Keeping track of people determined to wreak havoc through computer hacks and cyber crime isn’t easy, but Microsoft officials say naming the groups is a small but important step in stopping them.
Microsoft explained its naming system for nation-state-affiliated threat entities during The National's exclusive tour of the company's cyber crime centre in Redmond, Washington.
Mint Sandstorm, Storm-2035, Sefid Flood, Salt Typhoon, Cotton Sandstorm and Taizi Flood are just a few of the many names given to groups operating out of Iran, China, Russia and North Korea, which Microsoft told The National are home to some of the most active actors in the nation-state cyber crime space.
“We used to track everything as an element from the periodic table − like barium, strontium and phosphorus,” said Steven Masada, assistant general counsel of Microsoft's digital crimes unit, which leads the company's efforts to combat cyber crime around the world.
Mr Masada, who also served as assistant US attorney for the western district of Washington state, said that due to the sheer number of hacker and cyber crime groups around the world, Microsoft ran out of elements from the periodic table.
“So, we switched to the storm system, which despite some naysayers, has really caught on,” he added.
“Sleet is North Korea, Typhoon is China, Sandstorm is Iran and Blizzard is Russia,” Mr Masada continued, saying that once Microsoft researches the cyber criminals from various countries and their differing techniques, they add more details to the name, such as Mint Sandstorm, which was given to a nation-state nefarious computer cyber crime actor originating out of Iran.
For groups that aren't necessarily nation-state affiliated, Mr Masada said that other names are given.
“We use the word 'tempest' for financially motivated groups … there's one called Vanilla Tempest, which is an incredibly active ransomware group.
He added that any group with the word “flood” included in the name, is likely a disinformation or influence operation group.
Mr Masada said around the world there has been a significant increase in nation-state actor cyber crime activity. The 2024 US presidential election, coupled with the Israel-Gaza war, saw an uptick in cyber crime efforts based out of Iran.
“One example is Mint Sandstorm, it's an Iranian actor that we've taken action against … Mint Sandstorm targeted Donald Trump's campaign leading up to the most recent US election and hacked some senior advisers,” said Mr Masada.
In addition to sharing information with the hack victims and the US government, Mr Masada said Microsoft's digital crimes unit provided a criminal referral to the US Department of Justice, which later indicted three Iranians accused of the nefarious cyber activity.
The three men were allegedly employed by Iran’s Islamic Revolutionary Guard Corps, and their activities included a range of targets − including government officials, members of the media and non-governmental organisations, according to Justice Department.
Iran denied any involvement in Mint Sandstorm, yet the name, which originated from Microsoft, largely caught on.
“We do this purely to make it easy for professionals in the [cyber security] field to understand it all,” said Andrew Conway, vice president of security marketing at Microsoft.
“We associated a certain type of weather with a particular threat actor and then we made up modifiers for the types of weather,” he explained. One Russian group was given the name Midnight Blizzard.'
“We don't do this to glorify or try to make things cool, it's done for information design … we were expanding the number of threat actors that we tracked and we needed a hierarchy in which to refer to them,” said Mr Conway.
Microsoft has gone from tracking approximately 300 nefarious cyber crime groups to more than 1,500, he said.
Mr Conway said that although this naming convention seems to be catching on outside of Microsoft to some extent, not all companies, governments and organisations use the same naming system.
“There's no global standard for it,” he said.
Meanwhile, according to Microsoft, by 2028, estimates show that approximately $13 trillion could be lost to cyber crime tactics.
To blunt such cyber attacks, the Microsoft's cyber crime centre seeks to utilise security response experts from across the company to help protect, detect and respond to threats around the world.
It also uses AI to quicken the process of identifying potential threats or vulnerabilities as they come in.
Inside the cyber crime facility, there are specific offices occasionally used by the FBI, Secret Service and Department of Homeland Security to expedite investigations and collaboration efforts, depending on the cyber crime threats.
“We're increasingly seeing the blurring of lines where nation-state threat actors are becoming more sophisticated,” Mr Masada said.
“Microsoft, effectively, is a security company at this point in time,” he added, noting that besides ample technical and cyber security experts, the company also uses lawyers, investigators, data analysts and business professionals to blunt and prevent cyber crime.
According to the company, its digital crimes unit has disrupted 30 malware families, nation-state threat actors and distributors of malicious tools through civil actions resulting in the “rescue of more than 500 million victim devices”.
GAC GS8 Specs
Engine: 2.0-litre 4cyl turbo
Power: 248hp at 5,200rpm
Torque: 400Nm at 1,750-4,000rpm
Transmission: 8-speed auto
Fuel consumption: 9.1L/100km
On sale: Now
Price: From Dh149,900
Zakat definitions
Zakat: an Arabic word meaning ‘to cleanse’ or ‘purification’.
Nisab: the minimum amount that a Muslim must have before being obliged to pay zakat. Traditionally, the nisab threshold was 87.48 grams of gold, or 612.36 grams of silver. The monetary value of the nisab therefore varies by current prices and currencies.
Zakat Al Mal: the ‘cleansing’ of wealth, as one of the five pillars of Islam; a spiritual duty for all Muslims meeting the ‘nisab’ wealth criteria in a lunar year, to pay 2.5 per cent of their wealth in alms to the deserving and needy.
Zakat Al Fitr: a donation to charity given during Ramadan, before Eid Al Fitr, in the form of food. Every adult Muslim who possesses food in excess of the needs of themselves and their family must pay two qadahs (an old measure just over 2 kilograms) of flour, wheat, barley or rice from each person in a household, as a minimum.
What is an ETF?
An exchange traded fund is a type of investment fund that can be traded quickly and easily, just like stocks and shares. They come with no upfront costs aside from your brokerage's dealing charges and annual fees, which are far lower than on traditional mutual investment funds. Charges are as low as 0.03 per cent on one of the very cheapest (and most popular), Vanguard S&P 500 ETF, with the maximum around 0.75 per cent.
There is no fund manager deciding which stocks and other assets to invest in, instead they passively track their chosen index, country, region or commodity, regardless of whether it goes up or down.
The first ETF was launched as recently as 1993, but the sector boasted $5.78 billion in assets under management at the end of September as inflows hit record highs, according to the latest figures from ETFGI, a leading independent research and consultancy firm.
There are thousands to choose from, with the five largest providers BlackRock’s iShares, Vanguard, State Street Global Advisers, Deutsche Bank X-trackers and Invesco PowerShares.
While the best-known track major indices such as MSCI World, the S&P 500 and FTSE 100, you can also invest in specific countries or regions, large, medium or small companies, government bonds, gold, crude oil, cocoa, water, carbon, cattle, corn futures, currency shifts or even a stock market crash.
'Skin'
Dir: Guy Nattiv
Starring: Jamie Bell, Danielle McDonald, Bill Camp, Vera Farmiga
Rating: 3.5/5 stars
Abramovich London
A Kensington Palace Gardens house with 15 bedrooms is valued at more than £150 million.
A three-storey penthouse at Chelsea Waterfront bought for £22 million.
Steel company Evraz drops more than 10 per cent in trading after UK officials said it was potentially supplying the Russian military.
Sale of Chelsea Football Club is now impossible.
Profile
Company: Justmop.com
Date started: December 2015
Founders: Kerem Kuyucu and Cagatay Ozcan
Sector: Technology and home services
Based: Jumeirah Lake Towers, Dubai
Size: 55 employees and 100,000 cleaning requests a month
Funding: The company’s investors include Collective Spark, Faith Capital Holding, Oak Capital, VentureFriends, and 500 Startups.
The rules on fostering in the UAE
A foster couple or family must:
- be Muslim, Emirati and be residing in the UAE
- not be younger than 25 years old
- not have been convicted of offences or crimes involving moral turpitude
- be free of infectious diseases or psychological and mental disorders
- have the ability to support its members and the foster child financially
- undertake to treat and raise the child in a proper manner and take care of his or her health and well-being
- A single, divorced or widowed Muslim Emirati female, residing in the UAE may apply to foster a child if she is at least 30 years old and able to support the child financially
Iftar programme at the Sheikh Mohammed Centre for Cultural Understanding
Established in 1998, the Sheikh Mohammed Centre for Cultural Understanding was created with a vision to teach residents about the traditions and customs of the UAE. Its motto is ‘open doors, open minds’. All year-round, visitors can sign up for a traditional Emirati breakfast, lunch or dinner meal, as well as a range of walking tours, including ones to sites such as the Jumeirah Mosque or Al Fahidi Historical Neighbourhood.
Every year during Ramadan, an iftar programme is rolled out. This allows guests to break their fast with the centre’s presenters, visit a nearby mosque and observe their guides while they pray. These events last for about two hours and are open to the public, or can be booked for a private event.
Until the end of Ramadan, the iftar events take place from 7pm until 9pm, from Saturday to Thursday. Advanced booking is required.
For more details, email openminds@cultures.ae or visit www.cultures.ae
Stormy seas
Weather warnings show that Storm Eunice is soon to make landfall. The videographer and I are scrambling to return to the other side of the Channel before it does. As we race to the port of Calais, I see miles of wire fencing topped with barbed wire all around it, a silent ‘Keep Out’ sign for those who, unlike us, aren’t lucky enough to have the right to move freely and safely across borders.
We set sail on a giant ferry whose length dwarfs the dinghies migrants use by nearly a 100 times. Despite the windy rain lashing at the portholes, we arrive safely in Dover; grateful but acutely aware of the miserable conditions the people we’ve left behind are in and of the privilege of choice.
