Are we making hackers sound too cool? These security experts think so
Date:
Fri, 20 Jun 2025 19:25:00 +0000
Description:
We may have to rethink what we call the cyberattackers in future.
FULL STORY ======================================================================Cybersec urity experts recommend we rethink the way we name attackers Names like Salt Typhoon and Fuzzy Bear are misleading, they argue Microsoft and CrowdStrike have agreed to align their naming conventions
A co-written article from former heads of the UK and USA cybersecurity agencies, Jen Easterly (CISA) and Ciaran Martin (NCSC), has called for the naming conventions of threat actors to be reconsidered, calling the current names misleading.
These names arent just confusingtheyre misleading. They obscure attribution, mystify the public, and often glamorize dangerous adversaries, the Just Security article urges.
Thats why we welcome the news that cybersecurity leaders Microsoft and CrowdStrike are teaming up to better align how they name and categorize cyber threat actors.
The latter sentence refers to a new strategic collaboration in which
Microsoft and CrowdStrike will align in their threat actor taxonomies , which it hopes will help improve confidence in threat actor identification, streamline correlation between reports, as well as accelerate defender action in the face of active cyberthreats. Objectively ridiculous
Easterly and Martin believe while this collaboration will help, it wont fundamentally reform the naming convention in the way thats needed.
Heres the problem: we still lack a shared, vendor-neutral, public taxonomy that enables global alignment and interoperability," they added.
In the meantime, were still using names that sound more like comic book characters than what they really are: nation-state hackers and cybercriminals actively trying to disrupt hospitals, paralyze governments, and hold businesses hostage.
The security experts believe that giving cybercriminals names like 'Scattered Spider' or 'Volt Typhoon' contribute to a sort of brand identity for the groups, running de-facto marketing campaigns for them and misleading the public on the severity of the threats.
The article calls for security experts to stop naming groups in ways that mystify, glamorize, or sanitize their nefarious activities, and even goes as far as to call it an objectively ridiculous way to inform the public about dangerous organized crime gangs.
Organizations like Scattered Spider have done serious damage and have disrupted public life in a measurable way, as it did with the alleged ransomware attack targeting British retailers - and their name should reflect the danger they pose.
These actors dont deserve clever names," the article notes. "Calling them dirtbags would frankly be more appropriate, or if creative branding is aimed at making them more memorable, wed suggest names like Scrawny Nuisance, Weak Weasel, Feeble Ferret, or Doofus Dingo. You might also like Take a look at
our picks for the best malware removal software around Check out our choice for antivirus software out there Worrying attack sees 10,000 records
allegedly belonging to VirtualMacOSX leaked
======================================================================
Link to news story:
https://www.techradar.com/pro/security/are-we-making-hackers-sound-too-cool-th ese-security-experts-think-so
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)