[NEWS] Dai Nippon Printing develops cyber attack response exercise using metaverse

Dai Nippon Printing announced on the 28th of last month that it has developed a cyberattack response exercise that utilizes the metaverse, called the "Organizational Collaboration Course - Metaverse Exercise."

Aimed at corporate executives, the course will teach how to respond to security incidents (threats) and how to collaborate across multiple departments in the metaverse, a virtual space on the Internet.

In this exercise, four members of the team who will be responsible for issuing response instructions in the event of an incident will each take their own role and carry out the exercise on the metaverse.

Dai Nippon Printing began accepting applications for the course on the same day. It is scheduled to be offered as a new course on the Cyber ​​Knowledge Academy, a cybersecurity human resources development service, from November 8th.

Coincidentally, on the 28th, at a regular press conference, National Police Agency Commissioner General Yasuhiro Tsuyuki revealed the existence of a Chinese-backed cyberattack group called "BlackTeck" and warned about cyberattacks targeting confidential information of Japanese companies.

International cyber attacks such as Black Tech require investigative cooperation between foreign authorities and the National Police Agency, and the National Police Agency's Cyber ​​Special Investigation Unit has made it clear that it will focus even more on countermeasures against attacks, but it is essential that each targeted corporate entity also takes defensive measures.

Black Tech has previously carried out cyber attacks on government agencies and telecommunications companies in East Asia, including Japan, and the United States. Japanese companies in particular have been repeatedly criticized by the FBI for their weak cybersecurity, and confidential information has been stolen.

For example, Black Tech is suspected of being involved in the attack on Mitsubishi Electric, which was discovered in 2020 and allegedly leaked files of defense-related data from the Ministry of Defense, and the unauthorized access to Fujitsu's information sharing tool in 2021. There have been countless information leaks at other small and medium-sized enterprises, and it is said that Black Tech is involved in some of these.

Dai Nippon Printing points out that when an incident occurs, it is necessary for multiple departments to cooperate, make decisions, and take action, not only in the information systems department responsible for IT systems, but also in the business department responsible for deciding whether to continue the affected business, and the public relations department responsible for explaining the situation to stakeholders.

In particular, he urged that tabletop exercises, which envision the damage caused by cyber attacks, are essential for decision-makers in each organization to take appropriate action, just like disaster prevention and evacuation drills.

Since 2016, Dai Nippon Printing has been running the Cyber ​​Knowledge Academy to train cybersecurity personnel.

The company has provided education for practitioners such as CSIRT (Computer Security Incident Response Team) and information security exercises for management, but this time it will apply that knowledge and know-how to the metaverse.

This will also combine the strengths of role-playing metaverse construction services, making it possible to learn in a practical way.

Reference:Announcement
Image: Quoted from the announcement