Microsoft and Crowdstrike have announced that they are united to align their individual taxonomy of the actors threatening by publishing a new cartographic actor of a joint threat.
“Having reflected where our knowledge of these actors is aligned, we will provide security specialists to connect and make decisions with greater confidence faster,” – Vas Jacob, Vice President of Microsoft Security, Vice President – Note.
The initiative is considered as a way to unleash the nicknames that private suppliers of cybersecurity are prescribed by various hacking groups that are widely classified as a nation -state, financially motivated, affecting operations, offensive subjects of the private sector and new clusters.
For example, a Russian state -owned threat that is tracked by Microsoft as Midnight Blizzard (previously Nobelium), also known as APT29, Blues, closed Urs, cozy bear, iron hemlock and heaven.
Similarly, forest snowstorms (formerly strontium) pass by other nicknames such as blue Athena, Blondelta, bear fantasy, struggle against Ursa, frozen, iron dusk, pawn, assault, seodine, shame and Ta422. Microsoft turned from using chemical elements inspired by names to Weather nomenclature with weather topics In April 2023.
According to these names for suppliers, the idea is to make the tracking of the actor, which is overlapping, much easier and avoid unwanted confusion when it comes to the attribution of threat, which, in turn, can reduce confidence, complicate the analysis and reaction of delay.
While the only system of displaying threats is a bilateral effort, Google and its mandatory subsidiary, and the Palo Alto Networks 42 unit also contribute to effort. Other cybersecurity companies are likely to join this initiative in the future. Considering this, cooperation is not aimed at creating a single standard standard.
Crowdstrike said the alignment led to successful decorations of more than 80 opponents, adding that the alliance is aimed at better correlating the alias actors threatened without following the single name scheme. He called the new dictionary “Stone Rosette”.
“In addition, when telemetry supplements each other, there is an opportunity to expand the attribution in more planes and vectors – the creation of a more perfect and accurate idea of the affiliate companies that benefit the whole community,” Adam Meyers Crowdstrike – Note.
