Max Smeets writes about cyber threats with too many names

Max Smeets, Research Affiliate of the Cyber Studies Programme, has written an article (24 October) for the website of the Council on Foreign Relations think tank about the confusion caused by giving specific cyber threats multiple names.

Max writes, “Like palaeontologists or astronomers, cybersecurity firms like to name their new discoveries. But unlike other sciences, the liberal naming of threat actors and incidents causes a host of problems that confuses accurate data collection and determining whether a threat group still constitutes a threat.”

He adds, “[G]iving the same name to different cyber incidents is unnecessarily confusing. Cloud Atlas is also named Inception. Saffron Rose also goes by the name Flying Kitten and Ajax Team. Dark Hotel is also called Tapaoux, Luder or Nemim. Dyncalc is APT12 or Numbered Panda. Hangover is Viceroy Tiger. Mirage is Vixen Panda. Cabarnak is Anunak. Sofacy is also called APT28, OP Pawn Storm or Fancy Bear. The list goes on. Can you still keep them separate?”

The full article can be read here: http://blogs.cfr.org/cyber/2016/10/24/when-naming-cyber-threat-actors-does-more-harm-than-good/