- Cybersecurity experts suggest we rethink the best way we title attackers
- Names like Salt Storm and Fuzzy Bear are deceptive, they argue
- Microsoft and CrowdStrike have agreed to align their naming conventions
A co-written article from former heads of the UK and USA cybersecurity companies, Jen Easterly (CISA) and Ciaran Martin (NCSC), has referred to as for the naming conventions of menace actors to be reconsidered, calling the current names ‘deceptive’.
“These names aren’t simply complicated—they’re deceptive. They obscure attribution, mystify the general public, and infrequently glamorize harmful adversaries,” the Just Security article urges.
“That’s why we welcome the information that cybersecurity leaders Microsoft and CrowdStrike are teaming as much as higher align how they title and categorize cyber menace actors.”
The latter sentence refers to a brand new strategic collaboration by which Microsoft and CrowdStrike will align of their menace actor taxonomies, which it hopes will assist enhance confidence in menace actor identification, ‘streamline correlation’ between experiences, in addition to ‘speed up defender motion within the face of energetic cyberthreats.’
Objectively ridiculous
Easterly and Martin consider whereas this collaboration will assist, it received’t ‘basically reform’ the naming conference in the best way that’s wanted.
“Right here’s the issue: we nonetheless lack a shared, vendor-neutral, public taxonomy that permits international alignment and interoperability,” they added.
“Within the meantime, we’re nonetheless utilizing names that sound extra like comedian e-book characters than what they actually are: nation-state hackers and cybercriminals actively making an attempt to disrupt hospitals, paralyze governments, and maintain companies hostage.”
The safety experts consider that giving cybercriminals names like ‘Scattered Spider’ or ‘Volt Storm’ contribute to a form of model identification for the teams, operating de-facto advertising campaigns for them and deceptive the general public on the severity of the threats.
The article requires safety experts to cease naming teams in ways in which ‘mystify, glamorize, or sanitize their nefarious actions’, and even goes so far as to name it an ‘objectively ridiculous strategy to inform the general public’ about harmful organized crime gangs.
Organizations like Scattered Spider have finished critical harm and have disrupted public life in a measurable approach, because it did with the alleged ransomware assault focusing on British retailers – and their title ought to mirror the hazard they pose.
“These actors don’t deserve intelligent names,” the article notes. “Calling them dirtbags would frankly be extra applicable, or if artistic branding is aimed toward making them extra memorable, we’d recommend names like Scrawny Nuisance, Weak Weasel, Feeble Ferret, or Doofus Dingo.”