Tag: Darktrace

darktrace-advances-its-cyber-ai-loop-with-launch-of-“prevent”-products-to-proactively-protect-organizations

DARKTRACE ADVANCES ITS CYBER AI LOOP WITH LAUNCH OF “PREVENT” PRODUCTS TO PROACTIVELY PROTECT ORGANIZATIONS

July 19, 2022 Published by

 

Darktrace, a global leader in cyber security artificial intelligence, today announced the launch of Darktrace PREVENT™, an interconnected set of AI products that deliver a proactive cyber security capability to help organizations pre-empt future cyber-attacks. Darktrace PREVENT is the third product area in Darktrace’s delivery of a Cyber AI Loop, the industry-first set of AI capabilities which work together autonomously to optimize an organization’s state of security through a continuous feedback loop.

The new Darktrace PREVENT product family is based on breakthroughs developed in the firm’s Cambridge Cyber AI Research Centre and the capabilities gained through the acquisition of Cybersprint in March 2022. PREVENT uses AI to ‘think like an attacker,’ finding pathways to an organization’s most critical assets from inside and outside. Underpinned by AI that ‘knows you,’ it continuously analyzes the most disruptive attacks for an organization and feeds that information back into DETECT and RESPOND to support continuous learning and automation to harden systems.

A number of organizations in the US, UK and Northern Europe are early adopters of Darktrace PREVENT products, including the City of Las Vegas and Sedgwick, a leading global provider of technology-enabled risk, benefits and integrated business solutions.

Commenting on the PREVENT product, Michael Lee Sherwood, Chief Innovation Officer, City of Las Vegas, said:

“Our team is finding Darktrace PREVENT very useful as it provides the types of insights and reflections we need to ensure we maintain a level of transparency and validity within our digital environment. I can see lots of ROI for municipal environments, especially those built-in cloud and virtual environments, use cases for external auditing, visibility into IoT environments, continuous pen testing, and actively monitoring risk. It also addresses some of the skilled analyst shortages that the cyber security industry is facing.”

Eric Schmitt, Global Chief Information Security Officer at Sedgwick, commented:

“Darktrace PREVENT pairs up our inside and outside views and integrates them with DETECT and RESPOND, which is a game changer. Our customers are advocating that we need to be continuously testing the efficacy of our security. Darktrace PREVENT does just that.”

Darktrace’s latest product family is set to proactively defend organizations against the heightened volume and sophistication of cyber threats, which is making identification and prioritization of their most pressing vulnerabilities increasingly difficult. In new data published today, Darktrace reveals that high-priority attempts to breach customer systems increased by 49% globally between January and June 2022. Over the same period, Darktrace saw a 138% increase in attempted cyber-attacks targeting customers in government-related sectors globally. In the month of June, the Information and Communication sector was the most highly targeted across Darktrace’s global customer base as it was in the US. In the UK, the most targeted industry was the public sector and government-related sectors.

At the same time, security teams are contending with an ever-increasing volume of vulnerabilities, and they do not have the resources to fight on all fronts. With the launch of PREVENT, Darktrace provides more predictive and preventative solutions to tackle cyber threats and business risk – rather than waiting for breaches to occur before action is taken. In new data published today, based on external vulnerability data of over 150 organizations, Darktrace reveals that 85% of high-risk vulnerabilities are not patched within one week and 70% are still unpatched after one month. Defenders do not have the resources to fight on every front and they cannot simply be reactive anymore.

Commenting on the launch of Darktrace PREVENT, Poppy Gustafsson OBE, CEO at Darktrace, said:

“Organizations don’t have bottomless budgets and security teams don’t have endless time. By helping human teams to get a much better picture of their security vulnerabilities and by prioritizing the areas that need hardening first so they can protect their most critical assets, we hope we can help our customers to free themselves of cyber disruption. I’m so excited about today’s launch of our PREVENT products, which is a major milestone for Darktrace and brings us one step closer to fulfilling our vision of a Cyber AI Loop.

Chris Kissel, Research Director at the International Data Corporation (IDC), the premier global provider of market intelligence for the IT, telecommunications and consumer technology markets said:

“A purely reactive approach to security is quickly becoming inadequate. Early data from research into how organizations are mitigating cyber risk and threats show a shift towards proactive, ‘always-on’ technologies continually running tests on existing systems. Yet a continuous approach is fundamentally impossible to achieve without automation and AI, and Darktrace’s combination of AI technology that learns self and its new PREVENT product family will bring real value to thinly stretched security teams.”

Notes to Editors:

Within Darktrace PREVENT, Darktrace today launches two new products. In addition, Darktrace is announcing major new releases to its existing Darktrace DETECT™ and Darktrace RESPOND™ product families, enabling all products to interact with one another as key components of the Cyber AI Loop.

  • Darktrace PREVENT/E2E™ (End-to-End) – an outcomes-based approach to managing cyber risk, incorporating the best capabilities from across multiple disciplines including attack path modelling, automated penetration testing, breach & attack emulation, security awareness testing and training, and vulnerability prioritization.
  • Darktrace PREVENT/ASM™ (Attack Surface Management) – AI performs reconnaissance on a specific target by simply knowing the name of the entity, with zero scope and delivering value across many use cases including shadow IT, supply chain, mergers & acquisitions, configuration errors, and many others.
  • DETECT, RESPOND FEEDBACK LOOP – Existing capabilities integrated with Darktrace PREVENT/E2E and PREVENT/ASM reinforce one another to create a continuous feedback loop for always-on learning from the threat landscape.
darktrace-reports-information-technology-and-communications-sector-most-targeted-by-cyber-attackers-in-2021

DARKTRACE REPORTS INFORMATION TECHNOLOGY AND COMMUNICATIONS SECTOR MOST TARGETED BY CYBER-ATTACKERS IN 2021

December 13, 2021 Published by

 

Darktrace, a global leader in cyber security AI, today reported that the information technology (IT) and communications sector was the most targeted industry globally in 2021, as uncovered by Darktrace’s security researchers.

Darktrace’s data is developed by ‘early indicator analysis’ that looks at the breadcrumbs of potential cyber-attacks at several stages before they are attributed to any particular actor and before they escalate into a full-blown crisis. Darktrace’s findings show that its artificial intelligence autonomously interrupted an average of 150,000 threats per week against the sector in 2021.

The IT and communications sector includes telecommunications providers, software developers, and managed security service providers, amongst others. Darktrace also defends several backup vendors and has observed a growing trend of hackers targeting backup servers in an attempt to deliberately disable or corrupt backup files by deleting a single index file that would render all backups inaccessible. Attackers could then launch ransomware attacks against the clients of the backup vendor, preventing recovery and forcing payment.

In 2020, the most attacked industry across Darktrace’s global customer base was the financial and insurance sector, showing that cyber-criminals have shifted their focus over the last 12 months.

“Over the last 12 months, it is clear that attackers are relentlessly trying to access the networks of trusted suppliers in the IT and communications sector. Quite simply, it is a better return on investment than, for example, going after one company in the financial services sector. SolarWinds and Kaseya are just two well-known and recent examples of this. Sadly, there is likely to be more in the near term,” commented Justin Fier, Darktrace Director for Cyber Intelligence and Analysis.

The findings of this research mark one year since the compromise of U.S. software company SolarWinds rattled the security industry. This landmark supply-chain attack made thousands of organizations vulnerable to infiltration by inserting malicious code into the Orion system. Over the last 12 months, there has been a continued spate of attacks against the IT and communications sector, including the high-profile attacks on Kaseya and Gitlab.

Threat actors often use software and developer platforms as entry points into other high-value targets, including governments and authorities, large corporations, and critical infrastructure. Darktrace found that the most common attempted break-in method was through email, with organizations in the sector receiving an average of 600 unique phishing campaigns a month in 2021. Contrary to popular belief, the emails sent to these organizations did not contain a malicious payload hidden in a link or attachment. Instead, cyber-criminals used subtle and sophisticated techniques sending ‘clean emails’ containing only text attempting to coax recipients into replying and revealing sensitive information. This method is effective because, by compromising these email accounts, hackers can then exploit the trusted relationship between the software supplier and the intended targets.

These methods easily bypass legacy security tools that rely on checking links and attachments against blocklists and signatures. AI can stop these emails from reaching employees’ inboxes by identifying the full range of anomalies, including even the most subtle indicators.

“The reality is that attackers are patient and creative. They will usually go right through the front door by compromising trusted suppliers in the IT and communications industry. To downstream customers, it appears as business as usual and is just another application or piece of hardware from a trusted supplier,” continued Fier. “There is no magic solution to finding attacks embedded in your software suppliers, so the real challenge for organizations will be to operate while accepting this risk. Getting a sense of what is normal for the software you are trusting will be paramount. AI is perfectly suited for this job; spotting the subtle changes presented by a piece of software that has been compromised will be key to fighting this problem in the future.”

darktrace-reports-30%-more-ransomware-attacks-targeting-organizations-during-the-holiday-period

Darktrace Reports 30% More Ransomware Attacks Targeting Organizations During The Holiday Period

December 2, 2021 Published by

 

Darktrace, a global leader in cyber security AI, today reported that its security researchers discovered a 30% increase in the average number of attempted ransomware attacks globally over the holiday season in every consecutive year from 2018 to 2020 compared to the monthly average.

The researchers also observed a 70% average increase in attempted ransomware attacks in November and December compared to January and February. Following a record number of ransomware attacks this year, the company expects the spike to be higher over the 2021 holiday period.

During the nascent 2021 holiday season, Darktrace’s AI detected and autonomously stopped an in-progress, early-stage ransomware attack on a U.S. city before any data exfiltration or encryption could occur. The city’s security team had the foresight to deploy an AI solution to combat multi-stage ransomware attacks, enabling them to stop the attackers at the earliest stage.

Ransomware is often falsely considered an encryption problem. This misconception masks and undermines attackers’ determination and creativity to initially break into and then move around within an organization’s digital environment first to discover, then steal and encrypt data. The break-in is often through email, but that quickly evolves to targeting servers where the data lives. Therefore, a combination of email and network security is crucial to stop these attacks.

Powered by Self-Learning AI, Darktrace technology develops an understanding of normal business operations for each organization. It autonomously interrupts in-progress attacks at every stage from the initial entry with sophisticated spearphishing emails to brute-forced remote desktop protocol (RDP), command-and-control, and lateral movement, all without business disruption.

“Based on what we’ve seen in previous years, holidays are consistent target periods for cyber-attackers. Interestingly, the largest rise in attempted ransomware attacks is between Christmas and New Year’s when attackers know there will be fewer eyeballs on screens defending against threats,” commented Justin Fier, Director of Cyber Intelligence and Analytics, Darktrace. “Business leaders should know that there is available technology that can identify and respond to the initial warning signs of ransomware before attackers can hold critical systems hostage, even when human security teams are out of office.”

Latest Members

Recent AchievementsYou must be logged in to view earned achievements

What is a Wire Coin?

Find connections

Who is online

Latest Hashtags

#artificialintelligence #betting #blockchain #casino #esports #fintech #gaming #hiptherfestival #hipthers #igaming #slots #technology