'Midnight Blizzard', 'Cozy Bear' and more ...How Microsoft, Google and other tech companies plans to untangle weird hacker nicknames
Microsoft, Google, CrowdStrike and
Palo Alto Networks
have announced that they will create a public glossary for
state-sponsored hacking groups
and cybercriminals. The goal is to reduce confusion caused by numerous unofficial nicknames for these entities.
Microsoft
and CrowdStrike expressed hopes of involving other industry partners and the US government in this effort to identify threat actors.
"We do believe this will accelerate our collective response and collective defense against these threat actors," stated Vasu Jakkal, corporate vice president at Microsoft Security.
Why it matters for US government and researchers
Cybersecurity companies
have long assigned coded names to hacking groups because attributing digital attacks can be difficult. Researchers need a way to track their adversaries.
These names vary from functional, like "APT1" (Mandiant) or "TA453" (Proofpoint), to more colorful aliases such as "Earth Lamia" (TrendMicro) or "Equation Group" (Kaspersky). CrowdStrike's evocative names, like "
Cozy Bear
" for Russian hackers and "Kryptonite Panda" for Chinese groups, have been particularly popular, leading others to adopt similar styles. For example, Secureworks (now owned by Sophos) began using "Iron Twilight" for Russian hackers previously known as "TG-4127" in 2016.
Microsoft also recently changed its naming convention from element-themed names like "Rubidium" to weather-themed ones such as "Lemon Sandstorm" or "Sangria Tempest."
"But the same actor that Microsoft refers to as Midnight Blizzard might be referred to as Cozy Bear, APT29, or UNC2452 by another vendor. Our mutual customers are always looking for clarity. Aligning the known commonalities among these actor names directly with peers helps to provide greater clarity and gives defenders a clearer path to action," Jakkal said.
However, the proliferation of these unique aliases has created overload. A 2016 U.S. government report on hacking attempts against the election caused confusion by using 48 different nicknames for various Russian hacking groups and malicious programs, including "Sofacy," "Pawn Storm," and "Tsar Team."
Michael Sikorski, CTO for Palo Alto's threat intelligence unit, called the initiative a "game-changer," noting, "Disparate naming conventions for the same threat actors create confusion at the exact moment defenders need clarity."
Adam Meyers, CrowdStrike's senior vice president of Counter Adversary Operations, highlighted an early success. He reported that the initiative already helped his analysts link a group Microsoft named "Salt Typhoon" with CrowdStrike's "Operator Panda."
5 biggest AI announcements at Microsoft Build 2025
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Time of India
5 minutes ago
- Time of India
India, Pakistan conflict among issues discussed during Putin-Trump phone call: Kremlin aide
The recent conflict between India and Pakistan was among the issues figured during a phone call between Russian President Vladimir Putin and US President Donald Trump, according to a Kremlin aide. During their conversation on Wednesday, the two leaders discussed Ukraine and also touched on some other issues, Kremlin aide Yury Ushakov told a briefing. "They also touched upon the Middle East and the armed conflict between India and Pakistan, which was stopped with the personal participation of President Trump," Ushakov was quoted as saying by Russia's state-run TASS news agency. Ushakov, however, didn't share the details. Trump has repeatedly claimed that he stopped India and Pakistan from fighting. Live Events However, India has been maintaining that the understanding on cessation of hostilities with Pakistan was reached following direct talks between the Directors General of Military Operations (DGMOs) of the two militaries. Meanwhile, Prime Minister Shehbaz Sharif has urged President Putin to assist in resolving the conflict with India, Pakistan PM's special aide Syed Tariq Fatemi said. Fatemi, who met Foreign Minister Sergey Lavrov in Moscow on Tuesday, handed over a letter from Sharif for Putin. His visit came days after a highly successful tour of a multi-party parliamentary delegation led by DMK MP Kanimozhi Karunanidhi, who spread awareness about Pakistan-sponsored cross-border terrorism and got solid Russian backing for India's zero-tolerance policy against terrorism. "I met with Russian Foreign Minister Lavrov. I gave him a letter from our prime minister to Mr. Putin. We asked...[him] to use his influence to make sure that India and Pakistan sit down at the negotiating table and reach a diplomatic solution," Fatemi said on Wednesday. He also emphasised that Pakistan awaits any initiative from Russia that would help reduce the degree of tension with India, TASS reported. "We are here to see support from Russia to any initiative that would ease tensions. Pakistan and India must sit down at the negotiating table," he was quoted as saying by the Russian news agency. "We are ready to sit down with them at the negotiating table and let them solve the problem," he added. Tensions between India and Pakistan escalated after the Pahalgam terror attack, with India carrying out precision strikes on terror infrastructure in Pakistan and Pakistan-occupied Kashmir in the early hours of May 7. Pakistan attempted to attack Indian military bases on May 8, 9, and 10. The Indian side responded strongly to the Pakistani actions. The on-ground hostilities ended with an understanding of stopping the military actions following talks between the directors general of military operations of both sides on May 10. PTI
Economic Times
5 minutes ago
- Economic Times
OpenAI finds more Chinese groups using ChatGPT for malicious purposes
OpenAI is seeing an increasing number of Chinese groups using its artificial intelligence technology for covert operations, which the ChatGPT maker described in a report released Thursday. While the scope and tactics employed by these groups have expanded, the operations detected were generally small in scale and targeted limited audiences, the San Francisco-based startup said. Since ChatGPT burst onto the scene in late 2022, there have been concerns about the potential consequences of generative AI technology, which can quickly and easily produce human-like text, imagery and audio. OpenAI regularly releases reports on malicious activity it detects on its platform, such as creating and debugging malware, or generating fake content for websites and social media platforms. In one example, OpenAI banned ChatGPT accounts that generated social media posts on political and geopolitical topics relevant to China, including criticism of a Taiwan-centric video game, false accusations against a Pakistani activist, and content related to the closure of USAID. Some content also criticised US President Donald Trump's sweeping tariffs, generating X posts, such as "Tariffs make imported goods outrageously expensive, yet the government splurges on overseas aid. Who's supposed to keep eating?". In another example, China-linked threat actors used AI to support various phases of their cyber operations, including open-source research, script modification, troubleshooting system configurations, and development of tools for password brute forcing and social media automation. A third example OpenAI found was a China-origin influence operation that generated polarized social media content supporting both sides of divisive topics within U.S. political discourse, including text and AI-generated profile images. China's foreign ministry did not immediately respond to a Reuters request for comment on OpenAI's findings. OpenAI has cemented its position as one of the world's most valuable private companies after announcing a $40 billion funding round valuing the company at $300 billion.
Time of India
14 minutes ago
- Time of India
AI upstart Manus starts text-to-video service to take on OpenAI
HighlightsManus has introduced a text-to-video generation feature, allowing users to create videos from text instructions in minutes, amidst competition from OpenAI, Alibaba Group Holding Ltd., and Tencent Holdings Ltd. The company, which gained attention after launching its AI service capable of performing multistep tasks, offers early access to paid subscribers before making the feature available for free to all users. As the text-to-video generation market grows, Chinese companies like Alibaba and Tencent are challenging proprietary Western competitors, indicating a potential disruption in industries such as entertainment, education, and marketing. Manus unveiled a text-to-video generation feature, entering a competitive segment populated by rivals from OpenAI to China's Alibaba Group Holding Ltd. and Tencent Holdings Ltd. The upstart, whose AI service is known for its ability to carry out multistep tasks the way humans do, said users can now similarly generate videos with text instructions. Its AI agent can transform a text command into a structured, sequenced video story in minutes, the company said on X. Paid subscribers get early access before Manus rolls out the feature for free for everyone. The company is taking on competitors like OpenAI's Sora, which is available to paid subscribers via ChatGPT, with the Pro version costing $200 a month. Other Western contenders like Runway, Synthesia and Google price their offerings based on subscription or pay-per-use. Manus, which has Chinese roots, was little known until the debut of its AI agent this year, just weeks after peer DeepSeek rattled the global market with its cost-efficient model. Manus' owner Butterfly Effect made global headlines for snagging venture funds from high-profile Silicon Valley investor Benchmark Capital, right in the midst of escalating US-China tensions in fields including artificial intelligence . Text-to-video model creators are forging ahead with technological advances. Chinese giants' open source products, such as Alibaba's Wan and Tencent's Hunyuan, are challenging proprietary Western competitors. At stake is a multibillion-dollar market with the potential to disrupt industries like entertainment, education and marketing.
