Microsoft and CrowdStrike Unite to Link Attackers' Names

By Netvora Tech News

---

Microsoft and cybersecurity firm CrowdStrike are collaborating to link the names of various attackers, using a kind of "Rosetta Stone" to bridge the gap between different naming conventions. Currently, security companies often use their own names to refer to groups of attackers, with Microsoft referring to a particular group as "Midnight Blizzard," while others may use names like "Cozy Bear," "APT29," or "UNC2452."

According to Adam Meyers, a CrowdStrike expert, the goal is to create a comprehensive system for linking the names of different groups. "We're going to make a kind of 'Rosetta Stone'," Meyers said. He noted that previous attempts to link names were often based on open-source information and were more focused on "analytic assessments." This collaboration is different, aiming to make it easier for customers to identify the group behind an attack.

Comparing and Linking Names

So far, the names of around 80 groups have been compared and linked, Microsoft revealed. The initiative is expected to gain further momentum, with Google/Mandiant and Palo Alto Networks Unit 42 set to join the effort.

Benefits for Customers

The benefits of this collaboration are clear. With a standardized naming system, customers will be able to quickly identify the group behind an attack, enabling more effective response and mitigation strategies. This can lead to improved cybersecurity overall, as well as increased efficiency and reduced costs for organizations.

Industry-Wide Impact

This initiative has the potential to impact the entire cybersecurity industry. By standardizing naming conventions, companies can better communicate and share information about different groups, facilitating a more coordinated response to emerging threats.