Blog
/
Identity
/
December 15, 2023

How Darktrace Halted A DarkGate in MS Teams

Discover how Darktrace thwarted DarkGate malware in Microsoft Teams. Stay informed on the latest cybersecurity measures and protect your business.
Written by
Natalia Sánchez Rocafort
Cyber Security Analyst
Inside the SOC
Darktrace cyber analysts are world-class experts in threat intelligence, threat hunting and incident response, and provide 24/7 SOC support to thousands of Darktrace customers around the globe. Inside the SOC is exclusively authored by these experts, providing analysis of cyber incidents and threat trends, based on real-world experience in the field.
Written by
Natalia Sánchez Rocafort
Cyber Security Analyst
Default blog imageDefault blog imageDefault blog imageDefault blog imageDefault blog imageDefault blog image
15
Dec 2023

Securing Microsoft Teams and SharePoint

Given the prevalence of the Microsoft Teams and Microsoft SharePoint platforms in the workplace in recent years, it is essential that organizations stay vigilant to the threat posed by applications vital to hybrid and remote work and prioritize the security and cyber hygiene of these services. For just as the use of these platforms has increased exponentially with the rise of remote and hybrid working, so too has the malicious use of them to deliver malware to unassuming users.

Researchers across the threat landscape have begun to observe these legitimate services being leveraged by malicious actors as an initial access method. Microsoft Teams can easily be exploited to send targeted phishing messages to individuals within an organization, while appearing legitimate and safe. Although the exact contents of these messages may vary, the messages frequently use social engineering techniques to lure users to click on a SharePoint link embedded into the message. Interacting with the malicious link will then download a payload [1].

Darktrace observed one such malicious attempt to use Microsoft Teams and SharePoint in September 2023, when a device was observed downloading DarkGate, a commercial trojan that is known to deploy other strains of malware, also referred to as a commodity loader [2], after clicking on SharePoint link. Fortunately for the customer, Darktrace’s suite of products was perfectly poised to identify the initial signs of suspicious activity and Darktrace RESPOND™ was able to immediately halt the advancement of the attack.

DarkGate Attack Overview

On September 8, 2023, Darktrace DETECT™ observed around 30 internal devices on a customer network making unusual SSL connections to an external SharePoint site which contained the name of a person, 'XXXXXXXX-my.sharepoint[.]com' (107.136[.]8, 13.107.138[.]8). The organization did not have any employees who went by this name and prior to this activity, no internal devices had been seen contacting the endpoint.

At first glance, this initial attack vector would have appeared subtle and seemingly trustworthy to users. Malicious actors likely sent various users a phishing message via Microsoft Teams that contained the spoofed SharePoint link to the personalized SharePoint link ''XXXXXXXX-my.sharepoint[.]com'.

Figure 1: Advanced Search query showing a sudden spike in connections to ''XXXXXXXX -my.sharepoint[.]com'.

Darktrace observed around 10 devices downloading approximately 1 MB of data during their connections to the Sharepoint endpoint. Darktrace DETECT observed some of the devices making subsequent HTTP GET requests to a range of anomalous URIs. The devices utilized multiple user-agents for these connections, including ‘curl’, a command line tool that allows individuals to request and transfer data from a specific URL. The connections were made to the IP 5.188.87[.]58, an endpoint that has been flagged as an indicator of compromise (IoC) for DarkGate malware by multiple open-source intelligence (OSINT) sources [3], commonly associated with HTTP GET requests:

  1. GET request over port 2351 with the User-Agent header 'Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)' and the target URI '/bfyxraav' to 5.188.87[.]58
  2. GET request over port 2351 with the user-agent header 'curl' and the target URI '/' to 5.188.87[.]58
  3. GET request over port 2351 with the user-agent header 'curl/8.0.1' and the target URI '/msibfyxraav' to 5.188.87[.]58

The HTTP GET requests made with the user-agent header 'curl' and the target URI '/' to 5.188.87[.]58 were responded to with a filename called 'Autoit3.exe'. The other requests received script files with names ending in '.au3, such as 'xkwtvq.au3', 'otxynh.au3', and 'dcthbq.au3'. DarkGate malware has been known to make use of legitimate AutoIt files, and typically runs multiple AutoIt scripts (‘.au3’) [4].

Following these unusual file downloads, the devices proceeded to make hundreds of HTTP POST requests to the target URI '/' using the user-agent header 'Mozilla/4.0 (compatible; Synapse)' to 5.188.87[.]58. The contents of these requests, along with the contents of the responses, appear to be heavily obfuscated.

Figure 2: Example of obfuscated response, as shown in a packet capture downloaded from Darktrace.

While Microsoft’s Safe Attachments and Safe Links settings were unable to detect this camouflaged malicious activity, Darktrace DETECT observed the unusual over-the-network connectivity that occurred. While Darktrace DETECT identified multiple internal devices engaging in this anomalous behavior throughout the course of the compromise, the activity observed on one device in particular best showcases the overall kill chain of this attack.

The device in question was observed using two different user agents (curl/8.0.1 and Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)) when connecting to the endpoint 5.188.87[.]58 and target URI ‘/bfyxraav’. Additionally, Darktrace DETECT recognized that it was unusual for this device to be making these HTTP connections via destination port 2351.

As a result, Darktrace’s Cyber AI Analyst™ launched an autonomous investigation into the suspicious activity and was able to connect the unusual external connections together, viewing them as one beaconing incident as opposed to isolated series of connections.

Figure 3: Cyber AI Analyst investigation summarizing the unusual repeated connections made to 5.188.87[.]58 via destination port 2351.

Darktrace then observed the device downloading the ‘Autoit3.exe’ file. Darktrace RESPOND took swift mitigative action by blocking similar connections to this endpoint, preventing the device from downloading any additional suspicious files.

Figure 4: Suspicious ‘Autoit3.exe’ downloaded by the source device from the malicious external endpoint.

Just one millisecond later, Darktrace observed the device making suspicious HTTP GET requests to URIs including ‘/msibfyxraav’. Darktrace recognized that the device had carried out several suspicious actions within a relatively short period of time, breaching multiple DETECT models, indicating that it may have been compromised. As a result, RESPOND took action against the offending device by preventing it from communicating externally [blocking all outbound connections] for a period of one hour, allowing the customer’s security team precious time to address the issue.

It should be noted that, at this point, had the customer subscribed to Darktrace’s Proactive Threat Notification (PTN) service, the Darktrace Security Operations Center (SOC) would have investigated these incidents in greater detail, and likely would have sent a notification directly to the customer to inform them of the suspicious activity.

Additionally, AI Analyst collated various distinct events and suggested that these stages were linked as part of an attack. This type of augmented understanding of events calculated at machine speed is extremely valuable since it likely would have taken a human analyst hours to link all the facets of the incident together.  

Figure 5: AI Analyst investigation showcasing the use of the ‘curl’ user agent to connect to the target URI ‘/msibfyxraav’.
Figure 6: Darktrace RESPOND moved to mitigate any following connections by blocking all outgoing traffic for 1 hour.

Following this, an automated investigation was launched by Microsoft Defender for Endpoint. Darktrace is designed to coordinate with multiple third-party security tools, allowing for information on ongoing incidents to be seamlessly exchanged between Darktrace and other security tools. In this instance, Microsoft Defender identified a ‘low severity’ incident on the device, this automatically triggered a corresponding alert within DETECT, presented on the Darktrace Threat Visuallizer.

The described activity occurred within milliseconds. At each step of the attack, Darktrace RESPOND took action either by enforcing expected patterns of life [normality] on the affected device, blocking connections to suspicious endpoints for a specified amount of time, and/or blocking all outgoing traffic from the device. All the relevant activity was detected and promptly stopped for this device, and other compromised devices, thus containing the compromise and providing the security team invaluable remediation time.

Figure 7: Overview of the compromise activity, all of which took place within a matter of miliseconds.

Darktrace identified similar activity on other devices in this customer’s network, as well as across Darktrace’s fleet around the same time in early September.

On a different customer environment, Darktrace DETECT observed more than 25 ‘.au3’ files being downloaded; this activity can be seen in Figure 9.

Figure 8: High volume of file downloads following GET request and 'curl' commands.

Figure 9 provides more details of this activity, including the source and destination IP addresses (5.188.87[.]58), the destination port, the HTTP method used and the MIME/content-type of the file

Figure 9: Additional information of the anomalous connections.

A compromised server in another customer deployment was seen establishing unusual connections to the external IP address 80.66.88[.]145 – an endpoint that has been associated with DarkGate by OSINT sources [5]. This activity was identified by Darktrace/DETECT as a new connection for the device via an unusual destination port, 2840. As the device in question was a critical server, Darktrace DETECT treated it with suspicion and generated an ‘Anomalous External Activity from Critical Network Device’ model breach.  

Figure 10: Model breach and model breach event log for suspicious connections to additional endpoint.

Conclusion

While Microsoft Teams and SharePoint are extremely prominent tools that are essential to the business operations of many organizations, they can also be used to compromise via living off the land, even at initial intrusion. Any Microsoft Teams user within a corporate setting could be targeted by a malicious actor, as such SharePoint links from unknown senders should always be treated with caution and should not automatically be considered as secure or legitimate, even when operating within legitimate Microsoft infrastructure.

Malicious actors can leverage these commonly used platforms as a means to carry out their cyber-attacks, therefore organizations must take appropriate measures to protect and secure their digital environments. As demonstrated here, threat actors can attempt to deploy malware, like DarkGate, by targeting users with spoofed Microsoft Teams messages. By masking malicious links as legitimate SharePoint links, these attempts can easily convince targets and bypass traditional security tools and even Microsoft’s own Safe Links and Safe Attachments security capabilities.

When the chain of events of an attack escalates within milliseconds, organizations must rely on AI-driven tools that can quickly identify and automatically respond to suspicious events without latency. As such, the value of Darktrace DETECT and Darktrace RESPOND cannot be overstated. Given the efficacy and efficiency of Darktrace’s detection and autonomous response capabilities, a more severe network compromise in the form of the DarkGate commodity loader was ultimately averted.

Credit to Natalia Sánchez Rocafort, Cyber Security Analyst, Zoe Tilsiter.

Appendices

Darktrace DETECT Model Detections

  • [Model Breach: Device / Initial Breach Chain Compromise 100% –– Breach URI: /#modelbreach/114039 ] (Enhanced Monitoring)·      [Model Breach: Device / Initial Breach Chain Compromise 100% –– Breach URI: /#modelbreach/114124 ] (Enhanced Monitoring)
  • [Model Breach: Device / New User Agent and New IP 62% –– Breach URI: /#modelbreach/114030 ]
  • [Model Breach: Anomalous Connection / Application Protocol on Uncommon Port 46% –– Breach URI: /#modelbreach/114031 ]
  • [Model Breach: Anomalous Connection / New User Agent to IP Without Hostname 62% –– Breach URI: /#modelbreach/114032 ]
  • [Model Breach: Device / New User Agent 32% –– Breach URI: /#modelbreach/114035 ]
  • [Model Breach: Device / Three Or More New User Agents 31% –– Breach URI: /#modelbreach/114036 ]
  • [Model Breach: Anomalous Server Activity / Anomalous External Activity from Critical Network Device 62% –– Breach URI: /#modelbreach/612173 ]
  • [Model Breach: Anomalous File / EXE from Rare External Location 61% –– Breach URI: /#modelbreach/114037 ]
  • [Model Breach: Anomalous Connection / Multiple Connections to New External TCP Port 61% –– Breach URI: /#modelbreach/114042 ]
  • [Model Breach: Security Integration / Integration Ransomware Detected 100% –– Breach URI: /#modelbreach/114049 ]
  • [Model Breach: Compromise / Beaconing Activity To External Rare 62% –– Breach URI: /#modelbreach/114059 ]
  • [Model Breach: Compromise / HTTP Beaconing to New Endpoint 30% –– Breach URI: /#modelbreach/114067 ]
  • [Model Breach: Security Integration / C2 Activity and Integration Detection 100% –– Breach URI: /#modelbreach/114069 ]
  • [Model Breach: Anomalous File / EXE from Rare External Location 55% –– Breach URI: /#modelbreach/114077 ]
  • [Model Breach: Compromise / High Volume of Connections with Beacon Score 66% –– Breach URI: /#modelbreach/114260 ]
  • [Model Breach: Security Integration / Low Severity Integration Detection 59% –– Breach URI: /#modelbreach/114293 ]
  • [Model Breach: Security Integration / Low Severity Integration Detection 33% –– Breach URI: /#modelbreach/114462 ]
  • [Model Breach: Security Integration / Integration Ransomware Detected 100% –– Breach URI: /#modelbreach/114109 ]·      [Model Breach: Device / Three Or More New User Agents 31% –– Breach URI: /#modelbreach/114118 ]·      [Model Breach: Anomalous Connection / Application Protocol on Uncommon Port 46% –– Breach URI: /#modelbreach/114113 ] ·      [Model Breach: Anomalous Connection / New User Agent to IP Without Hostname 62% –– Breach URI: /#modelbreach/114114 ]·      [Model Breach: Device / New User Agent 32% –– Breach URI: /#modelbreach/114117 ]·      [Model Breach: Anomalous File / EXE from Rare External Location 61% –– Breach URI: /#modelbreach/114122 ]·      [Model Breach: Security Integration / Low Severity Integration Detection 54% –– Breach URI: /#modelbreach/114310 ]
  • [Model Breach: Security Integration / Integration Ransomware Detected 65% –– Breach URI: /#modelbreach/114662 ]Darktrace/Respond Model Breaches
  • [Model Breach: Antigena / Network::External Threat::Antigena Suspicious File Block 61% –– Breach URI: /#modelbreach/114033 ]
  • [Model Breach: Antigena / Network::External Threat::Antigena File then New Outbound Block 100% –– Breach URI: /#modelbreach/114038 ]
  • [Model Breach: Antigena / Network::Significant Anomaly::Antigena Enhanced Monitoring from Client Block 100% –– Breach URI: /#modelbreach/114040 ]
  • [Model Breach: Antigena / Network::Significant Anomaly::Antigena Significant Anomaly from Client Block 87% –– Breach URI: /#modelbreach/114041 ]
  • [Model Breach: Antigena / Network::Significant Anomaly::Antigena Controlled and Model Breach 87% –– Breach URI: /#modelbreach/114043 ]
  • [Model Breach: Antigena / Network::External Threat::Antigena Ransomware Block 100% –– Breach URI: /#modelbreach/114052 ]
  • [Model Breach: Antigena / Network::Significant Anomaly::Antigena Significant Security Integration and Network Activity Block 87% –– Breach URI: /#modelbreach/114070 ]
  • [Model Breach: Antigena / Network::Significant Anomaly::Antigena Breaches Over Time Block 87% –– Breach URI: /#modelbreach/114071 ]
  • [Model Breach: Antigena / Network::External Threat::Antigena Suspicious Activity Block 87% –– Breach URI: /#modelbreach/114072 ]
  • [Model Breach: Antigena / Network::External Threat::Antigena Suspicious File Block 53% –– Breach URI: /#modelbreach/114079 ]
  • [Model Breach: Antigena / Network::Significant Anomaly::Antigena Breaches Over Time Block 64% –– Breach URI: /#modelbreach/114539 ]
  • [Model Breach: Antigena / Network::External Threat::Antigena Ransomware Block 66% –– Breach URI: /#modelbreach/114667 ]
  • [Model Breach: Antigena / Network::External Threat::Antigena Suspicious Activity Block 79% –– Breach URI: /#modelbreach/114684 ]·      
  • [Model Breach: Antigena / Network::External Threat::Antigena Ransomware Block 100% –– Breach URI: /#modelbreach/114110 ]·      
  • [Model Breach: Antigena / Network::Significant Anomaly::Antigena Significant Anomaly from Client Block 87% –– Breach URI: /#modelbreach/114111 ]·      
  • [Model Breach: Antigena / Network::Significant Anomaly::Antigena Controlled and Model Breach 87% –– Breach URI: /#modelbreach/114115 ]·      
  • [Model Breach: Antigena / Network::Significant Anomaly::Antigena Breaches Over Time Block 87% –– Breach URI: /#modelbreach/114116 ]·      
  • [Model Breach: Antigena / Network::External Threat::Antigena Suspicious File Block 61% –– Breach URI: /#modelbreach/114121 ]·      
  • [Model Breach: Antigena / Network::External Threat::Antigena File then New Outbound Block 100% –– Breach URI: /#modelbreach/114123 ]·      
  • [Model Breach: Antigena / Network::Significant Anomaly::Antigena Enhanced Monitoring from Client Block 100% –– Breach URI: /#modelbreach/114125 ]

List of IoCs

IoC - Type - Description + Confidence

5.188.87[.]58 - IP address - C2 endpoint

80.66.88[.]145 - IP address - C2 endpoint

/bfyxraav - URI - Possible C2 endpoint URI

/msibfyxraav - URI - Possible C2 endpoint URI

Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) - User agent - Probable user agent leveraged

curl - User agent - Probable user agent leveraged

curl/8.0.1 - User agent - Probable user agent leveraged

Mozilla/4.0 (compatible; Synapse) - User agent - Probable user agent leveraged

Autoit3.exe - Filename - Exe file

CvUYLoTv.au3    

eDVeqcCe.au3

FeLlcFRS.au3

FTEZlGhe.au3

HOrzcEWV.au3

rKlArXHH.au3

SjadeWUz.au3

ZgOLxJQy.au3

zSrxhagw.au3

ALOXitYE.au3

DKRcfZfV.au3

gQZVKzek.au3

JZrvmJXK.au3

kLECCtMw.au3

LEXCjXKl.au3

luqWdAzF.au3

mUBNrGpv.au3

OoCdHeJT.au3

PcEJXfIl.au3

ssElzrDV.au3

TcBwRRnp.au3

TFvAUIgu.au3

xkwtvq.au3

otxynh.au3

dcthbq.au3 - Filenames - Possible exe files delivered in response to curl/8.0.1 GET requests with Target URI '/msibfyxraav

f3a0a85fe2ea4a00b3710ef4833b07a5d766702b263fda88101e0cb804d8c699 - SHA256 file hash - Possible SHA256 hashes of 'Autoit3.exe' files

afa3feea5964846cd436b978faa7d31938e666288ffaa75d6ba75bfe6c12bf61 - SHA256 file hash - Possible SHA256 hashes of 'Autoit3.exe' files

63aeac3b007436fa8b7ea25298362330423b80a4cb9269fd2c3e6ab1b1289208 - SHA256 file hash - Possible SHA256 hashes of 'Autoit3.exe' files

ab6704e836a51555ec32d1ff009a79692fa2d11205f9b4962121bda88ba55486 - SHA256 file hash - Possible SHA256 hashes of 'Autoit3.exe' files

References

1. https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams

2. https://feedit.cz/wp-content/uploads/2023/03/YiR2022_onepager_ransomware_loaders.pdf

3. https://www.virustotal.com/gui/ip-address/5.188.87[.]58

4. https://www.forescout.com/resources/darkgate-loader-malspam-campaign/

5. https://otx.alienvault.com/indicator/ip/80.66.88[.]145

Written by
Natalia Sánchez Rocafort
Cyber Security Analyst
Inside the SOC
Darktrace cyber analysts are world-class experts in threat intelligence, threat hunting and incident response, and provide 24/7 SOC support to thousands of Darktrace customers around the globe. Inside the SOC is exclusively authored by these experts, providing analysis of cyber incidents and threat trends, based on real-world experience in the field.
Written by
Natalia Sánchez Rocafort
Cyber Security Analyst

How a Compromised eScan Update Enabled Multi‑Stage Malware and Blockchain C2

Network
April 21, 2026
Joanna Ng
Associate Principal Analyst
Watch the NIS2 Webinar
Trending blogs
1
Darktrace Recognized as the Only Visionary in the 2026 Gartner® Magic Quadrant™ for CPS Protection Platforms
Mar 20, 2026
2
What the Darktrace Annual Threat Report 2026 Means for Security Leaders
Feb 26, 2026
3
State of AI Cybersecurity 2026: 92% of security professionals concerned about the impact of AI agents
Mar 26, 2026
4
Beyond MFA: Detecting Adversary-in-the-Middle Attacks and Phishing with Darktrace
Dec 15, 2025
5
Darktrace Unites Human Behavior and Threat Detection Across Email, Slack, Teams, and Zoom
Mar 24, 2026

More in this series

No items found.
Continue reading
Identity
August 21, 2025

From VPS to Phishing: How Darktrace Uncovered SaaS Hijacks through Virtual Infrastructure Abuse

Darktrace identified coordinated SaaS account compromises across multiple customer environments. The incidents involved suspicious logins from VPS-linked infrastructure followed by unauthorized inbox rule creation and deletion of phishing-related emails. These consistent behaviors across devices point to a targeted phishing campaign leveraging virtual infrastructure for access and concealment. Discover how Darktrace uncovered this activity and what it means for the future of SaaS security.
Rajendra Rushanth
Cyber Analyst
Read more
Identity
July 8, 2025

Defending the Cloud: Stopping Cyber Threats in Azure and AWS with Darktrace

This blog examines three real-world cloud-based attacks in Azure and AWS environments, including credential compromise, data exfiltration, and ransomware detonation. Learn how Darktrace’s AI-driven threat detection and Autonomous Response capabilities help organizations defend against evolving threats in complex cloud environments.
Alexandra Sentenac
Cyber Analyst
Read more
Identity
July 3, 2025

Top Eight Threats to SaaS Security and How to Combat Them

SaaS security requires new methods to keep up with evolving threats and business infrastructure. In this blog, learn the top eight threats to identity security and how AI-based solutions can help.
Carlos Gray
Senior Product Marketing Manager, Email
Read more

Blog

/

AI

/

April 28, 2026

State of AI Cybersecurity 2026: 87% of security professionals are seeing more AI-driven threats, but few feel ready to stop them

Default blog imageDefault blog image

The findings in this blog are taken from Darktrace’s annual State of AI Cybersecurity Report 2026.

In part 1 of this blog series, we explored how AI is remaking the attack surface, with new tools, models, agents — and vulnerabilities — popping up just about everywhere. Now embedded in workflows across the enterprise, and often with far-reaching access to sensitive data, AI systems are quickly becoming a favorite target of cyber threat actors.

Among bad actors, though, AI is more often used as a tool than a target. Nearly 62% of organizations  experienced a social engineering attack involving a deepfake, or an incident in which bad actors used AI-generated video or audio to try to trick a biometric authentication system, compared to 32% that reported an AI prompt injection attack.

In the hands of attackers, AI can do many things. It’s being used across the entire kill chain: to supercharge reconnaissance, personalize phishing, accelerate lateral movement, and automate data exfiltration. Evidence from Anthropic demonstrates that threat actors have harnessed AI to orchestrate an entire cyber espionage campaign from end to end, allegedly running it with minimal human involvement.

CISOs inhabit a world where these increasingly sophisticated attacks are ubiquitous. Naturally, combatting AI-powered threats is top of mind among security professionals, but many worry about whether their capabilities are up to the challenge.

AI-powered threats at scale: no longer hypothetical

AI-driven threats share signature characteristics. They operate at speed and scale. Automated tools can probe multiple attack paths, search for multiple vulnerabilities and send out a barrage of phishing emails, all within seconds. The ability to attack everywhere at once, at a pace that no human operator could sustain, is the hallmark of an AI-powered threat. AI-powered threats are also dynamic. They can adapt their behavior to spread across a network more efficiently or rewrite their own code to evade detection.

Security teams are seeing the signs that they’re fighting AI-powered threats at every stage of the kill chain, and the sophistication of these threats is testing their resolve and their resources.

  • 73% say that AI-powered cyber threats are having a significant impact on their organization
  • 92% agree that these threats are forcing them to upgrade their defenses
  • 87% agree that AI is significantly increasing the sophistication and success rate of malware
  • 87% say AI is significantly increasing the workload of their security operations team

These teams now confront a challenge unlike anything they’ve seen before in their careers, and the risks are compounding across workflows, tools, data, and identities. It’s no surprise that 66% of security professionals say their role is more stressful today than it was five years ago, or that 47% report feeling overwhelmed at work.

Up all night: Security professionals’ worry list is long

Traditional security methods were never built to handle the complexity and subtlety of AI-driven behavior. Working in the trenches, defenders have deep firsthand experience of how difficult it can be to detect and stop AI-assisted threats.

Increasingly effective social engineering attacks are among their top concerns. 50% of security leaders mentioned hyper-personalized phishing campaigns as one of their biggest worries, while 40% voiced apprehension about deepfake voice fraud. These concerns are legitimate: AI-generated phishing emails are increasingly tailored to individual organizations, business activities, or individuals. Gone are the telltale signs – like grammar or spelling mistakes – that once distinguished malicious communications. Notably, 33% of the malicious emails Darktrace observed in 2025 contained over 1,000 characters, indicating probable LLM usage.

Security leaders also worry about how bad actors can leverage AI to make attacks even faster and more dynamic. 45% listed automated vulnerability scanning and exploit chaining among their biggest concerns, while 40% mentioned adaptive malware.

Confidence is lacking

Protecting against AI demands capabilities that many organizations have not yet built. It requires interpreting new indicators, uncovering the subtle intent within interactions, and recognizing when AI behavior – human or machine – could be suspicious. Leaders know that their current tools aren’t prepared for this. Nearly half don’t feel confident in their ability to defend against AI-powered attacks.

We’ve asked participants in our survey about their confidence for the last three years now. In 2024, 60% said their organizations were not adequately prepared to defend against AI-driven threats. Last year, that percentage shrunk to 45%, a possible indicator that security programs were making progress. Since then, however, the progress has apparently stalled. 46% of security leaders now feel inadequately prepared to protect their organizations amidst the current threat landscape.

Some of these differences are accentuated across different cultures. Respondents in Japan are far less confident (77% say they are not adequately prepared) than respondents in Brazil (where only 21% don’t feel prepared).

Where security programs are falling short

It’s no longer the case that cybersecurity is overlooked or underfunded by executive leadership. Across industries, management recognizes that AI-powered threats are a growing problem, and insufficient budget is near the bottom of most CISO’s list of reasons that they struggle to defend against AI-powered threats.  

It’s the things that money can’t buy – experience, knowledge, and confidence – that are holding programs back. Near the top of the list of inhibitors that survey participants mention is “insufficient knowledge or use of AI-driven countermeasures.” As bad actors embrace AI technologies en masse, this challenge is coming into clearer focus: attack-centric security tools, which rely on static rules, signatures, and historical attack patterns, were never designed to handle the complexity and subtlety of AI-driven attacks. These challenges feel new to security teams, but they are the core problems Darktrace was built to solve.  

Our Self-Learning AI develops a deep understanding of what “normal” looks like for your organization –including unique traffic patterns, end user habits, application and device profiles – so that it can detect and stop novel, dynamic threats at the first encounter. By focusing on learning the business, rather than the attack, our AI can keep pace with AI-powered threats as they evolve.

Explore the full State of AI Cybersecurity 2026 report for deeper insights into how security leaders are responding to AI-driven risks.

Learn more about securing AI in your enterprise.

[related-resource]

Continue reading
About the author
The Darktrace Community

Blog

/

Email

/

April 24, 2026

Email-Borne Cyber Risk: A Core Challenge for the CISO in the Age of Volume and Sophistication

Default blog imageDefault blog image

The challenge for CISOs

Despite continuous advances in security technologies, humans continue to be exploited by attackers. Credential abuse and social actions like phishing are major factors, accounting for around 60% of all breaches. These attacks rely less on technical vulnerabilities and more on exploiting human behavior and organizational processes. 

From my perspective as a former CISO, protecting humans concentrates three of today’s most pressing challenges: the sheer volume of email-based threats, their increasing sophistication, and the limitations of traditional employee awareness programs in moving the needle on risk. 

My personal experience of security awareness training as a CISO

With over 20 years’ experience as an ICT and Cybersecurity leader across various international organizations, I’ve seen security awareness training (SAT) in many guises. And while the cyber landscape is evolving in every direction, the effectiveness of SAT is reaching a plateau.  

Most programs I’ve seen follow a familiar pattern. Training is delivered through a combination of eLearning modules and internal sessions designed to reinforce IT policies. Employees are typically required to complete a slide deck or video, followed by a multiple-choice quiz. Occasional phishing simulations are distributed throughout the year.

The content is often static and unpersonalized, based on known threats that may already be outdated. Every employee regardless of role or risk exposure receives the same training and the same simulated phishing templates, from front-desk staff to the CEO.

The problem with traditional SAT programs

The issue with the approach to SAT outlined above is that the distribution of power is imbalanced. Humans will always be fallible, particularly when faced with increasingly sophisticated attacks. Providing generic, low-context training risks creating false confidence rather than genuine resilience. Let’s look at some of the problems in detail.

Timing and delivery

Employees today operate under constant cognitive load, making lots of rapid decisions every day to reduce their email volumes. Yet if employees are completing training annually, or on an ad hoc basis, it becomes a standalone occurrence rather than a continuous habit.  

As a result, retention is low. Employees often forget the lessons within weeks, a phenomenon known as the ‘Ebbinghaus Forgetting Curve.’

The graph illustrates that when you first learn something, the information disappears at an exponential rate without retention. In fact, according to the curve, you forget 50% of all new information within a day, and 90% of all new information within a week.  

Simultaneously, most training is conducted within a separate interface. Because it takes place away from the actual moment of decision-making, the "teachable moment" is lost. There is a cognitive disconnect between the action (clicking a link in Outlook) and the education (watching a video in a browser). 

People

In the context of professional risk management, the risks faced by different users are different. Static learning such as everyone receiving the same ‘Password Reset’ email doesn’t help users prepare for the specific threats they are likely to face. It also contributes to user fatigue, driven by repetitive training. And if users receive tests at the same time, news spreads among colleagues, hurting the efficacy of the test.  

Staff turnover introduces further risk. In many organizations, new employees gain access to systems before receiving meaningful training, reducing onboarding to little more than policy acknowledgment.

Measuring success

In my experience, solutions are standalone, without any correlation to other tools in the security stack. In some cases, the programs are delivered by HR rather than the security team, creating a complete silo.  

As a result, SAT is often perceived as a compliance exercise rather than a capability building function. The result is that poor-quality training does little to reduce the likelihood of compromise, regardless of completion rates or quiz performance.

What a modern SAT solution should look like

For today’s CISO, email represents the convergence point of high-volume, high-impact, and human-centric threats. Despite significant security investments, it remains one of the most difficult channels to secure effectively. Given these constraints, CISOs must evolve their approach to SAT.

Success lies in a balanced strategy one that combines advanced technology, attack surface reduction, and pragmatic user enablement, without over-relying on human vigilance as the final line of defense.

This means moving beyond traditional SAT toward continuous, contextual awareness, realistic simulations, and tight integration with security outcomes.

Three requirements for a modern SAT solution

  • Invisible protection: The optimum security solution is one that assists users without impeding their experience. The objective is to enhance human capabilities, rather than simply delivering a lecture. 
  • Real-time feedback: Rather than a monthly quiz, the ideal system would provide a prompt or warning when a user is about to engage with something suspicious. 
  • Positive culture: Shifting the focus away from a "gotcha" culture, which is a contributing factor to a resentment, and instead empowers employees to serve as "sensors" for the company. 

Discover how personalized security coaching can strengthen your human layer and make your email defenses more resilient. Explore Darktrace / Adaptive Human Defense.

Continue reading
About the author
Karim Benslimane
VP, Field CISO
Your data. Our AI.
Elevate your network security with Darktrace AI