Microsoft, Google, Others Team Up To Standardize Confusing Hacker Group Nicknames 20
Microsoft, CrowdStrike, Palo Alto Networks, and Google announced Monday they will create a public glossary standardizing the nicknames used for state-sponsored hacking groups and cybercriminals.
The initiative aims to reduce confusion caused by the proliferation of disparate naming conventions across cybersecurity firms, which have assigned everything from technical designations like "APT1" to colorful monikers like "Cozy Bear" and "Kryptonite Panda" to the same threat actors. The companies hope to bring additional industry partners and the U.S. government into the effort to streamline identification of digital espionage groups.
The initiative aims to reduce confusion caused by the proliferation of disparate naming conventions across cybersecurity firms, which have assigned everything from technical designations like "APT1" to colorful monikers like "Cozy Bear" and "Kryptonite Panda" to the same threat actors. The companies hope to bring additional industry partners and the U.S. government into the effort to streamline identification of digital espionage groups.
And the standard is... (Score:2)
"everyone use Microsoft's naming scheme" [microsoft.com]. Brilliant. -_-
Re: And the standard is... (Score:3)
It certainly might help if the hacker groups were named something like
Pimply ballsack group
Small penis brigade
Lumpy vagina team
Instead of coolish nicknames, like cozy bear.
THE naming standard. (Score:3)
Come on now. We all know there's only one name we would vote for.
Hacky McHackerface.
Re: (Score:2)
Come on now. We all know there's only one name we would vote for.
Hacky McHackerface.
Or, rather: Hackneyed McHackneyedFace :-)
Re: (Score:2)
*raises hand excitedly* I want to pick my own name for myself!
Something like The Secret Lurker Of The Dark Shadows Of The Dungeons Of The Global Internet. Or maybe The Dark Shadow In The Deep Depths Of The Vast Internet. Or The Electric Ghost Thief Of All That's Digitally Personal And Private.
Why yes, I do write cheap fiction. How did you know?
Re: (Score:2)
TBH, I always found Fluffy Bunny to be the most threatening, while CDC was obviously going for lulz
Bug Writers vs Exploiters (Score:1)
So, the Bug Writers got together on something. Too bad it was a naming convention and not actual security.
Common names or not, my money is on the Exploiters.
Re: (Score:3)
Microsoft is AST1. Advanced Security Threat Number 1.
Kaspersky is now called GRU Software (Score:2)
That should clear things up
The names should be insulting and dumb. (Score:1)
If you're going to give a threat actor a name, give them a name that they hate that makes them look bad to everybody; that should be the standard.
Re: (Score:2)
Is Cozy Bear the same as Fancy Bear?
Real-life villains should not get cool nicknames (Score:1)
Give them boring identifiers instead. EG2025.000001 would be the first identified new Evil Group of 2025. Make sure identifiers contiaining cool number combos like 1337 are skipped.
Save the cool bad-guy nicknames for the movies and comics.
CENTRALIZE REPORTING FIRST (Score:1)
When the bad guys are breaking into your house and wanting to steal "all your monieZ" do you give a rat's ass what name they use?
NO.
NOBODY CARES. Scrappy Bear, ACT-1. Bogo-7. It doesn't matter. There are hackers. There are mitigations.
There are MANY organizations that track these and all have their own stupid numbers.
CVE. GTIG. IC3, etc.
Fix THAT first. Then when there's ONE CENTRAL ORGANIZATION we can trust, entrust it to provide useful information.
I'm not speaking for me. I'm speaking for Spanky-B
We can do the same (Score:2)