"In the cyber security industry, however, marketing is everything. Names are chosen to invoke a visceral reaction and to promote fear. That fear helps to turn people towards expensive high-tech security products."

"Often, the high-tech services that the cyber security sector sells protect the front door, while offenders continue to sneak in the back one using low-tech methods."

This isn't just in infosec. The myth of the auteur is common across jobs that rely on groups of people. There is always someone willing to claim singular or outsize credit for something that is a collaborative, iterative, communal endeavour. See: CEOs.

What is this drivel? This is a half-baked article that should be called "Here's some names of two hacker groups and a barely-formed thought about naming hacking groups."

There’s a lot of (misconceptions/blatant falsehoods(?)) in this article but one I want to focus on is in this statement:

"Often, the high-tech services that the cyber security sector sells protect the front door, while offenders continue to sneak in the back one using low-tech methods."

A major part of Crowdstrikes offering is meant to detect/combat this kind of initial access. In fact most of the companies I’ve worked with have had an offering devoted to it as it’s considered pretty basic.

Additionally the names given to these threat actors aren’t meant to be creative. They follow a convention determined by the intelligence gathering company involved. In this case Spider = criminals (not a nation state actor). Sometimes the first part might be based on some kind of hallmark of the group.