Recommended reading

Microsoft and other security experts want a proper naming system for the worst hackers around

News
By published

Microsoft and friends want to making naming criminal groups easier

Global Warning. Alert Sign On World Map
(Image credit: Shutterstock)
  • Microsoft announces new threat actor name tracking partnership
  • Microsoft and Crowdstrike have already cross-linked over 130 groups
  • Tracking groups will now be easier, and help security vendors respond

If you’re struggling to keep track of all the different names each hacking collective, ransomware group, and state-sponsored threat actor has, you’re not alone.

Microsoft and Crowdstrike have announced a new collaboration to help create a unified naming system to track all the worst hacking groups.

The system will help save precious seconds when responding to cyberattacks by providing a unified naming system to be used by authorities, security experts, businesses, and security vendors.

Unified naming for hackers

Currently, if you were trying to track the activities of the Salt Typhoon group, you may also have to be aware of the others names used to track the same group, such as OPERATOR PANDA, GhostEmperor, and FamousSparrow. This inconsistency in naming “can reduce confidence, complicate analysis, and delay response,” Microsoft said.

As part of the collaboration, Microsoft has released a reference guide which not only lays out Microsoft’s naming conventions, but also includes other names given to the most notorious hacking groups by other security vendors.

This guide breaks down nation-state actors into their geographic location using weather-themed names as the suffix, such as Typhoon for China, and Blizzard for Russia.

Other groups, such as influence campaigns (Flood), financially motivated groups (Tempest), and commercial cyberweapon developers (Tsunami), are also tracked using weather event themed names.

Groups that do not have a known affiliation, motivation, or groups that have recently emerged are tracked as Storm.

Google and their Mandiant subsidiary will also be contributing to the mapping of hacking group names, alongside Palo Alto Networks Unit 42.

“Security is a shared responsibility, requiring community-wide efforts to improve defensive measures. We are excited to be teaming up with CrowdStrike and we look forward to others joining us on this journey,” Microsoft said.

You might also like

TOPICS
Benedict Collins
Benedict Collins
Senior Writer, Security

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.