The Public Eye with Eric Chabrow

U.S. Threat as Cybervillain Diminishes

China Replaces America as Most Feared Nation in Cyberspace
U.S. Threat as Cybervillain Diminishes

Security software maker McAfee last year released a survey of 600 global IT and security executives in seven industries that declared the United States as the most likely nation to attack key computer networks in another country (see Which Nation is Most Feared in Cyberspace?). At the time, former CIA Director Michael Hayden said the result was less shocking than it seemed: "It might simply be a reflection of the raw capabilities and frankly the raw size of U.S. intelligence agencies."

McAfee this past week issued a follow-up report, and this time the villain is China, not the United States. The surveys aren't quite apple-to-apple comparisons. The Center for Strategic and International Studies, which conducted the surveys for McAfee both years, interviewed only 200 IT security pros working for electrical power providers this time around.

A year ago, the U.S. just edged out China as the nation giving global IT security practitioners the jitters. Here's how Stewart Baker, the author of both year's studies, put it in the 2011 report:

"This year, though, China stands alone. Roughly the same percentage of respondents (30 percent) still cite China as a major source of concern for cyberattack. What has changed is that concern about the United States has declined dramatically, from 36 percent to 12 percent."

Sixteen percent of respondents felt Russia posed the great threat to attack foreign networks, followed by the U.S., North Korea (11 percent) and India (4 percent). Adds Baker:

"IT executives in the sector have begun to appreciate how widely cyberattack technology has proliferated."

Where IT security practitioners work influences their perception of the nations posing the greatest threats. Respondents in the Asia-Pacific region viewed China, Russia, North Korea and the United States as the largest threat sources. Two-thirds of Japanese survey takers identified either China or North Korea as the main source of cyberthreat.

In Australia, 40 percent of respondents viewed Russia as their main concern. Two-thirds of those polled in the United Arab Emirates most feared other Middle Eastern countries. European respondents were most concerned about China, Russia, North Korea and the United States. Russia also weighed most heavily on the minds of Indian respondents. Interestingly, only 14 percent of Indian survey-takers were concerned about China, while nearly a third feared Great Britain. Writes Baker:

"The only country to break from this regionally-based perception was unsurprisingly China, where three-quarters of those polled most feared the United States."

Baker doesn't conjecture why China outdistances the United States in the new survey as the nation causing high anxiety among IT security practitioners. Operation Aurora, the cyberattack against Google and other companies that is believed to have originated in China, became public after McAfee conducted its first survey. Still, that doesn't explain why the United States took a precipitous fall, despite speculation that the U.S. teamed with Israel to create the Stuxnet virus that attacked Iranian nuclear facilities. Perhaps, it's a matter of perception; China is on the rise as an economic and political power whereas the United States, while still mightier, is perceived as being weakened by a struggling economy and two wars.

* * *

The McAfee survey highlights much more than the anxieties of global cyberattacks. Another takeaway of the survey is that recognizing the reality of cyberthreats doesn't mean that organizations take the proper actions to prevent them (see Knowing Reality of Threats Doesn't Assure Action).



About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.