Companies partner to create a who's who of hackers, and other cybersecurity news

A collective of tech companies is working on a public glossary of cybercriminals and state-sponsored hacking groups to streamline naming conventions and reduce confusion caused by unofficial nicknames, reports Reuters.

Microsoft, Google, CrowdStrike and Palo Alto have teamed up to create the who's who, and hope to bring the US government and other partners into the effort to unlock the coded world of cybercrime, Reuters reports.

“We do believe this will accelerate our collective response and collective defence against these threat actors,” said Microsoft Security's Corporate Vice President, Vasu Jakkal.

Cybersecurity companies have long given code names to different groups of cybercriminals, because it's not always clear which country they originate from.

The names have varied from functional letter and number combinations, such as the “TA453” group tracked by Proofpoint, to Microsoft's recent, more descriptive nicknames, including “Lemon Sandstorm” and “Sangria Tempest”.

In 2016, a total of 48 alternate names were attributed to two Russian groups of hackers known officially as Advanced Persistent Threat (APT) 29 and APT28, which included Energetic Bear, Crouching Yeti and SOURFACE.

In February, Microsoft released details of its new naming conventions, which assigns a meteorological term to each country:

The EU will strengthen its support for business and government against cyber threats, according to the head of its cybersecurity agency.

Juhan Lepassaar, Executive Director of Enisa told the Financial Times, the EU needed to "step up our game" after an incident in April showed the bloc was reliant on US cyber infrastructure.

“We just haven’t had the global system so far, which relies to a large extent on capabilities in the United States,” he said. “We as Europe are ready to take part in strengthening the global vulnerability framework.”

The EU Council adopted a revised cyber crisis management Blueprint on 6 June.

It comes as Microsoft offered a free cybersecurity programme to European governments to strengthen their defences against cyber threats, particularly those enhanced by AI.

"If we can bring more to Europe of what we have developed in the United States, that will strengthen cybersecurity protection for more European institutions," Microsoft President Brad Smith told Reuters.

Japan has passed the landmark Active Cyber Defence Law (ACD) to counter cyberattacks from criminal gangs and state-sponsored hackers, marking a shift from its pacifist constitution.

Luxury jewellery company Cartier has told customers its website has been hacked and 'limited' client data stolen, Reuters reports.

It follows other high-profile cyberattacks against retailers, including Victoria's Secret and Marks & Spencer, which resumed online orders on 10 June, seven weeks after an attack, set to cost the British company up to £300 million.

On 9 June, United Natural Foods, which supplies Whole Foods and other retailers in the US, warned of disruption after it too was targeted by a cyberattack, according to TechCrunch.

The US has imposed sanctions on a company called Funnull accused of providing infrastructure to cyber gangs for 'pig butchering' crypto scams, leading to $200 million of losses to US citizens.

France and Viet Nam have signed a defence deal worth $10 billion that will include greater cooperation on cybersecurity.

AI is becoming a powerful shield and a potential attack vector for cybersecurity, presenting an opportunity to resolve vulnerabilities before code is ever deployed. According to Nataly Kremer, Chief Product Officer, Check Point Software Technologies, agentic AI has the potential to establish a new era of cyber resilience, but only if we seize this moment and shape the future of cybersecurity together.

Freight forwarders are accelerating digitalization to boost efficiency, but this also increases vulnerability to cyber threats, write the Forum's Margi Van Gogh, Luna Rohland and Stéphane Graber, Director General of the International Federation of Freight Forwarders Associations (FIATA). Ransomware attacks show how even short disruptions can ripple through supply chains, especially impacting small and medium-sized forwarders. FIATA is leading efforts to strengthen cyber resilience through practical guidance, training and tools for the global freight forwarding community.

Space tech supports critical services, such as telecommunications, GPS and finance. The Forum's cyber resilience specialists, Luna Rohland and Chiara Barbeschi, explore how, as space operations become more digital, driving innovation, they also introduce new cyber risks with potentially catastrophic consequences. While global, regional and national initiatives are addressing these risks, more collaboration is needed to strengthen cyber resilience in space.