For example, take the notorious Russian state-proposed group behind Solarwinds Breach. Microsoft calls it Midnight Blizard, but the security teams can face it comfortable bear, APT29, Nobelium, UnC2452, Dark Hello, or any of more than 10 other names in various security firms.
Singh said, “Security teams often get many alerts about the same group of attackers, but each alert uses a different name. This means that they many times chases the same issue and ruin the time,” Singh explained. “Needs precious times to react quickly to an attack, while the teams are busy correlating the name of the danger.”
Kumar Avizit, vice president of Everest Group, pointed to examples where confusion has real results. “In practice, the co -existence of several surnames for the same opponent has hurried the ability of security teams to quickly feed intelligence, shared conclusions and prioritize response tasks,” Avizit said. “This mismatch can give rise to duplicate efforts, delay the reaction to the event, and leave gaps in coverage when the defenders assumed that they are tracking different hazards.”
