Keeping track of people determined to wreak havoc through computer hacks and cyber crime isn’t easy, but Microsoft officials say naming the groups is a small but important step in stopping them.
Microsoft explained its naming system for nation-state-affiliated threat entities during The National's exclusive tour of the company's cyber crime centre in Redmond, Washington.
Mint Sandstorm, Storm-2035, Sefid Flood, Salt Typhoon, Cotton Sandstorm and Taizi Flood are just a few of the many names given to groups operating out of Iran, China, Russia and North Korea, which Microsoft told The National are home to some of the most active actors in the nation-state cyber crime space.
“We used to track everything as an element from the periodic table − like barium, strontium and phosphorus,” said Steven Masada, assistant general counsel of Microsoft's digital crimes unit, which leads the company's efforts to combat cyber crime around the world.
Mr Masada, who also served as assistant US attorney for the western district of Washington state, said that due to the sheer number of hacker and cyber crime groups around the world, Microsoft ran out of elements from the periodic table.
“So, we switched to the storm system, which despite some naysayers, has really caught on,” he added.
“Sleet is North Korea, Typhoon is China, Sandstorm is Iran and Blizzard is Russia,” Mr Masada continued, saying that once Microsoft researches the cyber criminals from various countries and their differing techniques, they add more details to the name, such as Mint Sandstorm, which was given to a nation-state nefarious computer cyber crime actor originating out of Iran.
For groups that aren't necessarily nation-state affiliated, Mr Masada said that other names are given.
“We use the word 'tempest' for financially motivated groups … there's one called Vanilla Tempest, which is an incredibly active ransomware group.
He added that any group with the word “flood” included in the name, is likely a disinformation or influence operation group.
Mr Masada said around the world there has been a significant increase in nation-state actor cyber crime activity. The 2024 US presidential election, coupled with the Israel-Gaza war, saw an uptick in cyber crime efforts based out of Iran.
“One example is Mint Sandstorm, it's an Iranian actor that we've taken action against … Mint Sandstorm targeted Donald Trump's campaign leading up to the most recent US election and hacked some senior advisers,” said Mr Masada.
In addition to sharing information with the hack victims and the US government, Mr Masada said Microsoft's digital crimes unit provided a criminal referral to the US Department of Justice, which later indicted three Iranians accused of the nefarious cyber activity.
The three men were allegedly employed by Iran’s Islamic Revolutionary Guard Corps, and their activities included a range of targets − including government officials, members of the media and non-governmental organisations, according to Justice Department.
Iran denied any involvement in Mint Sandstorm, yet the name, which originated from Microsoft, largely caught on.
“We do this purely to make it easy for professionals in the [cyber security] field to understand it all,” said Andrew Conway, vice president of security marketing at Microsoft.
“We associated a certain type of weather with a particular threat actor and then we made up modifiers for the types of weather,” he explained. One Russian group was given the name Midnight Blizzard.'
“We don't do this to glorify or try to make things cool, it's done for information design … we were expanding the number of threat actors that we tracked and we needed a hierarchy in which to refer to them,” said Mr Conway.
Microsoft has gone from tracking approximately 300 nefarious cyber crime groups to more than 1,500, he said.
Mr Conway said that although this naming convention seems to be catching on outside of Microsoft to some extent, not all companies, governments and organisations use the same naming system.
“There's no global standard for it,” he said.
Meanwhile, according to Microsoft, by 2028, estimates show that approximately $13 trillion could be lost to cyber crime tactics.
To blunt such cyber attacks, the Microsoft's cyber crime centre seeks to utilise security response experts from across the company to help protect, detect and respond to threats around the world.
It also uses AI to quicken the process of identifying potential threats or vulnerabilities as they come in.
Inside the cyber crime facility, there are specific offices occasionally used by the FBI, Secret Service and Department of Homeland Security to expedite investigations and collaboration efforts, depending on the cyber crime threats.
“We're increasingly seeing the blurring of lines where nation-state threat actors are becoming more sophisticated,” Mr Masada said.
“Microsoft, effectively, is a security company at this point in time,” he added, noting that besides ample technical and cyber security experts, the company also uses lawyers, investigators, data analysts and business professionals to blunt and prevent cyber crime.
According to the company, its digital crimes unit has disrupted 30 malware families, nation-state threat actors and distributors of malicious tools through civil actions resulting in the “rescue of more than 500 million victim devices”.
HERO%20CUP%20TEAMS
%3Cp%3E%3Cstrong%3E%3Cins%3EContinental%20Europe%3Cbr%3E%3C%2Fins%3E%3C%2Fstrong%3EFrancesco%20Molinari%20(c)%3Cbr%3EThomas%20Detry%3Cbr%3ERasmus%20Hojgaard%3Cbr%3EAdrian%20Meronk%3Cbr%3EGuido%20Migliozzi%3Cbr%3EAlex%20Noren%3Cbr%3EVictor%20Perez%3Cbr%3EThomas%20Pieters%3Cbr%3ESepp%20Straka%3Cbr%3EPlayer%20TBC%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3E%3Cins%3EGreat%20Britain%20%26amp%3B%20Ireland%3C%2Fins%3E%3C%2Fstrong%3E%3Cbr%3ETommy%20Fleetwood%20(c)%3Cbr%3EEwen%20Ferguson%3Cbr%3ETyrrell%20Hatton%3Cbr%3EShane%20Lowry%3Cbr%3ERobert%20MacIntyre%3Cbr%3ESeamus%20Power%3Cbr%3ECallum%20Shinkwin%3Cbr%3EJordan%20Smith%3Cbr%3EMatt%20Wallace%3Cbr%3EPlayer%20TBC%3C%2Fp%3E%0A
SPECS
%3Cp%3E%0D%3Cstrong%3EEngine%3A%3C%2Fstrong%3E%204.0-litre%20twin-turbo%20V8%0D%3Cbr%3E%3Cstrong%3EPower%3A%3C%2Fstrong%3E%20750hp%20at%207%2C500rpm%0D%3Cbr%3E%3Cstrong%3ETorque%3A%3C%2Fstrong%3E%20800Nm%20at%205%2C500rpm%0D%3Cbr%3E%3Cstrong%3ETransmission%3A%3C%2Fstrong%3E%207%20Speed%20dual-clutch%20auto%0D%0D%3Cbr%3E%3Cstrong%3ETop%20speed%3A%3C%2Fstrong%3E%20332kph%0D%3Cbr%3E%3Cstrong%3EFuel%20consumption%3A%3C%2Fstrong%3E%2012.2L%2F100km%0D%3Cbr%3E%3Cstrong%3EOn%20sale%3A%20%3C%2Fstrong%3EYear%20end%0D%3Cbr%3E%3Cstrong%3EPrice%3A%3C%2Fstrong%3E%20From%20Dh1%2C430%2C000%20(coupe)%3B%20From%20Dh1%2C566%2C000%20(Spider)%3C%2Fp%3E%0A
Keep it fun and engaging
Stuart Ritchie, director of wealth advice at AES International, says children cannot learn something overnight, so it helps to have a fun routine that keeps them engaged and interested.
“I explain to my daughter that the money I draw from an ATM or the money on my bank card doesn’t just magically appear – it’s money I have earned from my job. I show her how this works by giving her little chores around the house so she can earn pocket money,” says Mr Ritchie.
His daughter is allowed to spend half of her pocket money, while the other half goes into a bank account. When this money hits a certain milestone, Mr Ritchie rewards his daughter with a small lump sum.
He also recommends books that teach the importance of money management for children, such as The Squirrel Manifesto by Ric Edelman and Jean Edelman.
Nepotism is the name of the game
Salman Khan’s father, Salim Khan, is one of Bollywood’s most legendary screenwriters. Through his partnership with co-writer Javed Akhtar, Salim is credited with having paved the path for the Indian film industry’s blockbuster format in the 1970s. Something his son now rules the roost of. More importantly, the Salim-Javed duo also created the persona of the “angry young man” for Bollywood megastar Amitabh Bachchan in the 1970s, reflecting the angst of the average Indian. In choosing to be the ordinary man’s “hero” as opposed to a thespian in new Bollywood, Salman Khan remains tightly linked to his father’s oeuvre. Thanks dad.
IF YOU GO
The flights: FlyDubai offers direct flights to Catania Airport from Dubai International Terminal 2 daily with return fares starting from Dh1,895.
The details: Access to the 2,900-metre elevation point at Mount Etna by cable car and 4x4 transport vehicle cost around €57.50 (Dh248) per adult. Entry into Teatro Greco costs €10 (Dh43). For more go to www.visitsicily.info
Where to stay: Hilton Giardini Naxos offers beachfront access and accessible to Taormina and Mount Etna. Rooms start from around €130 (Dh561) per night, including taxes.
WOMAN AND CHILD
Director: Saeed Roustaee
Starring: Parinaz Izadyar, Payman Maadi
Rating: 4/5
Dirham Stretcher tips for having a baby in the UAE
Selma Abdelhamid, the group's moderator, offers her guide to guide the cost of having a young family:
• Buy second hand stuff
They grow so fast. Don't get a second hand car seat though, unless you 100 per cent know it's not expired and hasn't been in an accident.
• Get a health card and vaccinate your child for free at government health centres
Ms Ma says she discovered this after spending thousands on vaccinations at private clinics.
• Join mum and baby coffee mornings provided by clinics, babysitting companies or nurseries.
Before joining baby classes ask for a free trial session. This way you will know if it's for you or not. You'll be surprised how great some classes are and how bad others are.
• Once baby is ready for solids, cook at home
Take the food with you in reusable pouches or jars. You'll save a fortune and you'll know exactly what you're feeding your child.
Avatar%20(2009)
%3Cp%3E%3Cstrong%3EDirector%3A%20%3C%2Fstrong%3EJames%20Cameron%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EStars%3A%20%3C%2Fstrong%3ESam%20Worthington%2C%20Zoe%20Saldana%2C%20Sigourney%20Weaver%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ERating%3A%20%3C%2Fstrong%3E3%2F5%3C%2Fp%3E%0A
Learn more about Qasr Al Hosn
In 2013, The National's History Project went beyond the walls to see what life was like living in Abu Dhabi's fabled fort:
Which honey takes your fancy?
Al Ghaf Honey
The Al Ghaf tree is a local desert tree which bears the harsh summers with drought and high temperatures. From the rich flowers, bees that pollinate this tree can produce delicious red colour honey in June and July each year
Sidr Honey
The Sidr tree is an evergreen tree with long and strong forked branches. The blossom from this tree is called Yabyab, which provides rich food for bees to produce honey in October and November. This honey is the most expensive, but tastiest
Samar Honey
The Samar tree trunk, leaves and blossom contains Barm which is the secret of healing. You can enjoy the best types of honey from this tree every year in May and June. It is an historical witness to the life of the Emirati nation which represents the harsh desert and mountain environments
BIGGEST CYBER SECURITY INCIDENTS IN RECENT TIMES
SolarWinds supply chain attack: Came to light in December 2020 but had taken root for several months, compromising major tech companies, governments and its entities
Microsoft Exchange server exploitation: March 2021; attackers used a vulnerability to steal emails
Kaseya attack: July 2021; ransomware hit perpetrated REvil, resulting in severe downtime for more than 1,000 companies
Log4j breach: December 2021; attackers exploited the Java-written code to inflitrate businesses and governments
AIDA%20RETURNS
%3Cp%3E%3Cstrong%3EDirector%3A%20%3C%2Fstrong%3ECarol%20Mansour%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EStarring%3A%20%3C%2Fstrong%3EAida%20Abboud%2C%20Carol%20Mansour%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ERating%3A%3C%2Fstrong%3E%203.5.%2F5%3C%2Fp%3E%0A
More from Rashmee Roshan Lall
