How APT Naming Conventions Make Us Less Safe

Advanced persistent threat (APT) naming conventions, while intended to identify threat actors and campaigns, have become overly specific and confusing. This practice creates artificial subdivisions within larger organizations, leading to a false sense of security among defenders who focus on specific tactics, techniques, and procedures (TTPs) rather than the broader threat posed by an entire adversary organization. To improve cybersecurity, the industry should adopt standardized, clear nomenclature and focus on defending against entire adversary organizations rather than individual subgroups.