think about it. Billions are being spent on state-sponsored hacking, which — aside from one NSA whistleblower’s revelations — are almost never discovered or reported
Personally, I’m against this kind of unwarranted intrusion, though I know it happens many thousands (millions?) of times a day, conducted by various parties around the world. But let’s stop pointing fingers and trying to scare people because X country is caught spying on Y country. It’s being done by all sides. In all likelihood, the United States is doing more of it better than anyone.