プレスリリース

2023年4月14日 11:42 AM

LockBitの主張に関する声明を更新しました

Mike Beck, Chief Information Security Officer, Darktrace

Darktraceの内部システムに侵入したとする昨日のLockBitによるツイートを受け、徹底的なセキュリティ調査を完了しました。当社のシステムおよび関連する組織のシステムに侵害がなかったことを確認することができました。当社のお客様へのサービスは中断されることなく、通常通り運営が継続されており、これ以上の措置は必要ありません。

プレスリリース

2023年4月13日 9:30 AM

LockBitの主張に関する声明

今朝早く、Darktraceはサイバー犯罪集団 LockBit が Darktrace の内部セキュリティシステムに侵入し、当社のデータにアクセスしたとするツイートを確認しました。当社のセキュリティチームは、当社の内部システムの完全なレビューを実行しましたが、侵害の証拠は一切見当たりませんでした。LockBitによるソーシャルメディアへの投稿はいずれも、当社のデータに一切関連するものではありません。当社は引き続き状況を注意深く注視していきますが、現在の調査に基づき、当社のシステムは引き続き安全であり、すべての顧客データは完全に保護されていると確信しています。


プレスリリース

Leading Laboratory Interrupts Insider Threat Using Darktrace Artificial Intelligence

Employee at Global In Vitro Diagnostics Company Appears to Attempt to Sell Intellectual Property and Medical Supplies on Darknet
Cambridge, UK
March 18, 2022

Media coverage

News publication logo

Leading Laboratory Interrupts Insider Threat Using Darktrace Artificial Intelligence

Read the story
March 18, 2022

Darktrace, a global leader in cyber security AI, today announced that a leading laboratory specializing in in vitro diagnostics successfully stopped an insider threat with the help of Darktrace’s Self-Learning AI.

The company, which has laboratories, offices and distribution centers in over 100 countries worldwide and more than 3,000 employees, specializes in the research, development and manufacturing of innovative in vitro diagnostic tests for disease, conditions and infections. The organization uses Darktrace’s detect, respond and investigate capabilities to defend against in-progress attacks at the early stages.

Powered by Self-Learning AI, Darktrace technology develops an understanding of normal operations for the company. From this understanding it can then autonomously interrupt in-progress attacks at every stage from the initial entry with sophisticated spear phishing emails to brute-forced remote desktop protocol (RDP), command and control, and lateral movement, all without business disruption.

In one instance, Darktrace’s Self-Learning AI detected an internal device communicating with the Tor network via an intermediary web service. Tor is an open-source privacy network that enables anonymous web browsing by guiding data traffic through different servers, located all over the world. Whilst it is not wholly malicious, it can be associated with the browsing of non-business or even illegal content.

The device was connecting with a darknet forum relating to the pharmaceutical market. Given that no other device within the organization had visited the Tor network in the past, Darktrace AI flagged this to the security team as out-of-the-ordinary. With the AI taking care of early detection and making micro-level decisions the security team were uplifted and able to make important decisions that required business context.

The internal security team later found that this was likely an insider looking to sell proprietary intellectual property or even medical supplies on the darknet.

“Malicious or compromised insiders can be difficult to identify because their privileged access and knowledge of company workings allows them to evade detection by traditional security tools,” commented Toby Lewis, Global Head of Threat Analysis, Darktrace. “In order to protect intellectual property from insider threat, organizations need to augment security teams with AI-powered technology to stop malicious activity in real time at the moment of detection.”

About Darktrace

この記事を共有
該当する項目はありません。
メディアコンタクト
該当する項目はありません。