Comunicado de prensa
Updated statement regarding LockBit claims
We have completed a thorough security investigation following yesterday’s tweets by LockBit claiming they had compromised Darktrace’s internal systems. We can confirm that there has been no compromise of our systems or any of our affiliate systems. Our service to our customers remains uninterrupted and is operating as normal and no further action is required.
Comunicado de prensa
Statement regarding LockBit claims
Earlier this morning we became aware of tweets from LockBit, the cyber-criminal gang, claiming that they had compromised Darktrace’s internal security systems and had accessed our data. Our security teams have run a full review of our internal systems and can see no evidence of compromise. None of the LockBit social media posts link to any compromised Darktrace data. We will continue to monitor the situation extremely closely, but based on our current investigations we are confident that our systems remain secure and all customer data is fully protected.
Comunicado de prensa
Un laboratorio líder interrumpe una amenaza interna utilizando la inteligencia artificial de Darktrace
Cobertura mediática
Un laboratorio líder interrumpe una amenaza interna utilizando la inteligencia artificial de Darktrace
Darktrace, a global leader in cyber security AI, today announced that a leading laboratory specializing in in vitro diagnostics successfully stopped an insider threat with the help of Darktrace’s Self-Learning AI.
The company, which has laboratories, offices and distribution centers in over 100 countries worldwide and more than 3,000 employees, specializes in the research, development and manufacturing of innovative in vitro diagnostic tests for disease, conditions and infections. The organization uses Darktrace’s detect, respond and investigate capabilities to defend against in-progress attacks at the early stages.
Powered by Self-Learning AI, Darktrace technology develops an understanding of normal operations for the company. From this understanding it can then autonomously interrupt in-progress attacks at every stage from the initial entry with sophisticated spear phishing emails to brute-forced remote desktop protocol (RDP), command and control, and lateral movement, all without business disruption.
In one instance, Darktrace’s Self-Learning AI detected an internal device communicating with the Tor network via an intermediary web service. Tor is an open-source privacy network that enables anonymous web browsing by guiding data traffic through different servers, located all over the world. Whilst it is not wholly malicious, it can be associated with the browsing of non-business or even illegal content.
El dispositivo se conectaba a un foro de la darknet relacionado con el mercado farmacéutico. Dado que ningún otro dispositivo dentro de la organización había visitado la red Tor en el pasado, Darktrace AI señaló esto al equipo de seguridad como algo fuera de lo común. Gracias a que la IA se encargó de la detección temprana y de la toma de decisiones a nivel micro, el equipo de seguridad se vio reforzado y fue capaz de tomar decisiones importantes que requerían un contexto empresarial.
El equipo de seguridad interna descubrió más tarde que probablemente se trataba de una persona con información privilegiada que buscaba vender propiedad intelectual o incluso suministros médicos en la darknet.
"Los insiders maliciosos o comprometidos pueden ser difíciles de identificar porque su acceso privilegiado y su conocimiento del funcionamiento de la empresa les permite evadir la detección por parte de las herramientas de seguridad tradicionales", comentó Toby Lewis, Jefe Global de Análisis de Amenazas, Darktrace. "Para proteger la propiedad intelectual de las amenazas internas, las organizaciones necesitan aumentar los equipos de seguridad con tecnología impulsada por la IA para detener la actividad maliciosa en tiempo real en el momento de la detección."
Acerca de Darktrace
%20copy.png)