APT & Threat Actor Lists & Profiles

Chad Warner
2 min readApr 21, 2022

--

Companies use different names for the same threat actors (a broad term including APTs and other malicious actors). They follow different naming conventions; CrowdStrike uses animals (e.g., Wizard Spider), Microsoft uses weather types (e.g., Midnight Blizzard), Mandiant uses numbers (e.g., APT38), etc.

Photo by Bernd Dittrich on Unsplash

This can be confusing to cyber threat intel analysts, so when tracking and researching threat actors, it’s useful to have lists that give their various names (aliases).

It’s a bonus if the lists provide profiles with additional info about the actors, such as targeted nations, targeted industries, malware used, notable campaigns, and other TTPs.

Here are a few such lists. If you know of others, please let me know!

Here are a few lists from InfoSec companies. They’re specific to those companies, so they don’t provide aliases, but they do provide additional info.

--

--

Chad Warner
Chad Warner

Written by Chad Warner

Web Strategist at OptimWise. Cybersecurity & privacy enthusiast. Bookworm. Fan of Tolkien & LEGO.

No responses yet