menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Technology News

>

Are we mak...
source image

Tech Radar

3w

read

350

img
dot

Image Credit: Tech Radar

Are we making hackers sound too cool? These security experts think so

  • Cybersecurity experts call for a reconsideration of how threat actors are named, labeling names like Salt Typhoon and Fuzzy Bear as misleading and glamorizing.
  • Former heads of UK and USA cybersecurity agencies criticize current naming conventions for obscuring attribution and glamorizing adversaries.
  • Microsoft and CrowdStrike announce a collaboration to align their threat actor naming conventions.
  • The collaboration aims to enhance confidence in threat actor identification, streamline correlation between reports, and accelerate defender action.
  • Easterly and Martin believe the current collaboration won't fundamentally reform the naming convention as needed.
  • Lack of a shared, vendor-neutral, public taxonomy hinders global alignment and interoperability in threat actor naming.
  • Naming cybercriminal groups with unique and exotic names contributes to building a brand identity and misleading the severity of threats.
  • Security experts advocate for ceasing the mystification and glamorization of cybercriminal groups through naming.
  • Names like 'Scattered Spider' should reflect the actual danger posed by these groups, not sanitize their activities.
  • The article suggests more appropriate names like 'Scrawny Nuisance' or 'Weak Weasel' instead of clever titles for cybercriminal groups.
  • Organizations like Scattered Spider have caused significant disruptions, as seen in the alleged ransomware attack targeting British retailers.
  • The naming of threat actors is criticized as a marketing campaign inadvertently glorifying dangerous organized crime gangs.
  • The article deems the use of creative names for cybercriminal groups as an 'objectively ridiculous' way to inform the public about their activities.
  • Security experts emphasize the need for more accurate and less embellished names to describe the activities of cybercriminal groups.
  • The article suggests using names like 'Doofus Dingo' instead of exotic titles for cybercriminal organizations to reflect their true nature.
  • Overall, the call is to stop mystifying, glamorizing, or sanitizing the nefarious activities of cybercriminal groups through misleading names.

Read Full Article

like

21 Likes

share

4 Shares

For uninterrupted reading, download the app