Everyday is lazarus.dayβ

How Microsoft names threat actors

2023-04-18, Microsoft
#Sleet #DiamondSleet #EmeraldSleet #OnyxSleet #OpalSleet #PearlSleet #RubySleet #SapphireSleet #Lawrencium #Storm-0530


How Microsoft names threat actors
Microsoft has shifted to a new naming taxonomy for threat actors aligned with the theme of weather. With the new taxonomy, we intend to bring better clarity to customers and other security researchers already confronted with an overwhelming amount of threat intelligence data and offer a more organized, articulate, and easy way to reference threat actors so that organizations can better prioritize and protect themselves.
Microsoft categorizes threat actors into five key groups:
Nation-state actors: cyber operators acting on behalf of or directed by a nation/state-aligned program, irrespective of whether for espionage, financial gain, or retribution. Microsoft has observed that most nation state actors continue to focus operations and attacks on government agencies, intergovernmental organizations, non-governmental organizations, and think tanks for traditional espionage or surveillance objectives.
Financially motivated actors: cyber campaigns/groups directed by a criminal organization/person with motivations of financial gain and haven't been associated with high confidence to …