The year 2023 marked a pivotal one for the National Security Agency (NSA) as it continued to adapt to the ever-changing world of cybersecurity. To recap the key initiatives, successes and partnerships that took place this year, the agency released the 2023 Cybersecurity Year in Review report.
Here are a few of the key takeaways.
Exposing and Mitigating Foreign Threats
One of the significant highlights of 2023 was NSA’s collaboration with key industry partners to identify a People’s Republic of China (PRC) state-sponsored cyber actor targeting U.S. critical infrastructure. Through coordinated efforts, NSA publicly released the “People’s Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection” joint Cybersecurity Advisory.
Additionally, NSA, alongside USCYBERCOM, the FBI, and international cybersecurity agencies, identified and attributed the Snake malware tool to a known unit within Russia’s Federal Security Service. This global collaboration across North America, South America, Europe, Africa, Asia, and Australia showcased the effectiveness of joint efforts in countering sophisticated cyber threats.
Partnering With Industry and Defending the Defense Industrial Base
Recognizing the significance of defending the Defense Industrial Base (DIB), NSA intensified its collaboration with DIB companies, both large and small. With over 70% of the DIB made up of small businesses, NSA provided crucial cybersecurity services, leveraging its decades of expertise in code-making and code-breaking.
In 2023, NSA expanded its cybersecurity service enrollment by almost 400%, extending assistance to more than 600 companies. The Enduring Security Framework released six security products addressing threats within the communications, DIB, and information technology critical infrastructure sectors. These products addressed challenges associated with 5G, identity and access management, and the software supply chain.
Scaling Innovative Pilots
2023 also saw the launch of four innovative pilots focusing on cloud security, threat hunting, phishing protection, and autonomous penetration testing. These pilots aimed to assess the effectiveness, scalability, and cost-effectiveness of leveraging automated tools and AI to identify and mitigate digital vulnerabilities.
Securing Artificial Intelligence (AI) and Establishing Standards
NSA’s focus on securing AI capabilities within national security systems led to the establishment of the AI Security Center. Engaging leaders from U.S. industry, national labs, academia, and the Intelligence Community, this center aimed to promote secure development, integration, and adoption of AI.
As the cybersecurity landscape continues to evolve, the NSA remains at the forefront, adapting and scaling its impact to safeguard national security and critical infrastructure.
Read the full report here.