プレスリリース

2023年4月14日 11:42 AM

LockBitの主張に関する声明を更新しました

Mike Beck, Chief Information Security Officer, Darktrace

Darktraceの内部システムに侵入したとする昨日のLockBitによるツイートを受け、徹底的なセキュリティ調査を完了しました。当社のシステムおよび関連する組織のシステムに侵害がなかったことを確認することができました。当社のお客様へのサービスは中断されることなく、通常通り運営が継続されており、これ以上の措置は必要ありません。

プレスリリース

2023年4月13日 9:30 AM

LockBitの主張に関する声明

今朝早く、Darktraceはサイバー犯罪集団 LockBit が Darktrace の内部セキュリティシステムに侵入し、当社のデータにアクセスしたとするツイートを確認しました。当社のセキュリティチームは、当社の内部システムの完全なレビューを実行しましたが、侵害の証拠は一切見当たりませんでした。LockBitによるソーシャルメディアへの投稿はいずれも、当社のデータに一切関連するものではありません。当社は引き続き状況を注意深く注視していきますが、現在の調査に基づき、当社のシステムは引き続き安全であり、すべての顧客データは完全に保護されていると確信しています。


プレスリリース

Leading Multinational Technology Manufacturer Stops Babuk Ransomware with Darktrace AI

Cambridge, UK
February 28, 2022

Media coverage

News publication logo

Leading Multinational Technology Manufacturer Stops Babuk Ransomware with Darktrace AI

Read the story
February 28, 2022

Darktrace, a global leader in cyber security AI, today announced that a leading multinational technology manufacturer successfully interrupted Babuk ransomware with Darktrace’s Autonomous Response technology, Antigena.

Headquartered in Asia, the company designs and manufactures technology solutions that facilitate the adoption of smart medical devices as well as electric and autonomous vehicles and is a key industry player.

The organization was using Darktrace’s detect, respond and investigate capabilities. The Self-Learning AI forms a constantly evolving understanding of both IT and operational technologies at the company, allowing it to identify the subtle, emerging signs of cyber-threats in real time.

In the early hours of the morning, Darktrace AI detected that a device within the business was behaving abnormally; it was performing network scanning and making unusual connections with other internal devices. The AI not only noted this behavior as out-of-the-ordinary but as malicious.

The algorithms then calculated the best action to take to autonomously contain the in-progress attack and blocked the infected device from making further connections while allowing normal business operations to continue – both in the office and on the manufacturing floor. These algorithms work by enforcing the normal ‘patterns of life’ for compromised users and devices. This proportionate and highly targeted response is possible because of the AI’s continually evolving understanding of what ‘normal’ looks like at a granular level for each part of the company’s digital ecosystem.

In post-compromise analysis conducted by the AI, it was found that the device was attempting to distribute files involving ‘babyk’ extensions.

Babuk, a double-extortion ransomware threat discovered in 2021, is a sophisticated campaign that has actively targeted high-value organizations around the world. Operators have inflicted damage not only by encrypting files and crippling systems, but also threatening to leak sensitive data if ransom payment is not received.

The attempted attack follows warnings from government agencies about a global rise in cyber-threats, particularly those targeting critical infrastructure and organizations embedded in global supply chains. Ransomware attacks, such as those above, are effective ways for nation states to carry out espionage, disrupt society and flex their muscles on a global stage.

“Babuk ransomware began its life as a Ransomware-as-a-Service (RaaS) tool, but since its source code was leaked in July, it has been adopted by a number of cyber-criminal groups to be used in different ways,” commented Toby Lewis, Head of Threat Analysis, Darktrace. “These attacks often strike out of hours and so it has never been more critical that defenders of critical infrastructure are using artificial intelligence to allow their organizations to self-defend against advanced threats.”

About Darktrace

About Darktrace

この記事を共有
該当する項目はありません。
メディアコンタクト
該当する項目はありません。