Darktrace, the world leader in AI technology for cyber defense, has today announced that it detected and stopped a brute-force attack aimed at gaining control of an accounting firm’s network in Singapore. The pernicious threat bypassed the organization’s traditional security tools, but Darktrace’s AI technology foiled the attack before it could do damage.
Unbeknownst to the security team, the threat actor gained control of a key server that acted as a pivot point for network management. The attacker then attempted to connect to other computers and infiltrate them with malware, quite possibly with the goal of subduing the entire network and gaining unrestricted access to highly sensitive client data.
As soon as Darktrace’s self-learning technology was installed in the network, the AI algorithms detected a number of suspicious activities, including over 400,000 machine-speed login attempts to breach the key management console. Darktrace was able to immediately detect the attack as these anomalies marked a sharp departure from the normal ‘pattern of life’ on the network.
Because Darktrace’s machine learning technology does not rely on prior assumptions of what ‘bad’ looks like, but instead intelligently builds a sense of ‘self’ for the network, it understood that this server was behaving abnormally in comparison to other similar devices. The in-progress attack was detected and remediated swiftly, before it had inflicted damage.
“Time and again, we see attackers come up with new ways to bypass perimeter defenses,” said Dave Palmer, Director of Technology, Darktrace. “As old approaches to keeping threat actors off networks fail, artificial intelligence is increasingly recognized as a fundamental enabler for cyber defense. With a four-year head start in AI cyber, Darktrace is at the forefront of this shift, enabling organizations across all industry verticals to successfully detect and contain in-progress attacks in their nascent stages.”
Darktrace is the world’s leading machine learning company for cyber security. Created by mathematicians from the University of Cambridge, the Enterprise Immune System uses AI algorithms to automatically detect and take action against cyber-threats within all types of networks, including physical, cloud and virtualized networks, as well as IoT and industrial control systems. A self-configuring platform, Darktrace requires no prior set-up, identifying advanced threats in real time, including zero-days, insiders and stealthy, silent attackers. Headquartered in San Francisco and Cambridge, UK, Darktrace has 30 offices worldwide.