Two security experts, Jordan Robertson and Greg Martin set up an online honey pot to see which country was more like to attack it and was surprised to discover that the US was more likely to be an aggressor than the Chinese.
Writing for Bloomberg, the pair wanted to find a way to show the global nature of attacks against industrial-control systems used in electrical grids, water systems and manufacturing plants. For obvious reasons, attacks against critical infrastructure are among the biggest concerns in cyber-security.
Martin and Robertson configured the honeypot to look like an enticing industrial-control computer to hackers and traced who attacked it.
The fake control systems were made to look like they were located in the U.S., the U.K., Amsterdam, Brazil, Tokyo and Singapore. The pair wanted a variety of locations to show that systems everywhere are under attack.
Over a three month period, the US was by far the biggest source of attack traffic, trying to hit the honeypot more than 6,000 times, nearly double China with 3,500, Russia, more than 2,500.
The Dutch and France were also carrying out statistically significant amounts of attacks on the honeypot.
The attacks were mostly reconnaissance missions, in which hackers often use less obfuscation, Martin said. However, it does mean that the idea of China being the leading hacking country is a myth and that crown belongs to the United States, which appears to have a policy of hacking everyone.