Connect with us

Hi, what are you looking for?



Where are the Cyber Warriors?

We have an Entire Commercial Class of Security Professionals, but Few Hackers. Where are our Cyber Warriors? 

We have an Entire Commercial Class of Security Professionals, but Few Hackers. Where are our Cyber Warriors? 

According to an “unnamed” security analyst, the vast majority of computer system intrusions perpetrated by Chinese Cyber-Agents are the work of just 12 separate groups or entities. There are suspicions and evidence, that China has been active in the arena of offensive computer espionage for years.

In addition, there is the Chinese Cyber Army, a conglomeration of several Chinese hacktivist groups that act in the interest, and with guidance from, the Chinese Peoples Army and/or the Chinese state apparatus.

Cyber WarriorsChina also officially and publicly this year announced the formation of a specialized cadre of cyberwar experts, although whether this was meant as a decoy from the fact that they already possess such forces, or to further enhance their capabilities is difficult to establish.

At the same time, Iran, Pakistan, and Russia all seem to have developed cyberwar strategies as well, and are actively engaging in executing these.

Our hackers seem to be of a very different type. We have the underground or Black Hat Hacker, primarily focused on financial gain through criminal energy, venting their dissatisfaction with the current status-quo, or for “Lulz”, our Hackers seem to possess very little in terms of government associated patriotism, nor do their hacktivist causes seem quite as profound or existential as their 3rd and 2nd world kin.

We also have the professional hacker, whether programming snoopware for the German federal states, working for Her Majesty’s, or any other Government for only £25k per year, or selling military grade hacking tools without regulation.

The comparison is not one favorable to the western world. There seems to be a disjoint here, that is difficult to explain and rationalize. Why is a nation like China, that is seen as oppressive and controlling in the west, able to motivate, cultivate and harness their hacker types, whilst ours primarily seem occupied in hacking ourselves or for the highest bidder?

Advertisement. Scroll to continue reading.

At the same time, not only does our offensive talent seem hair bent on working against us, our cyberdefenses have proven grossly inadequate and ineffectual, as this last year of high profile hacks and breaches has shown only too clearly, leaving the security community in need of some honest soul-searching.

When a western government has to resort to a cheap media gimmick to attempt to find cybersecurity talent, and delivers a badly thought-out and executed fiasco, only to offer an even cheaper financial reward at the end of the farce, you sort of get a feeling that we’re in trouble.

When potentially hostile or oppressive powers end up with better hi-tech equipment than our own, and need a hacker group to tell them how badly coded their chosen tool is, that feeling gets ever so slightly stronger.

Of course, we have tried to utilize our hacker pool before in the past, usually with predictably mixed results. The reasons for this are myriad, but the facts that our authorities contact with the hacker community is primarily antagonistic and confrontational, that we have historically attempted to work mainly with the few celebrity hackers that were caught, and that very few organisations are able to create and provide a fertile, productive environment for them to work in, may have had a dominant role to play in this. Supported by current evidence, China and Iran have had more luck in this regard.


I hate to be a doom-monger, but maybe it is time for a good old reality check. I would love to believe that the 21st century will be more peaceful and less defined by competition than the centuries before it, but realistically and rationally assessing the current Zeitgeist and geopolitical realities, and having some knowledge and grasp of history, and in light of the fact that our business is based on the exact diametrically opposed assumption, that the world is getting a less safe and secure place, that time is nowhere near on the horizon.

There is lots of fear-mongering when the topic of Cyberwar is broached, and to a certain extent there is some of that going on, but that does not mean there is no threat. There is real scope for damage, direct, collateral and asymmetric, using offensive Cyberwar strategies, tactics and technologies, even if these are restricted to information gathering or espionage. This centuries conflicts, to a backdrop of resource wars, overpopulation, and a brewing cold war with China, will be characterised by low-frequency, low-risk warfare, i.e. involving indirect proxy attacks and based on probing defences. Cyber-warfare, with the increasing reliance on and propagation of electronic and computerised functions, services and devices, epitomises this. Cyberwar is not a War of its own in the classical sense, but it is another battlefield, another aspect, another set of weapons. If you do not see the threat, then you may not have quite the imagination and out-of-the box thinking that your opponents may display.

That means that we will need the type of people that have a natural affinity for (in)security, if only because right now we are getting it from both sides. Even more so because you cannot teach this to just anyone. It requires out of the box and lateral thinking. These are traits, not skills, and our standardised approaches based on linear logic and processes, have and will continue failing. So we need to get these people back into the fold, and that may also mean changing the way we see and interact with them, and also the way we see and operate ourselves.

We have an entire commercial class of security professional, but very few hackers. Where are our cyberwarriors? Where will they be when we really need them? With us, or against us?

Related Reading: Behind the Government’s Rules of Cyber War


Related Reading: The Veterans of the Future will be Those in Computer-Based Combat

Related Reading: Guerilla Cyber Warfare: Are We Thinking Defensively?

Related Reading: “Smart” Power Grids a Prime Target in Cyber Warfare


Written By

Oliver has worked as a penetration tester, consultant, researcher, and industry analyst. He has been interviewed, cited, and quoted by media, think tanks, and academia for his research. Oliver has worked for companies such as Qualys, Verizon, Tenable, and Gartner. At Gartner he covered Security Operations topics like SIEM, and co-named SOAR. He is the Chief Futurist for Tenzir, working on the next generation of data engineering tools for security.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet


The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...


Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...


Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.


ENISA and CERT-EU warn of Chinese threat actors targeting businesses and government organizations in the European Union.