Peter the Great beats Sun Tzu in cybercrime

This is the conclusion of Trend Micro’s Tom Kellermann, vice president of cyber security, in an opinion piece titled Peter the Great vs. Sun Tzu. “While East Asian hackers dominate cyber security-related headlines around the world with high-profile intrusions and advanced persistent threats (APTs), it would be a mistake to conclude that these attackers are the sole or greatest criminal threat to the global Internet today,” he says; adding that “hackers from the former Soviet bloc are a more sophisticated and clandestine threat than their more well-known East Asian counterparts.”

Kellermann presents six primary arguments leading to his conclusion. East European hackers use custom-built, complex malware; east Asian hackers get it off the shelf. Europe chooses bullet proof hosters and develops its own infrastructures; Asia uses mass hosting ISPs. European hackers are professional mercenaries; Asian hackers are “part of a larger legion of hackers” controlled by large institutions. Europe steals credentials; Asia steals IP. European hackers gain benefit from their individual reputations; Asian hackers are largely anonymous. And finally, European hackers are better at disguising their operations; Asian hackers “don't fear disclosure of their intrusions.”

“Pretend inferiority and encourage his arrogance,” replies Sun Tzu.

“In conclusion,” says Kellermann, “one could say Eastern Europe is a high end market, while East Asia is a mass market when it comes to hacking. In general, the East Asian hackers are not at the same skill level of maturity as their East European counterparts.” But, “All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved.” Where Sun Tzu is concerned, it is the long game we need to watch; and he will attempt to disguise it.

“Eastern Europe is the high end market,” says Trend Micro, “with highly skilled mercenary attackers whose livelihood depends on their reputation and skill. They attack in a highly targeted manner like snipers whereas the East Asian tend to colonise entire ecosystems via the ‘thousand grains of sand approach’.” The reality is, we ignore either at our peril.

What’s hot on Infosecurity Magazine?