Beware of these weather-named threat actors

Know who the biggest online threats are

Reading time icon 3 min. read


Readers help support Windows Report. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help Windows Report effortlessly and without spending any money. Read more

Key notes

  • The tech giant just renamed the entire threat-actor database.
  • Now, threats are going to be labeled using weather-themed icons.
  • Certain countries have their own unique logos, to be identified faster.
hacker

In this ever-changing online world, security is or should be the number one priority for everyone involved. However, that is easier said than done.

Malicious third parties seem to always be one step ahead of everyone, and staying protected means we need to also evolve and progress.

Now, Microsoft Security is making a big change in how it labels threat actors. Today, the tech giant revealed that from now on, these threats will be labeled based on weather terms.

Microsoft renamed threat actors based on wather

Speaking of security, you might want to look up how you can stay safe while online. On that note, we’ve prepared a lot of security-oriented articles to help you out.

If you are still using Windows 10, we’ve tested over 25 antivirus solutions and have compiled a list of the best ones for you.

Circling back, Microsoft said that, with the new taxonomy, it intends to bring better context to customers and security researchers that are already confronted with an overwhelming amount of threat intelligence data.

This initiative will offer a more organized, memorable, and easy way to reference adversary groups so that organizations can better prioritize threats and protect themselves.

Basically, security professionals will instantly have an idea of the type of threat actor they are up against, just by reading the name.

Furthermore, a large number of the new weather terms will identify the threat actors as coming from specific countries.

ChinaTyphoon
IranSandstorm
LebanonRain
North KoreaSleet
RussiaBlizzard
South KoreaHail
TurkeyDust
VietnamCyclone

The Redmond company will also break down some more specific threats from certain nation-states with additional sub-categories.

Russia has Blizzard as its main threat name, but it will also get Midnight Blizzard, Forest Blizzard, and Aqua Blizzard for more specific security issues, for example.

Of course, these new innovative weather terms will also extend to describe other threat actor issues, as you are about to see in the table below.

Financially motivatedTempest
Private sector offensive actorsTsunami
Influence operationsFlood
Groups in developmentStorm

And, if a threat comes from an unknown source, or if one cannot be identified immediately, Microsoft will use the term Storm, followed by a four-digit number, as a preliminary label until it can be fully identified.

Microsoft claims that it has also established a new set of icons to go along with these new weather names for threat actors.

Microsoft threat actor names

Each of these icons uniquely represents a family name, and where it makes sense will accompany the threat actor names as a visual aid.
In truth, this new naming approach does not in any way change who the threat actors are that the company is tracking.

If you want to find out more about this new system, head on over to the dedicated Microsoft support page.

Know that all of Microsoft’s product pages that use security threat terminology will be updated with the new terms by September 2023.

We’ll monitor the situation and see what else Microsoft comes up with. Be sure to leave a comment below with your thoughts and opinions on this matter.

More about the topics: malware