The National Security Agency’s domain security service blocked 10 billion user connections to known malicious or suspicious domains, the agency notes in an annual report.
Published on Tuesday, the NSA’s 2023 Cybersecurity Year in Review report (PDF) details the agency’s efforts in cybersecurity and its work with government partners, foreign partners, and defense industrial base (DIB) entities to improve national security.
The NSA’s cybersecurity efforts mainly focus on protecting national security systems (NSS), which contain classified information or are critical to US military and intelligence, the Department of Defense (DoD) services and agency networks, and DIB organizations (DoD contractors).
“NSA’s efforts to help secure the nation’s most sensitive systems also help your cybersecurity because NSA cascades these solutions through public guidance and engages with key technology providers to help them bolster the security of their products and services,” the agency notes.
The NSA also says that the no-cost cybersecurity services it offers to DoD contractors have seen a 400% adoption this year, with the number of enrolled organizations surpassing 600. Small businesses, including organizations with limited resources, represent more than 70% of the current DIB.
In 2023, the NSA released six security products tackling threats to communications, DIB, and information technology sectors. The documents cover the supply chain, 5G network security, and identity and access management.
This year, the NSA also improved its vulnerability scanning program, which resulted in 1.3 million security defects being flagged, inventoried over 300,000 internet-accessible assets for the participating DIB entities, and issued more than 500 partner vulnerability notifications.
Along with the cybersecurity industry, the agency is tracking roughly 70 unique clusters of known state-sponsored activity, and has uncovered multiple nation-state campaigns specifically targeting DIB, including some targeting zero-day vulnerabilities.
The NSA is also promoting the secure development, adoption, and integration of artificial intelligence (AI), through a newly established AI Security Center, which will also focus on understanding how adversaries use and target AI.
This year, the agency continued to provide cybersecurity advisories to the public, to publish indicators-of-compromise (IoCs) associated with observed malicious activity, to execute the US government’s strategy to migrate vulnerable cryptographic systems to quantum-resistant cryptography, and to research and enhance its cyber warfare capabilities.
“NSA’s principles and values, along with our culture of compliance and protection of privacy and civil liberties, have served as the foundation for the cybersecurity successes detailed in this report and will continue to serve as the bedrock of NSA in the future,” said Gen. Paul Nakasone, head of the NSA and US Cyber Command.
Related: NSA Issues Guidance on Incorporating SBOMs to Improve Cybersecurity
Related: NSA Publishes ICS/OT Intrusion Detection Signatures and Analytics
Related: US, UK Cybersecurity Agencies Publish AI Development Guidance
