Overview
- Microsoft, CrowdStrike, Google and Palo Alto Networks unveiled a public glossary linking nicknames for state-sponsored hacking groups and cybercriminals.
- The companies have already deconflicted over 80 threat actors through direct, analyst-led mapping of different naming systems.
- Rather than imposing one standard, the glossary aligns intelligence to reduce the time spent reconciling disparate threat actor aliases.
- Google’s Mandiant and Palo Alto’s Unit 42 have contributed initial mappings, and more cybersecurity firms are expected to join.
- Some researchers warn that industry reluctance to share telemetry data may limit the glossary’s effectiveness.