Russia and China have the more advanced cyber capabilities and are the highest potential of severe impact, but the US and its allies also pose global security concerns, according to a report released this morning by Flashpoint.
The company started out in 2010 with a counter-terrorism focus but has since expanded its risk assessments to include cybersecurity, said Jon Condra, director of East Asian research and analysis at Flashpoint.
The new report is based on the presence and interactions that Flashpoint has within adversarial groups, and looks at the factors in the global geopolitical environment that could influence cybersecurity this year.
One interesting trend is that while Russia has been becoming a more aggressive player in both cybercrime and politically-motivated attacks, China has scaled back.
Last year, China and the US began taking steps to implement cybersecurity agreements signed in 2015.
"Everyone was dubious, but, for the most part, it seems that Chinese espionage activity against US targets has, in fact, decreased," said Condra. "Especially for industrial espionage purposes. And they've also been increasing their level of control over their domestic cyber environment."
For example, China has arrested 15,000 cybercriminals, including some at the direct urging of the U.S. government.
That doesn't mean that China has decided to completely clean up its act, however.
"Maybe they're rearranging the deck chairs before they come back," said Condra. The crackdown could also be part of internal efforts to combat crime and corruption.
"I think there was pretty significant internal pressure in China to crack down on this stuff," he said.
The U.S. and the four other major English speaking countries -- the UK, Canada, Australia and New Zealand -- also make the top threats list.
That doesn't necessarily mean that New Zealand is a major global cyber-threat, however. But these five countries are a major global force.
"We wanted to include them because they are at the pinnacle of cyber capabilities both in espionage and destructive acts," Condra said. "And the U.S. has an overwhelming advantage over any adversary. And we didn't want to create the perception of bias."
North Korea -- despite only having about 1,000 IP addresses and 28 websites -- is ranked at a mid-level of risk, together with Iran and cybercriminals.
"They do get support in China," said Condra. "In fact, they operate out of a hotel in China."
And North Korea has shown a willingness to carry out attacks, especially on South Korea. And on Sony.
The least significant threat? Jihadi hackers.
When it comes to cyberattacks, the terrorists are mostly talk and little action.
"A number of groups have popped up and then disappeared after claiming credit for certain things, like kill lists with names of Americans on them," he said. "But the names seem to come from open databases. These aren't guys who are going to carry out highly sophisticated attacks."
The report also listed areas that might become flashpoints for cyberactivity in 2017, including tensions surrounding Taiwan and the South China sea, political instability in South Korea, and continued Russian cyberattacks on Western targets.
Sign up for CIO Asia eNewsletters.