Cybersecurity Experts Warn Against Glamorizing Threat Actors

Summary

Former CISA and NCSC heads advocate for standardized, vendor-neutral threat actor naming conventions to enhance cybersecurity efforts. They argue the current system, which often uses catchy but misleading names, obscures attribution, mystifies the public, and glamorizes malicious actors. This push for standardized naming aims to improve communication, response times, and overall understanding of cyber threats.

Dont let data threats slow you downTrueNAS offers enterprise-level protection.

** Main Story**

Okay, so the cybersecurity world’s buzzing about something kind of interesting: how we name the bad guys. I mean, you know, the threat actors trying to mess with our digital lives. It’s a bit of a hot topic right now.

Basically, some big names like Jen Easterly (ex-CISA head) and Ciaran Martin (formerly of NCSC) are saying the current naming system is…well, a bit of a mess, to put it mildly. They think all those catchy names are actually doing more harm than good.

The Problem with all those Catchy Names though?

Think about it; ‘Fancy Bear’ or ‘Volt Typhoon’ – sounds like something out of a spy thriller, right? But, according to Easterly and Martin, those names don’t really tell you anything useful. Actually, they obfuscate the issue and make it harder to really understand the threat, where it’s coming from, and who’s behind it. And if you can’t do that, how can you respond effectively?

Plus, there’s the whole ‘glamorizing’ thing. Do we really want to make these guys sound cool? It kind of downplays the seriousness of what they’re doing, don’t you think? I mean, it’s not a game, is it? These guys are doing real harm. I remember one time, a friend of mine, he’s in finance, nearly got his company crippled by a ransomware attack. It was a nightmare, and you know, the fact the attacker was nicknamed something silly didn’t make it less scary.

And get this, the lack of standardization also causes problems for cybersecurity pros. Different vendors use different names for the same actors! Can you imagine trying to coordinate a response when everyone’s calling the same threat by a different name? It’s a recipe for disaster and definitely leads to delays. And delays? That’s what the bad guys want. It gives them more time to cause damage.

So, what’s the solution?

Easterly and Martin are suggesting a standardized, vendor-neutral naming system. Something clear, accurate, and, dare I say, a little boring. But boring in a good way! They suggest using country names, for example. Simple, direct, and gives you immediate context. Makes sense, doesn’t it? And it would definitely help everyone – government agencies, companies, the public – to be on the same page.

Think of it like this, standardization works in other complex fields like biology or aviation. I mean, we don’t call airplanes ‘Sky Pandas,’ do we? Or maybe we should…but no, let’s stick to the plan. Anyway, if it works in other fields, why not cybersecurity?

Moving Towards Clarity, Step by Step

Actually, Microsoft and CrowdStrike recently partnered up to harmonize their naming conventions. That’s a start, but Easterly and Martin reckon it’s not enough. We need a more fundamental shift in how we name and identify these cyber adversaries. It is absolutely necessary that the proprietary names are gotten rid of.

Ultimately, this is about making things clearer for everyone. By removing the mystique, we can empower the public to better understand the threats they face. And in a world where cyber attacks are becoming increasingly common and sophisticated, that’s more important than ever. A more informed approach to cyber security, can only be a positive thing, surely?