Press Release

Russian hackers identified as most skilled by UK counterparts

34% of UK pros believe the most skilled hackers are Russian, with China following in second place.

UK cyber security professionals have identified Russia and China as the countries that produce the most skilled hackers, according to a survey carried out by information security consultancy,MWR InfoSecurity. Thirty four per cent believed that the hackers with the highest skills come from Russia, with China in second at 18%. Almost a third of respondents surveyed at a recent IT conference linked the success of their overseas counterparts to a combination of more investment, better education and political motivations.

Russia has long been recognised for being behind various malware strains and exploits. Recently, it was reported that Russian hackers had exploited a bug in Microsoft Windows dubbed Sandworm to perform cyber espionage on NATO and western governments. Meanwhile, the FBIhas issued a warning on the threat to businesses of security attacks originating from China.

“Attribution to a specific nation or group is a very difficult task as attackers will often masquerade their activities in order to hide their real identities,” said Martyn Ruks, Technical Director at MWRInfoSecurity. “Hackers from both Russia and China are often cited for being behind many of the attacks highlighted in the public domain but it is important we don’t jump to conclusions without solid evidence."

Interestingly, almost three-quarters (73%) of IT professionals surveyed attributed the success that other countries have with a skilled workforce of hackers to the fact that they’ve spent more on investment (11%), better education (14%) are politically motivated (17%) or a combination of all three (31%).

“The findings clearly show the perception that hackers in countries like Russia and China are better funded and educated,” continued Ruks. "Regardless of whether this perception is true or not, the UK should take this as an indicator that cyber really needs to start making its way up the socio and political agendas. Training security consultants so they are armed with the specialist knowledge to protect against today’s threats is vitally important. If we are to keep pace we must understand the nature of attacks in order to best defend against them.”

Just 10% of respondents thought that the UK produced the most skilled hackers, a statistic that MWR’s Ruks said he would like to see increase. “MWR is proud to sponsor challenges and events that aim to attract and discover talent within the IT security industry. Events such as MWR’s HackFu that bring together the UK’s top talents in information security are specifically designed to teach the skills needed to increase our capability to defend ourselves, something that is vital to our economic wellbeing.”

Last month, MWR found that 75% of IT professionals thought that a lack of cyber skills in the UK makes it a soft target for criminals.



Accreditations & Certificates

MWR is an accredited member of The Cyber Security Incident Response Scheme (CSIR) approved by CREST (Council of Registered Ethical Security Testers).
MWR is certified under the Cyber Incident Response (CIR) scheme to deal with sophisticated targeted attacks against networks of national significance.
We are certified to comply with ISO 9001 and 14001 in the UK, internationally accepted standards that outline how to put an effective quality and environmental management systems in place.
MWR is certified to comply with ISO 27001 to help ensure our client information is managed securely.
As an Approved Scanning Vendor MWR is approved by PCI SSC to conduct external vulnerability scanning services to PCI DSS Requirement 11.2.2.
We are members of the Council of Registered Ethical Security Testers (CREST), an organisation serving the needs of the information security sector.
MWR is a supplier to the Crown Commercial Service (CCS), which provides commercial and procurement services to the UK public sector.
MWR is a Qualified Security Assessor, meaning we have been qualified by PCI to validate other organisation's adherence to PCI DSS.
As members of CHECK we are measured against high standards set by NCSC for the services we provide to Her Majesty's Government.
MWR’s consultants hold Certified Simulated Attack Manager (CCSAM) and Certified Simulated Attack Specialist (CCSAS) qualifications and are authorized by CREST to perform STAR penetration testing services.