- Microsoft announces the New Threat Actor Name Tracking Partnership
- Microsoft and Crowdstrike have already cross -linked over 130 groups
- Tracking groups will now be easier and help security providers respond
If you are struggling to keep track of all the different names that each hacking collective, ransomware group and state-sponsored threat actor has, you’re not alone.
Microsoft and Crowdstrike have announced a new collaboration that helps create a unified name system to track all the worst hacking groups.
The system will help save precious seconds when responding to cyberattacks by providing a total naming system to be used by authorities, security experts, businesses and security providers.
Unified naming to hackers
Currently, if you tried to track the activities in Salt Typhoon Group, you may also need to be aware of the other names used to track the same group, such as Operator Panda, Ghostemperor and FamousSparrow. This discrepancy with naming “can reduce confidence, complicate analysis and delay response,” Microsoft said.
As part of the collaboration, Microsoft has released a reference guide that not only establishes Microsoft’s name conventions, but also includes other names given to the most notorious hacking groups of other security providers.
This guide divides nation-state actors into their geographical location using weather-themed names such as the suffix, such as Typhoon for China, and Blizzard for Russia.
Other groups, such as influence campaigns (flooding), financially motivated groups (tempest) and commercial cyberweapon developers (tsunami), are also traced using the Weather Event -theme names.
Groups that do not have a known affiliation, motivation or groups that have recently arrived are traced as a storm.
Google and their Mandiant subsidiary will also contribute to the mapping of the hacking group names along with Palo Alto Networks Unit 42.
“Security is a shared responsibility that requires a socially -providing effort to improve defensive measures. We are happy to join forces with Crowdstrike, and we look forward to others joining this journey,” Microsoft said.
