Which Four Countries Most Actively Hack the U.S.?

An expert says U.S. intelligence believe four countries actively attack U.S. computers. But aside from China and Russia, who’s on the list?

Tom Simonitearchive page

February 28, 2013

As we and others have reported for years now, China is often accused of infiltrating the computer networks of U.S. companies and government departments. At the RSA security conference in San Francisco this week, one expert said that U.S. officials consider China just the most prolific on a shortlist of four countries most actively probing U.S. assets over the Internet.

Appearing on a panel about cyberwar, James Lewis, a fellow at the Center for Strategic and International Studies who previously served in the U.S. departments of State and Commerce, had this to say:

“There has been a review in the US intelligence community on who are the most active opponents. China is far in the lead, Russia is second, two others come up.”

When questioned, Lewis declined to say who those others might be. Other experts at RSA this week talked of Iran being behind the sustained attacks on U.S. banks last year and other actions, suggesting it could take the third spot. Which country might occupy the remaining, fourth, place on the list is less clear. There are many possible candidates. Lewis says that there are 12 nations in the world seriously working on offensive computer capabilities, a number not too different from the estimate of 20 given me by Peter Singer of the Brookings Institution earlier this month (see “Welcome to the Malware-Industrial Complex”).