'Forest Blizzard' vs 'Fancy Bear': Microsoft, Google, Crowdstrike hope to untangle weird hacker nicknames
Microsoft, CrowdStrike, Palo Alto and Alphabet's
Google
on Monday said they would create a public glossary of
state-sponsored hacking
groups and cybercriminals, in a bid to ease confusion over the menagerie of unofficial nicknames for them.
Microsoft
and
CrowdStrike
said they hoped to potentially bring other industry partners and the U.S. government into the effort to identify Who's Who in the murky world of digital espionage.
"We do believe this will accelerate our collective response and collective defense against these threat actors," said Vasu Jakkal, corporate vice president, Microsoft Security.
How meaningful the effort ends up being remains to be seen.
by Taboola
by Taboola
Sponsored Links
Sponsored Links
Promoted Links
Promoted Links
You May Like
One of the Most Successful Investors of All Time, Warren Buffett, Recommends: 5 Books for Turning...
Blinkist: Warren Buffett's Reading List
Click Here
Undo
Cybersecurity companies
have long assigned coded names to hacking groups, as attributing hackers to a country or an organization can be difficult and researchers need a way to describe who they are up against.
Some names are dry and functional, like the "APT1" hacking group exposed by cybersecurity firm Mandiant or the "TA453" group tracked by Proofpoint. Others have more color and mystery, like the "Earth Lamia" group tracked by TrendMicro or the "Equation Group" uncovered by Kaspersky.
Live Events
CrowdStrike's evocative nicknames - "Cozy Bear" for a set of Russian hackers, or "Kryptonite Panda" for a set of Chinese ones - have tended to be the most popular, and others have also adopted the same kind of offbeat monikers.
Discover the stories of your interest
Blockchain
5 Stories
Cyber-safety
7 Stories
Fintech
9 Stories
E-comm
9 Stories
ML
8 Stories
Edtech
6 Stories
In 2016, for example, the company Secureworks - now owned by Sophos - began using the name "Iron Twilight" for the Russian hackers it previously tracked as "TG-4127." Microsoft itself recently revamped its nicknames, moving away from staid, element-themed ones like "Rubidium" to weather-themed ones like "Lemon Sandstorm" or "Sangria Tempest." But the explosion of whimsical aliases has already led to overload. When the U.S. government issued a report about hacking attempts against the 2016 election, it sparked confusion by including 48 separate nicknames attributed to a grab bag of Russian
hacking groups
and malicious programs, including "Sofacy," "Pawn Storm," "CHOPSTICK," "Tsar Team," and "OnionDuke."
Michael Sikorski, the chief technology officer for Palo Alto's threat intelligence unit, said the initiative was a "game-changer."
"Disparate naming conventions for the same threat actors create confusion at the exact moment defenders need clarity," he said.
Juan Andres Guerrero-Saade, Executive Director for Intelligence and Security Research at cybersecurity firm SentinelOne, was skeptical of the effort, saying the cold reality of the cybersecurity industry was that companies hoarded information.
Unless that changed, he said, "this is branding-marketing-fairy dust sprinkled on top of business realities."
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
NDTV
an hour ago
- NDTV
India Helping Auto Industry Meet Chinese Officials On Rare Earth Export Ban: Sources
Quick Read Summary is AI generated, newsroom reviewed. The Indian government is facilitating discussions between auto companies and China's commerce ministry due to China's export ban on rare earth magnets. India plans to develop its own magnet policy and domestic manufacturing, but it may take time. New Delhi: The Prime Minister's Office and the Indian embassy in China are helping Indian auto companies to hold a meeting with the Chinese commerce ministry in Beijing amid the neighbouring country's ban on export of rare earth magnets, people with direct knowledge of the matter said. China controls 90 per cent of the processing of such magnets, also used in industries such as clean energy and defence, apart from the automotive industry. India's three ministries - Heavy Industries, External Affairs, and Industry and Commerce - are involved in the discussions, people familiar with the matter said. A 50-member delegation of representatives from original equipment manufacturers (OEMs), Society of Indian Automobile Manufacturers (SIAM), and Automotive Component Manufacturers Association of India (ACMA) planned to visit China this week, but that did not work out. India is likely to consider having a proper rare earth magnet policy of its own to avoid the risk of getting caught in such a situation again, but that would take two-three years. There has been no import of rare earth magnets from China and no new licence has been issued since April 4, the day China announced its export ban. India is looking to develop domestic manufacturing capabilities and is considering offering production-based fiscal incentives to companies, news agency Reuters reported quoting two unnamed sources. The scheme, being drafted by the Ministry of Heavy Industries, also envisions partly funding the difference between the final price of the homegrown magnet and the cost of the Chinese imports. This would help achieve cost parity and boost local demand, Reuters reported, adding that funding for the scheme has yet to be decided, with the government likely to meet industry officials next week to finalise the details. The government company IREL (India) Ltd has been mining rare earth material for years, which are mainly used by atomic energy and defence units, with most supplies for other uses still imported from China. In Japan, Suzuki Motor has suspended production of its Swift car because of China's curbs.
Mint
2 hours ago
- Mint
Nvidia dumps $4.5 billion in chips amid US trade restrictions: Why are China-specific H20 chips unusable?
Nvidia, the world's top chipmaker isn't immune to the unpredictable fallout of global politics. Last week, as the company reported another strong earnings report, CEO Jensen Huang revealed the sobering news of a $4.5 billion write-off for chips that were supposed to be sent to China and now have nowhere to go. Huang said during the earnings call that, 'We are taking a multibillion dollar write off on inventory that cannot be sold or repurposed,' quoted Fortune. The chips, which have led to the massive loss, known as the H20 chips, were designed by Nvidia specifically for Chinese clients to meet earlier US export restrictions, according to the report. These chips weren't top-of-the-line, but they were still advanced enough for AI development and, also legal to ship under the Biden administration's rules, as per Fortune. Nvidia now faces a significant setback with a $4.5 billion write-off due to US export restrictions, rendering its China-specific H20 chips unusable. Designed to comply with previous regulations, these chips are now banned under new rules, leaving Nvidia unable to repurpose them for other markets. But things changed after US president Donald Trump took office, as he went a step further in early April and banned exports of even these chips, according to the report. However, Nvidia's newest chips have made gains in training large artificial intelligence systems, new data released on Wednesday showed, with the number of chips required to train large language models dropping dramatically. MLCommons, a nonprofit group that publishes benchmark performance results for AI systems, released new data about chips from Nvidia and Advanced Micro Devices, among others, for training, in which AI systems are fed large amounts of data to learn from. While much of the stock market's attention has shifted to a larger market for AI inference, in which AI systems handle questions from users, the number of chips needed to train the systems is still a key competitive concern. China's DeepSeek claims to create a competitive chatbot using far fewer chips than U.S. rivals. The results were the first that MLCommons has released about how chips fared at training AI systems such as Llama 3.1 405B, an open-source AI model released by Meta Platforms that has a large enough number of what are known as "parameters" to give an indication of how the chips would perform at some of the most complex training tasks in the world, which can involve trillions of parameters. Nvidia and its partners were the only entrants that submitted data about training that large model, and the data showed that Nvidia's new Blackwell chips are, on a per-chip basis, more than twice as fast as the previous generation of Hopper chips.
Time of India
2 hours ago
- Time of India
Denmark's biggest cities say goodbye to Microsoft, citing concerns over Donald Trump's policies
Why are Danish cities moving away from Microsoft under Trump's presidency? How much were Copenhagen and Aarhus spending on Microsoft? Live Events Are European tech alternatives actually working out? Is Microsoft still deeply integrated in municipal systems? What does this move say about Europe's digital independence? FAQs: (You can now subscribe to our (You can now subscribe to our Economic Times WhatsApp channel Copenhagen and Aarhus, Denmark's two largest cities, are officially cutting ties with Microsoft as their primary IT provider. The decision, announced in late May 2025, stems from a mix of political and financial concerns. Officials pointed to growing unease about relying on a U.S.-based tech giant while Donald Trump is in office, especially as global tensions rise. On top of that, the cities have seen a sharp increase in software costs. The move marks a significant shift in how European municipalities are rethinking digital sovereignty and long-term IT officials made it clear that the current geopolitical environment under President Donald Trump played a role in their decision. According to Henrik Appel Espersen, head of the city's audit committee, the risk of international relations breaking down could put local IT systems at risk. 'If we suddenly can't send emails or communicate internally because of a political fallout, that's a huge problem,' he told leaders fear that, under pressure, a company like Microsoft could be forced by the U.S. government to restrict access to its services abroad. This fear of disruption in public operations is now shaping procurement decisions across the rising cost of Microsoft services has raised eyebrows in both cities. According to Danish tech site Version2, total municipal spending on Microsoft software jumped from 313 million kroner in 2018 to 538 million kroner in 2023. That's a massive 72% increase in just five Aarhus, where the switch has already started, the savings are very real. Bo Fristed, who leads the digital services department in the city's culture and citizens' division, said moving to a German cloud provider slashed their IT budget—from 800,000 kroner to 225,000 kroner has already replaced Microsoft with a German-based cloud provider, though the transition hasn't been perfect. Fristed admitted that most of his department's staff see the new system as a downgrade in terms of user experience. Still, the significant savings made the switch Copenhagen, a similar shift is being planned. While no official vendor has been named yet, a European alternative to Microsoft is likely to take over in the coming Despite these changes, Microsoft is still embedded in many public systems. From Office programs to cloud storage and communication tools, the company's products have long been the backbone of local IT infrastructure. That's why this decision is both bold and challenging—it's not just a software swap, it's a full system recently, officials believed there were no real alternatives. That's starting to change as European cities push for more control over their digital tools and isn't just a local issue—it's part of a larger European movement toward digital sovereignty. The decision by Denmark's two largest cities sends a message: relying too heavily on U.S. tech companies may no longer be safe or Trump's administration takes a tougher stance on global tech policy, European cities and governments are re-evaluating their IT partnerships. What's happening in Copenhagen and Aarhus might be just the to rising costs and political risks under Trump's U.S. tech switched to a German cloud provider to reduce spending and risk.
