There are those out there who think the use of a humorous naming convention for malicious activity is perfectly fine.
This is not the first time this kerfuffle has arisen, and it likely won’t be the last. Calls to adopt some sort of widely accepted and universally understood non-comedic nomenclature have so far failed to gain traction, though it’s a practice that has worked in proto-cyber for decades (you don’t chuckle as much, but you can still remember who is who).
Asking commercial entities to give up one of their key marketing tools isn’t likely to win over any fans (and is a clear sign as to the true value such firms place on CTI, which is to say ‘loss leader’). And in a community where a good deal of the residents take pride in being a little counter-culture the idea that you might have to adult-up your work is sacrilege.
Apparently calling things Saucy Groundhog or Earthworm Genitals helps people keep track of malicious activity. There is a LOT of malicious activity going around so every little bit helps, but that’s really where the value stops. As long as all you care about is the tactical aspects of this work, and your own parochial interests, there is no point worrying about any broader implications of your decisions.
But by definition the tactical is right-of-boom. Its mole whacking. If the job is improving an entity’s cybersecurity, then being cute or funny isn’t helpful because the people who really make decisions about how secure an enterprise is going to be don’t get the joke. Those are strategic decisions made by people who wear suits and ties (or embroidered fleece vests). As the source article points out, they view the world through a different set of lenses than people who use the command line. If you insist on doing things your way, you’re not really helping the organization, you’re just reinforcing a prejudice they have against what they see as, in the immortal words of Logan Roy, not serious people.
What’s the difference between a story in the news today about a hacking event and one from 20 years ago? The date and by-line. Check back in four or five years and if we’re still arguing about Fuzzy Peaches APT, ask yourself if maybe the suits have a point and that a modicum of adulting is justified if it helps us make progress.