What’s in a name? When it comes to advanced persistent threat groups, it is often quite a bit.
While their monikers’ may seem whimsical – Fancy Bear, Nomadic Octopus, Ocean Lotus and Darkhotel – the reality is these are not arbitrary names. In fact, many are similar to schoolyard nicknames or a type of shorthand – tied to the attributes of the mysterious groups behind cyberattacks.
Generally speaking, it’s difficult to determine the exact entity behind an APT group. Not that it’s impossible, but while researchers might suspect that a certain country could be funding and directing an APT’s hacking, espionage and malware activity, all too often such attribution is more based on instinct or suspicions than hard evidence. Throw in false flags and other attempts to throw threat-hunters off the trail, and it becomes a dicey business to point a decisive finger at a suspected culprit after or during a cyberattack campaign.