Microsoft and other security experts want a proper naming system for the worst hackers around

News
By published

Microsoft and friends want to making naming criminal groups easier

Global Warning. Alert Sign On World Map
(Image credit: Shutterstock)
  • Microsoft announces new threat actor name tracking partnership
  • Microsoft and Crowdstrike have already cross-linked over 130 groups
  • Tracking groups will now be easier, and help security vendors respond

If you’re struggling to keep track of all the different names each hacking collective, ransomware group, and state-sponsored threat actor has, you’re not alone.

Microsoft and Crowdstrike have announced a new collaboration to help create a unified naming system to track all the worst hacking groups.

The system will help save precious seconds when responding to cyberattacks by providing a unified naming system to be used by authorities, security experts, businesses, and security vendors.

Unified naming for hackers

Currently, if you were trying to track the activities of the Salt Typhoon group, you may also have to be aware of the others names used to track the same group, such as OPERATOR PANDA, GhostEmperor, and FamousSparrow. This inconsistency in naming “can reduce confidence, complicate analysis, and delay response,” Microsoft said.

As part of the collaboration, Microsoft has released a reference guide which not only lays out Microsoft’s naming conventions, but also includes other names given to the most notorious hacking groups by other security vendors.

This guide breaks down nation-state actors into their geographic location using weather-themed names as the suffix, such as Typhoon for China, and Blizzard for Russia.

Other groups, such as influence campaigns (Flood), financially motivated groups (Tempest), and commercial cyberweapon developers (Tsunami), are also tracked using weather event themed names.

Groups that do not have a known affiliation, motivation, or groups that have recently emerged are tracked as Storm.

Google and their Mandiant subsidiary will also be contributing to the mapping of hacking group names, alongside Palo Alto Networks Unit 42.

“Security is a shared responsibility, requiring community-wide efforts to improve defensive measures. We are excited to be teaming up with CrowdStrike and we look forward to others joining us on this journey,” Microsoft said.

You might also like

Benedict Collins
Benedict Collins
Senior Writer, Security

Benedict has been with TechRadar Pro for over two years, and has specialized in writing about cybersecurity, threat intelligence, and B2B security solutions. His coverage explores the critical areas of national security, including state-sponsored threat actors, APT groups, critical infrastructure, and social engineering.

Benedict holds an MA (Distinction) in Security, Intelligence, and Diplomacy from the Centre for Security and Intelligence Studies at the University of Buckingham, providing him with a strong academic foundation for his reporting on geopolitics, threat intelligence, and cyber-warfare.

Prior to his postgraduate studies, Benedict earned a BA in Politics with Journalism, providing him with the skills to translate complex political and security issues into comprehensible copy.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.