Particle.news

Download on the App Store

Cybersecurity firms launch public glossary to unify hacker group aliases

The guide translates between vendor naming conventions to accelerate threat actor attribution

CrowdStrike logo is seen in this illustration taken July 29, 2024. REUTERS/Dado Ruvic/Illustration/File Photo
A group of people sitting at a table in a conference room.

Overview

  • Microsoft, CrowdStrike, Google and Palo Alto Networks unveiled a public glossary linking nicknames for state-sponsored hacking groups and cybercriminals.
  • The companies have already deconflicted over 80 threat actors through direct, analyst-led mapping of different naming systems.
  • Rather than imposing one standard, the glossary aligns intelligence to reduce the time spent reconciling disparate threat actor aliases.
  • Google’s Mandiant and Palo Alto’s Unit 42 have contributed initial mappings, and more cybersecurity firms are expected to join.
  • Some researchers warn that industry reluctance to share telemetry data may limit the glossary’s effectiveness.