Two different reports reveal details about three government-backed hacker groups, two from Russia and one from China.Russian government hacker groups Cozy Bear and Fancy BearNot one, but two groups of Russian government hackers broke into the computer network of the Democratic National Committee (DNC), spying on internal communications and stealing opposition research on Republican presidential candidate Donald Trump.CrowdStrike said it kicked out the adversary groups \u201cCozy Bear\u201d and \u201cFancy Bear\u201d over the weekend.Cozy Bear, which had successfully penetrated the unclassified networks of the White House, State Department and Joint Chiefs of Staff in 2014, infiltrated the DNC last summer and had been monitoring email and chat communications. CrowdStrike believes Cozy Bear may work for Russia\u2019s Federal Security Service (FSB).Fancy Bear, which may hack on behalf of the Russian military, penetrated the DNC network in late April to get hold of oppositional research on Trump and exfiltrated some of it. This was the breach that \u201cset off the alarm.\u201d The Washington Post said Fancy Bear \u201cstole two files\u201d and \u201chad access to the computers of the entire research staff\u2014an average of about several dozen on any given day.\u201dDemocratic presidential candidate Hillary Clinton said, \u201cSo far as we know, my campaign has not been hacked into.\u201dIf she becomes president, Clinton claims she \u201cwill be absolutely focused on\u201d cybersecurity. That seems a bit ironic considering she continually ignored cybersecurity in favor of \u201cpersonal comfort,\u201d using her personal unencrypted BlackBerry and private email server. Nevertheless, she says she realizes Russia, China, Iran, North Korea and \u201cmore countries are using hacking to steal our information.\u201dReuters claimed intelligence officials regard Russian hackers \u201cas the most talented of U.S. adversaries in cyberspace.\u201d It seems odd that two Russian government hacking groups would target the same victim, but CrowdStrike said the groups \u201crarely share intelligence and even occasionally steal sources from each other and compromise operations.\u201dChinese cyber-espionage group MofangElsewhere, Dutch security firm Fox-IT released a report (pdf) on the Chinese cyber-espionage group Mofang, which is \u201cpolitically motivated\u201d and most likely \u201cgovernment-affiliated.\u201d The espionage campaign has a diverse list of targets, which are all aligned with China\u2019s economic interests.The group has targeted at least 20 organizations in the different sectors of government, military, critical infrastructure, as well as automotive and weapon industries in the U.S., Canada, India, Germany, Singapore and South Korea.Fox-IT said the only exploits the Mofang group uses \u201care privilege elevation exploits built into their own malware.\u201dTechnically, the group uses distinct tools that date back to at least February 2012: ShimRat and ShimRatReporter. The Mofang group does not use exploits to infect targets; they rely on social engineering, and their attacks are carried out in three stages:1.\u00a0 Compromise for reconnaissance, aiming to extract key information about the target infrastructure.2.\u00a0 Faux infrastructure setup, designed to avoid attracting attention.3.\u00a0 The main compromise, to carry out actions on the objective.Fox-IT describes the graphic below as the "modus operandi of the Mofang group."The whitepaper \u201cMofang: A politically motivated information stealing adversary\u201d is chock-full of technical details if you would like to learn more.