Archive for Darktrace

Holiday Season Sees 30% More Attempted Ransomware Attacks Says Darktrace

Posted in Commentary with tags on December 2, 2021 by itnerd

Darktrace, a global leader in cyber security AI, today reported that its security researchers discovered a 30% increase in the average number of attempted ransomware attacks globally over the holiday season in every consecutive year from 2018 to 2020 compared to the monthly average.

The researchers also observed a 70% average increase in attempted ransomware attacks in November and December compared to January and February. Following a record number of ransomware attacks this year, the company expects the spike to be higher over the 2021 holiday period.

During the nascent 2021 holiday season, Darktrace’s AI detected and autonomously stopped an in-progress, early-stage ransomware attack on a U.S. city before any data exfiltration or encryption could occur. The city’s security team had the foresight to deploy an AI solution to combat multi-stage ransomware attacks, enabling them to stop the attackers at the earliest stage. 

Ransomware is often falsely considered an encryption problem. This misconception masks and undermines attackers’ determination and creativity to initially break into and then move around within an organisation’s digital environment first to discover, then steal and encrypt data. The break-in is often through email, but that quickly evolves to targeting servers where the data lives. Therefore, a combination of email and network security is crucial to stop these attacks. 

Powered by Self-Learning AI, Darktrace technology develops an understanding of normal business operations for each organisation. It autonomously interrupts in-progress attacks at every stage from the initial entry with sophisticated spearphishing emails to brute-forced remote desktop protocol (RDP), command-and-control, and lateral movement, all without business disruption. 

Darktrace is a global leader in cyber security AI, delivers world-class technology that protects almost 6,000 customers worldwide from advanced threats, including ransomware, and cloud and SaaS attacks. The company’s fundamentally different approach applies Self-Learning AIto enable machines to understand the business in order to autonomously defend it. Headquartered in Cambridge, UK, the company has 1,600 employees and over 30 offices worldwide. Darktrace was named one of TIME magazine’s ‘Most Influential Companies’ for 2021.

Darktrace Self-Learning AI Defends Organizations Across All 16 CISA Critical Infrastructure Sectors 

Posted in Commentary with tags on October 15, 2021 by itnerd

Darktrace today announced that its Self-Learning AI is defending organizations across  all 16 critical infrastructure sectors designated by the Cybersecurity and Infrastructure Security Agency (CISA)

Within CISA, the Office of Infrastructure Protection leads efforts to manage risks to critical infrastructure,  deeming them  ”essential to the economy, security, and sustainment of the American way of life.” Self-Learning AI has proved crucial in this mission. It augments human teams and takes autonomous action to detect and respond to threats against the country’s most sensitive systems and critical data—at the earliest stages of an attack. 

Self-Learning AI works by constantly evolving its understanding of both IT and operational technologies, allowing it to identify the subtle, emerging signs of a cyber-threat and take targeted action to interrupt encroaching attacks. These real-time alerts enable critical infrastructure organizations to continue business operations without disruption. 

The technology also allows defenders of critical infrastructure to achieve the Biden Administration’s goals outlined in the  National Security Memorandum on Protecting Critical Infrastructure Control Systems — namely threat visibility, indications, detections, warnings, and facilitating response. 

Darktrace Self-Learning AI has successfully fought back against insider threats, supply chain attacks, zero-day exploits, APTs as well as state-sponsored attacks across U.S. critical infrastructure industries. 

In  May 2021, hackers hit Colonial Pipeline with ransomware, forcing the company to halt the pipeline’s total operations to contain the attack. In the same month, Darktrace AI detected, investigated, and contained a double extortion ransomware attack on a water and wastewater organization in  North America. Unlike in the case of Colonial Pipeline, the attack was interrupted before hackers could demand any ransom payment or disrupt business operations. Darktrace catches ransomware and other security threats similar to this every day across all 16 sectors. 

Darktrace AI Neutralizes IoT Attack That Threatened to Disrupt the Tokyo Olympics

Posted in Commentary with tags on September 20, 2021 by itnerd

I’ve posted a lot of bad news about companies and a variety of organizations getting pwned by hackers. But here’s a good news story for you.

As you know, one of the greatest issues in security is how to deal with high-stress scenarios when there is a significant breach – especially when it comes to a global sporting event attracting an audience in the millions. 

Threat actors often exploit the pressure of these events to cause disruption or extract hefty sums. Sporting occasions, especially Formula 1 races, the Super Bowl, and the Olympics, attract a huge deal of criminal interest.

Darktrace recently discovered a threat when a Raspberry Pi device was covertly implanted into a national sporting body directly involved in the Olympics, in an attempt to exfiltrate sensitive data. The events took place one week before the start of the Games, and a data breach at this time would have had significant ramifications for the reputation of the organization, the confidentiality of their plans, and potentially the safety of their athletes.    

Darktrace AI recognized this activity as malicious given its evolving understanding of ‘self’ for the organization, and Antigena – Darktrace’s autonomous response capability – took action at machine speed to interrupt the threat, affording the human security team the critical time they needed to catch up and neutralize the attack.  

If you’re interested, Darktrace has a blog post on how AI neutralized an IoT attack that threatened to disrupt the Tokyo Olympics. It’s a pretty interesting read.

US Goes After China For Hacking… China Hits Back

Posted in Commentary with tags , , on July 21, 2021 by itnerd

The US has taken the unusual step taking a shot at China over the hacking of Microsoft. This March, Microsoft reported that at least 30,000 customers were affected by a hack that allowed outsiders to access the firm’s email and calendar service through a software loophole previously unknown to the company. Volexity, the cybersecurity firm that first discovered the Exchange breach, and Microsoft concluded the attacks originated from China and appeared to be state-sponsored.

This has now led to the U.S. Justice Department charging four Chinese citizens from China’s secretive ministry of state security who are alleged to have hacked into the computer networks of dozens of companies, universities and government entities. China denies this:

“The U.S. ganged up with its allies and launched an unwarranted accusation against China on cybersecurity,” Chinese Foreign Ministry spokesman Zhao Lijian said Tuesday at a regular press briefing in Beijing. “It is purely a smear and suppression out of political motives. China will never accept this.”

But this is likely the beginning according to Director of Enterprise Security at Darktrace, David Masson:

“We have entered a new era of cyber-threat – attacks are increasing in speed, sophistication, and scale with malicious software like ransomware being able to encrypt an organization’s entire digital infrastructure in seconds. Even more alarmingly, geopolitical tensions are being played out in cyber battles with organizations getting caught in the crossfire.

Although it is difficult to attribute these attacks to any single nation-state, our government should take every opportunity to pressure cyber-criminals and grow international condemnation in the hopes of resetting the current state of unchecked nation and non-nation state cyber-aggression targeting countries globally. This lack of a unified strong and significant international response only further emboldens nation-state driven or sponsored cyber-attacks against the private sector and government institutions.

Canada can lead the way in putting every nation state and cybercriminal group, whether state-sponsored, supported, or simply sheltered, on notice that cyber-attacks will not only be taken extremely seriously, but that there could be a high cost where those responsible are held accountable through all levers of national power.

The priority must be protecting Canadian businesses and institutions from cyber-attacks that pose a threat to both economic and national security.”

Hopefully Canadian businesses, if not all businesses take heed of this warning.

Darktrace Reports Rapid Growth in Canada

Posted in Commentary with tags on June 23, 2021 by itnerd

Darktrace, a leading autonomous cyber security AI company, today reported that its Canadian customer base has grown substantially over the last year, as organizations across the country seek to protect themselves from increasingly sophisticated cyber-attacks. Significant customer wins in Canada include global retailer Herschel Supply Co., leading Quebec-based brokerage firm Lussier Dale Parizeau (LDP), the City of Sudbury, non-profit United Way of Calgary and Area, and Canucks Sports & Entertainment. 

Powered by self-learning Cyber AI, the Darktrace Immune System works by learning the normal ‘pattern of life’ of an organization and can interrupt in-progress attacks across increasingly complex digital infrastructures, including the cloud, email and home office environments. Organizations across the region have not only embraced AI to understand where threatening activity is happening, but also now trust the technology to stop attacks from evolving within a matter of seconds, before security teams are even at their desks.  

Darktrace is a leading autonomous cyber security AI company and the creator of Autonomous Response technology. It provides comprehensive, enterprise-wide cyber defense to over 4,700 organizations in over 100 countries, protecting the cloudemail, IoT, traditional networks, endpoints and industrial systems

A self-learning technology, Darktrace AI autonomously detects, investigates and responds to advanced cyber-threats, including insider threat, remote working risks, ransomware, data loss and supply chain vulnerabilities. The company has 1,500 employees globally, with headquarters in Cambridge, UK. Every second, Darktrace AI detects a cyber-threat, preventing it from causing damage. 

Ransomware Now Top Use Case For Autonomous Cybersecurity Technology: Darktrace

Posted in Commentary with tags on May 26, 2021 by itnerd

Darktrace today announced that ransomware is the top use case of its market-leading Autonomous Response technology, as organizations face the increased threat of machine-speed attacks. 

As sophisticated ransomware attacks continue to pose an existential risk to organizations in all sectors, Darktrace Antigena allows customers to take proportionate action to thwart all strains of ransomware, both known and unknown, in real time, avoiding costly shutdowns and business disruption. 

Powered by self-learning Cyber AI, Autonomous Response is a world-first technology that rapidly neutralizes a range of novel cyber-attacks by taking highly targeted actions, while allowing normal business operations to continue as usual. Its self-learning technology isolates only the unusual data encryption activity associated with ransomware. 

In addition, Darktrace has also announced that it has extended its Autonomous Response capability to enhance coverage of servers, allowing the AI to fight back against all forms of fast-moving attacks. 

Darktrace is a leading autonomous cyber security AI company and the creator of Autonomous Response technology. It provides comprehensive, enterprise-wide cyber defense to over 4,700 organizations in over 100 countries, protecting the cloudemail, IoT, traditional networks, endpoints and industrial systemsA self-learning technology, Darktrace AI autonomously detects, investigates and responds to advanced cyber-threats, including insider threat, remote working risks, ransomware, data loss and supply chain vulnerabilities. The company has 1,500 employees globally, with headquarters in Cambridge, UK. Every second, Darktrace AI detects a cyber-threat, preventing it from causing damage. 

Darktrace & Microsoft Partnership Extends Autonomous Cyber Defense Across The Cloud

Posted in Commentary with tags , on May 10, 2021 by itnerd

Darktrace today announced that it has joined forces with software giant Microsoft. The partnership provides mutual customers with enterprise-scale, self-learning AI that detects and autonomously responds to cyber-threats.

This collaboration amplifies Darktrace’s self-learning artificial intelligence for cyber security within Microsoft environments, including Microsoft 365 and cloud applications like Azure Sentinel. As organizations and workforces across the globe increasingly rely on cloud infrastructure and virtual collaboration tools, the partnership ensures that attacks can be thwarted by Microsoft’s solutions together with Darktrace’s autonomous Cyber AI technology.

The partnership between Microsoft and Darktrace provides enhanced security across multiplatform and multicloud environments, automates threat investigations, and enables teams to prioritize strategic tasks that matter.

The two organizations are collaborating to help organizations in a number of critical areas:

  • Cyber AI email security: Antigena Email, which uses Darktrace’s autonomous response technology to stop the most advanced email threats, is now hosted on Microsoft Azure and listed on Microsoft Azure Marketplace.
  • Simplified and streamlined security workflows: Darktrace now integrates seamlessly with Azure Sentinel, with a bespoke Workbook allowing users to send and visualize Darktrace threat alerts and automated threat investigation reports inside Sentinel.
  • Seamless data integration: Darktrace one-click integrations allow users to connect Darktrace’s AI detection capabilities to Microsoft Defender for endpoint.

You can find out more here.

Darktrace and MIT Technology Review Release Co-branded Whitepaper

Posted in Commentary with tags on April 14, 2021 by itnerd

Darktrace, a world leading cyber AI company, in collaboration with MIT Technology Review, released a whitepaper that assesses industry professionals’ views towards AI-powered attacks. At a time when cyberattacks are at an all-time high, it’s integral for companies to understand and anticipate such attacks – no matter the industry.    

The report is based on research gathered from December 2020 to January 2021 and surveyed 309 senior global business leaders; more than half were C-level executives or directors.

Key findings from the report include:  

  • How 97 per cent of respondents are concerned about AI-augmented attacks  
  • The top three reasons respondents are concerned are: 
  • Human driven response can’t keep up  
  • Security tools can’t anticipate new attacks  
  • Hiring qualified employees is difficult  
  • How 96 per cent of respondents said they had started preparing for AI- powered attacks  
  • That respondents think the top three ways AI-attacks will manifest themselves are: 
  • More advanced spear-phishing and impersonation attacks  
  • More effective ransomware  
  • Misinformation and undermining of data integrity 

The white paper is available for download here.   

Darktrace Appoints James Sporle as General Counsel

Posted in Commentary with tags on April 1, 2021 by itnerd

Darktrace, a leading autonomous cyber security AI company, today announced that it has appointed James Sporle as General Counsel and Company Secretary.

James brings a wealth of legal experience to the Darktrace team, having formerly served as Group General Counsel and Company Secretary at online food delivery company Just Eat plc, where he was instrumental in its transformation from pre-IPO business to the FTSE 100 and in subsequently navigating its merger with Takeaway.com. In 2020, James was shortlisted for The Lawyer’s General Counsel of the Year.

Prior to Just Eat, James worked at BP plc, having qualified as a solicitor at Linklaters in 2001. He holds a Law degree from St Catharine’s College, Cambridge.

Richard Eaton, current General Counsel at Darktrace, will retire in the autumn.

Darktrace Appoints Lord David Willetts As A Non-Executive Director

Posted in Commentary with tags on March 17, 2021 by itnerd

Darktrace, a leading autonomous cyber security AI company, today announced that the Rt Hon. David Willetts has agreed to join the Board of Directors as a Non-Executive Director.

Lord Willetts served as a Member of Parliament from 1992 to 2015. He was Minister for Universities and Science within the Department for Business, Innovation and Skills from 2010 to 2014, and previously held roles within HM Treasury and the No. 10 Policy Unit. His current roles include President of the Resolution Foundation and Chair of the Foundation for Science and Technology, together with serving on several company boards.

“I am honoured to join the Board of Darktrace, a true example of great British innovation and leadership in the cyber AI field,” Lord Willetts said. “I look forward to supporting the company as it continues to play a critical role in building the technology and talent needed to counter the rising threat from cyber-attacks on business, government and critical national infrastructure.”

Darktrace is a leading autonomous cyber security AI company and the creator of Autonomous Response technology. It provides comprehensive, enterprise-wide cyber defense to over 4,500 organizations worldwide, protecting the cloudemail, IoT, traditional networks, endpoints and industrial systems.

A self-learning technology, Darktrace AI autonomously detects, investigates and responds to advanced cyber-threats, including insider threat, remote working risks, ransomware, data loss and supply chain vulnerabilities.

The company has 1,500 employees and 44 office locations, with headquarters in Cambridge, UK. Every second, Darktrace AI detects a cyber-threat, preventing it from causing damage.