NTT-CERT's 2023 Annual Cyber Security Report

The NTT Group has a long-established tradition of leadership in the cybersecurity space. A key component of this is through the activities of NTT-CERT, which was established in 2004 with the goal of acting as NTT’s Computer Security Incident Response Team. The activities of NTT-CERT however go way beyond purely providing incident response, with a significant component of its work being focused on research and development.

Being part of NTT’s Social Informatics Laboratories, a major portion of NTT-CERT’s work is comprised of research which aims to build a body of knowledge which can be used to prevent breaches, more rapidly detect threats which do manage to circumvent controls and aid in performing incident response where this is required. The unparalleled access to security telemetry and malware samples available for analysis as a result of the scale of the NTT Group places NTT-CERT in a unique position in terms of its access to the data required for detailed analysis of the activities of threat actors around the entire globe. The incredibly diverse security requirements of the NTT Group also place NTT-CERT in a privileged position through its work in evaluating the latest security technologies and tools for use in the NTT Group.

In its latest Cybersecurity Report, NTT-CERT provides a window into its research, developments in the cybersecurity space and its own efforts in protecting the security of the NTT Group. This report is set against a backdrop of growing international tension and conflict. Conflicts such as the war in Ukraine are increasingly becoming hybrid conflicts where cyber attacks play a significant role. In a similar way the tensions between the US and China, which are deepening as a result of sanctions on Chinese companies, have also spilled into the cyber domain. At the same time, technologies such as generative AI are increasingly being used both to perpetrate cyber attacks and to defend against them.

It is against this backdrop that chapter 2 of the report focuses on cybersecurity incidents which occurred over the reporting period, referring to articles, reports and information related to specific incidents. Special areas of focus include an analysis of the ransomware ecosystem and discussion of software supply chain issues, with specific emphasis on concerns relating to the open source ecosystem and especially risks related to source code hosted in GitHub.

Chapter 3 of the report focuses on the incident response activities of NTT-CERT, providing an analysis of selected incidents and their resolution. A notable highlight is a review of the cybersecurity services provided for the G7 Hiroshima summit by NTT West.

Chapter 4 rounds up by discussing some of the key trends which are developing in the security space. This discussion starts with a view of the bleed over into the cyber arena from Russia’s invasion of Ukraine. Focusing more on technology, chapter 4 analyzes attack methods using Microsoft OneNote and the rapidly developing exploitation of generative AI in cyber attacks.

To secure your own detailed window into the work of NTT-CERT, download your copy of the 2023 Cyber Security Report now.