プレスリリース

2023年4月14日 11:42 AM

LockBitの主張に関する声明を更新しました

Mike Beck, Chief Information Security Officer, Darktrace

Darktraceの内部システムに侵入したとする昨日のLockBitによるツイートを受け、徹底的なセキュリティ調査を完了しました。当社のシステムおよび関連する組織のシステムに侵害がなかったことを確認することができました。当社のお客様へのサービスは中断されることなく、通常通り運営が継続されており、これ以上の措置は必要ありません。

プレスリリース

2023年4月13日 9:30 AM

LockBitの主張に関する声明

今朝早く、Darktraceはサイバー犯罪集団 LockBit が Darktrace の内部セキュリティシステムに侵入し、当社のデータにアクセスしたとするツイートを確認しました。当社のセキュリティチームは、当社の内部システムの完全なレビューを実行しましたが、侵害の証拠は一切見当たりませんでした。LockBitによるソーシャルメディアへの投稿はいずれも、当社のデータに一切関連するものではありません。当社は引き続き状況を注意深く注視していきますが、現在の調査に基づき、当社のシステムは引き続き安全であり、すべての顧客データは完全に保護されていると確信しています。


プレスリリース

Major UK Retailer Stops Novel Malware Attack with Darktrace AI

Company Targeted by ‘BumbleBee’, a Sophisticated Malware Loader
Cambridge, UK
May 19, 2022

Media coverage

News publication logo

Major UK Retailer Stops Novel Malware Attack with Darktrace AI

Read the story
May 19, 2022

Darktrace, a global leader in cyber security AI, today announced that a UK retailer used Darktrace’s AI to stop a cyber-attack attempting to leverage ‘BumbleBee’, a new malware loader known to be used by Russia-based ransomware group Conti among other cyber-criminal entities.

The company, a major UK retailer founded over 20 years ago, was leveraging Darktrace’s Self-Learning AI when it was targeted by a cyber-attack. The AI had established an evolving understanding of ‘normal’ for the company’s operations in order to detect the subtle indicators of an emerging cyber-threat.

In the early hours of one morning in April, Darktrace’s AI detected that an internal device was communicating unusually with multiple external endpoints. The AI began investigating the activity in real time and the company’s security team were alerted to potentially malicious activity, enabling them to take the compromised device offline before malware could spread through the organization.

The AI was able to detect the activity without any need for new threat signatures or a feed of threat intelligence, while human analysis was then used to identify the explicit strain of malware. BumbleBee is believed to have replaced Conti’s ‘BazarLoader’, which the Russia-based group infamously used to deploy ransomware. Loaders typically serve as the first stage of a cyber-attack, offering cyber-criminals the ability to deploy malicious code at scale, and serve as a bridgehead into compromised networks to push other malware, including ransomware.

“We’ve seen a dangerous surge in malware loader activity in recent months as attackers seek out new techniques that will avoid traditional methods of detection,” commented Toby Lewis, Darktrace’s Global Head of Threat Analysis. “These attack tools, particularly novel variants like BumbleBee, illustrate the need for cutting-edge technology like AI that understands the shades of grey in very complex systems. Defenders shouldn’t have to wait for the release of threat indicators and threat intelligence before they are able to detect and respond to these attacks.”

About Darktrace

Darktrace (DARK.L), a global leader in cyber security AI, delivers world-class technology that protects over 6,800 customers worldwide from advanced threats, including ransomware and cloud and SaaS attacks. Darktrace’s fundamentally different approach applies Self-Learning AI to enable machines to understand the business in order to autonomously defend it. Headquartered in Cambridge, UK, the Group has more than 2,000 employees worldwide. Darktrace was named one of TIME magazine’s ‘Most Influential Companies’ for 2021.

この記事を共有
該当する項目はありません。
メディアコンタクト
該当する項目はありません。