ブログ
/
Network
/
July 26, 2024

Understanding the WarmCookie Backdoor Threat

Discover effective strategies for disarming the WarmCookie backdoor and securing your systems against this persistent threat.
Written by
Justin Torres
Cyber Analyst
Inside the SOC
Darktrace cyber analysts are world-class experts in threat intelligence, threat hunting and incident response, and provide 24/7 SOC support to thousands of Darktrace customers around the globe. Inside the SOC is exclusively authored by these experts, providing analysis of cyber incidents and threat trends, based on real-world experience in the field.
Written by
Justin Torres
Cyber Analyst
Default blog image
26
Jul 2024

What is WarmCookie malware?

WarmCookie, also known as BadSpace [2], is a two-stage backdoor tool that provides functionality for threat actors to retrieve victim information and launch additional payloads. The malware is primarily distributed via phishing campaigns according to multiple open-source intelligence (OSINT) providers.

Backdoor malware: A backdoor tool is a piece of software used by attackers to gain and maintain unauthorized access to a system. It bypasses standard authentication and security mechanisms, allowing the attacker to control the system remotely.

Two-stage backdoor malware: This means the backdoor operates in two distinct phases:

1. Initial Stage: The first stage involves the initial infection and establishment of a foothold within the victim's system. This stage is often designed to be small and stealthy to avoid detection.

2. Secondary Stage: Once the initial stage has successfully compromised the system, it retrieves or activates the second stage payload. This stage provides more advanced functionalities for the attacker, such as extensive data exfiltration, deeper system control, or the deployment of additional malicious payloads.

How does WarmCookie malware work?

Reported attack patterns include emails attempting to impersonate recruitment firms such as PageGroup, Michael Page, and Hays. These emails likely represented social engineering tactics, with attackers attempting to manipulate jobseekers into engaging with the emails and following malicious links embedded within [3].

This backdoor tool also adopts stealth and evasion tactics to avoid the detection of traditional security tools. Reported evasion tactics included custom string decryption algorithms, as well as dynamic API loading to prevent researchers from analyzing and identifying the core functionalities of WarmCookie [1].

Before this backdoor makes an outbound network request, it is known to capture details from the target machine, which can be used for fingerprinting and identification [1], this includes:

- Computer name

- Username

- DNS domain of the machine

- Volume serial number

WarmCookie samples investigated by external researchers were observed communicating over HTTP to a hardcoded IP address using a combination of RC4 and Base64 to protect its network traffic [1]. Ultimately, threat actors could use this backdoor to deploy further malicious payloads on targeted networks, such as ransomware.

Darktrace Coverage of WarmCookie

Between April and June 2024, Darktrace’s Threat Research team investigated suspicious activity across multiple customer networks indicating that threat actors were utilizing the WarmCookie backdoor tool. Observed cases across customer environments all included the download of unusual executable (.exe) files and suspicious outbound connectivity.

Affected devices were all observed making external HTTP requests to the German-based external IP, 185.49.69[.]41, and the URI, /data/2849d40ade47af8edfd4e08352dd2cc8.

The first investigated instance occurred between April 23 and April 24, when Darktrace detected a a series of unusual file download and outbound connectivity on a customer network, indicating successful WarmCookie exploitation. As mentioned by Elastic labs, "The PowerShell script abuses the Background Intelligent Transfer Service (BITS) to download WarmCookie and run the DLL with the Start export" [1].

Less than a minute later, the same device was observed making HTTP requests to the rare external IP address: 185.49.69[.]41, which had never previously been observed on the network, for the URI /data/b834116823f01aeceed215e592dfcba7. The device then proceeded to download masqueraded executable file from this endpoint. Darktrace recognized that these connections to an unknown endpoint, coupled with the download of a masqueraded file, likely represented malicious activity.

Following this download, the device began beaconing back to the same IP, 185.49.69[.]41, with a large number of external connections observed over port 80.  This beaconing related behavior could further indicate malicious software communicating with command-and-control (C2) servers.

Darktrace’s model alert coverage included the following details:

[Model Alert: Device / Unusual BITS Activity]

- Associated device type: desktop

- Time of alert: 2024-04-23T14:10:23 UTC

- ASN: AS28753 Leaseweb Deutschland GmbH

- User agent: Microsoft BITS/7.8

[Model Alert: Anomalous File / EXE from Rare External Location]

[Model Alert: Anomalous File / Masqueraded File Transfer]

- Associated device type: desktop

- Time of alert: 2024-04-23T14:11:18 UTC

- Destination IP: 185.49.69[.]41

- Destination port: 80

- Protocol: TCP

- Application protocol: HTTP

- ASN: AS28753 Leaseweb Deutschland GmbH

- User agent: Mozilla / 4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;.NET CLR 1.0.3705)

- Event details: File: http[:]//185.49.69[.]41/data/b834116823f01aeceed215e592dfcba7, total seen size: 144384B, direction: Incoming

- SHA1 file hash: 4ddf0d9c750bfeaebdacc14152319e21305443ff

- MD5 file hash: b09beb0b584deee198ecd66976e96237

[Model Alert: Compromise / Beaconing Activity To External Rare]

- Associated device type: desktop

- Time of alert: 2024-04-23T14:15:24 UTC

- Destination IP: 185.49.69[.]41

- Destination port: 80

- Protocol: TCP

- Application protocol: HTTP

- ASN: AS28753 Leaseweb Deutschland GmbH  

- User agent: Mozilla / 4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;.NET CLR 1.0.3705)

Between May 7 and June 4, Darktrace identified a wide range of suspicious external connectivity on another customer’s environment. Darktrace’s Threat Research team further investigated this activity and assessed it was likely indicative of WarmCookie exploitation on customer devices.

Similar to the initial use case, BITS activity was observed on affected devices, which is utilized to download WarmCookie [1]. This initial behavior was observed with the device after triggering the model: Device / Unusual BITS Activity on May 7.

Just moments later, the same device was observed making HTTP requests to the aforementioned German IP address, 185.49.69[.]41 using the same URI /data/2849d40ade47af8edfd4e08352dd2cc8, before downloading a suspicious executable file.

Just like the first use case, this device followed up this suspicious download with a series of beaconing connections to 185.49.69[.]41, again with a large number of connections via port 80.

Similar outgoing connections to 185.49.69[.]41 and model alerts were observed on additional devices during the same timeframe, indicating that numerous customer devices had been compromised.

Darktrace’s model alert coverage included the following details:

[Model Alert: Device / Unusual BITS Activity]

- Associated device type: desktop

- Time of alert: 2024-05-07T09:03:23 UTC

- ASN: AS28753 Leaseweb Deutschland GmbH

- User agent: Microsoft BITS/7.8

[Model Alert: Anomalous File / EXE from Rare External Location]

[Model Alert: Anomalous File / Masqueraded File Transfer]

- Associated device type: desktop

- Time of alert: 2024-05-07T09:03:35 UTC  

- Destination IP: 185.49.69[.]41

- Protocol: TCP

- ASN: AS28753 Leaseweb Deutschland GmbH

- Event details: File: http[:]//185.49.69[.]41/data/2849d40ade47af8edfd4e08352dd2cc8, total seen size: 72704B, direction: Incoming

- SHA1 file hash: 5b0a35c574ee40c4bccb9b0b942f9a9084216816

- MD5 file hash: aa9a73083184e1309431b3c7a3e44427  

[Model Alert: Anomalous Connection / New User Agent to IP Without Hostname]

- Associated device type: desktop

- Time of alert: 2024-05-07T09:04:14 UTC  

- Destination IP: 185.49.69[.]41  

- Application protocol: HTTP  

- URI: /data/2849d40ade47af8edfd4e08352dd2cc8

- User agent: Microsoft BITS/7.8  

[Model Alert: Compromise / HTTP Beaconing to New Endpoint]

- Associated device type: desktop

- Time of alert: 2024-05-07T09:08:47 UTC

- Destination IP: 185.49.69[.]41

- Protocol: TCP

- Application protocol: HTTP  

- ASN: AS28753 Leaseweb Deutschland GmbH  

- URI: /  

- User agent: Mozilla / 4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;.NET CLR 1.0.3705) \

Cyber AI Analyst Coverage Details around the external destination, ‘185.49.69[.]41’.
Figure 1: Cyber AI Analyst Coverage Details around the external destination, ‘185.49.69[.]41’.
External Sites Summary verifying the geographical location of the external IP, 185.49.69[.]41’.
Figure 2: External Sites Summary verifying the geographical location of the external IP, 185.49.69[.]41’.

Fortunately, this particular customer was subscribed to Darktrace’s Proactive Threat Notification (PTN) service and the Darktrace Security Operation Center (SOC) promptly investigated the activity and alerted the customer. This allowed their security team to address the activity and begin their own remediation process.

In this instance, Darktrace’s Autonomous Response capability was configured in Human Confirmation mode, meaning any mitigative actions required manual application by the customer’s security team.

Despite this, Darktrace recommended two actions to contain the activity: blocking connections to the suspicious IP address 185.49.69[.]41 and any IP addresses ending with '69[.]41', as well as the ‘Enforce Pattern of Life’ action. By enforcing a pattern of life, Darktrace can restrict a device (or devices) to its learned behavior, allowing it to continue regular business activities uninterrupted while blocking any deviations from expected activity.

Actions suggested by Darktrace to contain the emerging activity, including blocking connections to the suspicious endpoint and restricting the device to its ‘pattern of life’.
Figure 3: Actions suggested by Darktrace to contain the emerging activity, including blocking connections to the suspicious endpoint and restricting the device to its ‘pattern of life’.

Conclusion

Backdoor tools like WarmCookie enable threat actors to gather and leverage information from target systems to deploy additional malicious payloads, escalating their cyber attacks. Given that WarmCookie’s primary distribution method seems to be through phishing campaigns masquerading as trusted recruitments firms, it has the potential to affect a large number of organizations.

In the face of such threats, Darktrace’s behavioral analysis provides organizations with full visibility over anomalous activity on their digital estates, regardless of whether the threat bypasses by human security teams or email security tools. While threat actors seemingly managed to evade customers’ native email security and gain access to their networks in these cases, Darktrace identified the suspicious behavior associated with WarmCookie and swiftly notified customer security teams.

Had Darktrace’s Autonomous Response capability been fully enabled in these cases, it could have blocked any suspicious connections and subsequent activity in real-time, without the need of human intervention, effectively containing the attacks in the first instance.

Credit to Justin Torres, Cyber Security Analyst and Dylan Hinz, Senior Cyber Security Analyst

Appendices

Darktrace Model Detections

- Anomalous File / EXE from Rare External Location

- Anomalous File / Masqueraded File Transfer  

- Compromise / Beacon to Young Endpoint  

- Compromise / Beaconing Activity To External Rare  

- Compromise / HTTP Beaconing to New Endpoint  

- Compromise / HTTP Beaconing to Rare Destination

- Compromise / High Volume of Connections with Beacon Score

- Compromise / Large Number of Suspicious Successful Connections

- Compromise / Quick and Regular Windows HTTP Beaconing

- Compromise / SSL or HTTP Beacon

- Compromise / Slow Beaconing Activity To External Rare

- Compromise / Sustained SSL or HTTP Increase

- Compromise / Sustained TCP Beaconing Activity To Rare Endpoint

- Anomalous Connection / Multiple Failed Connections to Rare Endpoint

- Anomalous Connection / New User Agent to IP Without Hostname

- Compromise / Sustained SSL or HTTP Increase

AI Analyst Incident Coverage:

- Unusual Repeated Connections

- Possible SSL Command and Control to Multiple Endpoints

- Possible HTTP Command and Control

- Suspicious File Download

Darktrace RESPOND Model Detections:

- Antigena / Network / External Threat / Antigena Suspicious File Block

- Antigena / Network / External Threat / Antigena Suspicious File Pattern of Life Block

List of IoCs

IoC - Type - Description + Confidence

185.49.69[.]41 – IP Address – WarmCookie C2 Endpoint

/data/2849d40ade47af8edfd4e08352dd2cc8 – URI – Likely WarmCookie URI

/data/b834116823f01aeceed215e592dfcba7 – URI – Likely WarmCookie URI

4ddf0d9c750bfeaebdacc14152319e21305443ff  - SHA1 Hash  – Possible Malicious File

5b0a35c574ee40c4bccb9b0b942f9a9084216816  - SHA1 Hash – Possiblem Malicious File

MITRE ATT&CK Mapping

(Technique Name) – (Tactic) – (ID) – (Sub-Technique of)

Drive-by Compromise - INITIAL ACCESS - T1189

Ingress Tool Transfer - COMMAND AND CONTROL - T1105

Malware - RESOURCE DEVELOPMENT - T1588.001 - T1588

Lateral Tool Transfer - LATERAL MOVEMENT - T1570

Web Protocols - COMMAND AND CONTROL - T1071.001 - T1071

Web Services - RESOURCE DEVELOPMENT - T1583.006 - T1583

Browser Extensions - PERSISTENCE - T1176

Application Layer Protocol - COMMAND AND CONTROL - T1071

Fallback Channels - COMMAND AND CONTROL - T1008

Multi-Stage Channels - COMMAND AND CONTROL - T1104

Non-Standard Port - COMMAND AND CONTROL - T1571

One-Way Communication - COMMAND AND CONTROL - T1102.003 - T1102

Encrypted Channel - COMMAND AND CONTROL - T1573

External Proxy - COMMAND AND CONTROL - T1090.002 - T1090

Non-Application Layer Protocol - COMMAND AND CONTROL - T1095

References

[1] https://www.elastic.co/security-labs/dipping-into-danger

[2] https://www.gdatasoftware.com/blog/2024/06/37947-badspace-backdoor

[3] https://thehackernews.com/2024/06/new-phishing-campaign-deploys.html

執筆者
Justin Torres
Cyber Analyst
Inside the SOC
Darktrace cyber analysts are world-class experts in threat intelligence, threat hunting and incident response, and provide 24/7 SOC support to thousands of Darktrace customers around the globe. Inside the SOC is exclusively authored by these experts, providing analysis of cyber incidents and threat trends, based on real-world experience in the field.
Written by
Justin Torres
Cyber Analyst

中国系APTキャンペーン、アップデートされたFDMTPバックドアで企業を狙う

Network
May 14, 2026
Tara Gould
Malware Research Lead
Watch the NIS2 Webinar
よく読まれているブログ
1
ダークトレース、2026年度Gartner® CPS Protection Platforms部門のMagic Quadrant™ において唯一のVisionaryの評価を受ける
Mar 20, 2026
2
How Empowering End Users can Improve Your Email Security and Decrease the Burden on the SOC
May 8, 2024
3
Elevating Network Security: Confronting Trust, Ransomware, & Novel Attacks
Jun 21, 2024
4
The State of AI in Cybersecurity: Unveiling Global Insights from 1,800 Security Practitioners
Apr 9, 2024
5
The State of AI in Cybersecurity: The Impact of AI on Cybersecurity Solutions
May 13, 2024

More in this series

No items found.
さらに読む
Network
May 21, 2026

Darktrace named a Leader in the 2026 Gartner® Magic Quadrant™ for Network Detection and Response (NDR) For the Second Consecutive Year

Darktrace has been named a Leader in the 2026 Gartner® Magic Quadrant™ for Network Detection and Response (NDR) for the second consecutive year. We believe this reflects continued execution in NDR, ongoing AI innovation, and strong outcomes delivered for customers globally.
Mikey Anderson
Product Marketing Manager, Network Detection & Response
Read more
Network
May 19, 2026

When Open Source Is Weaponized: Analysis of a Trojanized 7 Zip Installer

Attackers abused a trojanized 7‑Zip installer distributed via a typo‑squatted domain to establish proxyware infections worldwide. This blog analyzes how social engineering, trusted open‑source software, and stealthy command‑and‑control activity enabled widespread compromise, highlighting the importance of software validation, user awareness, and proactive network‑level detection.
Justin Torres
Cyber Analyst
Read more
Network
May 14, 2026

中国系APTキャンペーン、アップデートされたFDMTPバックドアで企業を狙う

ダークトレースの研究者はTwill Typhoonに関連するAPJ地域の顧客を標的とした中国系攻撃キャンペーンを特定しました。 観測されたアクティビティには、CDNなりすまし、正規のバイナリ、DLL サイドローディングによる .NET RATの展開が含まれていました。
Tara Gould
Malware Research Lead
Read more

Blog

/

Proactive Security

/

June 2, 2026

Stopping Stealth Attacks with Precision: How Núclea Prevented a Breach Without Disruption

Default blog imageDefault blog image

Núclea is a Brazilian data and technology company that supports the country’s financial system by delivering digital services exclusively to banks and financial institutions. Operating in an environment where trust, availability, and data integrity are critical, the company faces a threat landscape that has evolved rapidly—particularly with the rise of AI-driven cyberattacks.

Brazil has experienced a wave of successful cyber incidents targeting financial institutions, many of them enabled by insiders or compromised credentials. The result was a noticeable shift in attacker strategy: instead of focusing on end customers, threat actors began targeting the institutions and platforms that underpin the financial ecosystem itself.

“Attacks became far more directed and contextual,” explains Guilherme, who leads incident response within Núclea’s security platform engineering team. “They weren’t noisy or obviously malicious—they were precise, patient, and designed to blend into normal operations.”

That precision was on full display in January 2026, when Núclea faced one of the most convincing phishing attacks the team had seen.

A real attack, built on trust and context

The attack began with a seemingly routine email.

It was sent from a real Brazilian government institution, using legitimate infrastructure and valid credentials that were later confirmed to have been compromised. Núclea had an established, ongoing relationship with this organization, and the email’s language, tone, and subject matter aligned perfectly with the type of communication the recipient team handled every day.

Attached to the email was a PDF document containing content that looked entirely legitimate.

The problem? A single URL embedded inside that PDF.

“The message itself was correct. The sender was real. The context was familiar. Even the document content made sense,” Guilherme explains. “There was just one small element that didn’t belong.”

That small detail was enough to initiate a full attack chain.

What the attackers were trying to do

If clicked, the URL would have downloaded a malicious payload designed to:

  • Collect information about the user and device
  • Identify where the system was located within the financial ecosystem
  • Install remote access tools to maintain control
  • Deploy an infostealer to extract sensitive data
  • Execute anti-forensic scripts to erase traces of the intrusion

In other words, it was a carefully engineered operation designed for persistence and stealth, not immediate disruption.

The attack also employed urgency—a classic social engineering technique. When the link didn’t open as expected, employees requested assistance from the security team, insisting the document was important and needed to be accessed quickly.

This is precisely the kind of scenario where traditional security tools struggle: almost everything about the interaction is legitimate.

Where Darktrace made the difference

Instead of blocking the entire message or relying on known indicators of compromise, Darktrace focused on behavioral context.

Darktrace recognized:

  • That the sending organization was normally trusted
  • That the communication pattern matched historical behavior
  • That the PDF content itself was not suspicious

But it also identified that the URL embedded within the document deviated from established behavioral patterns.

Rather than disrupting business operations, Darktrace took precise action: it rewrote the URL, preventing the malicious download while leaving the rest of the email untouched.

“When we analyzed it afterward, it became clear how dangerous the attack would have been,” says Guilherme. “But it never progressed—because Darktrace acted at exactly the right point.”

Subsequent forensic analysis confirmed the payload’s malicious intent. The attack never succeeded.

Precision over disruption

For Núclea, this incident reinforced a critical lesson: modern attacks don’t always look malicious—they hide within normal activity.

“What stands out to me is the precision,” Guilherme says. “Darktrace doesn’t rely on big, obvious signals. It’s effective in situations that fall outside the standard patterns we all know.”

Building resilience in a high trust ecosystem

For Núclea, cybersecurity is not just a defensive measure—it’s a business enabler.

Availability failures or successful breaches in the financial ecosystem can have immediate, large-scale consequences, from financial loss to reputational damage. Preventing those outcomes protects not just Núclea, but its partners and customers as well.

“Cyber resilience means keeping the business running—even under attack,” Guilherme explains. “And that requires people, processes, and technology working together.”

As AI continues to accelerate both attacks and defenses, the role of security is evolving. Precision, behavioral understanding, and intelligent automation are no longer optional—they’re essential.

“The easy days were yesterday,” Guilherme says. “The challenges ahead are bigger. We need to be prepared—internally and with partners that help us build resilience.”

Continue reading
About the author

Blog

/

AI

/

June 1, 2026

効率化の裏にあるリスク:AI導入が製造現場にもたらす見えない脆弱性

Default blog imageDefault blog image

AIエージェントが製造業に与える影響

製造業界のセキュリティチームやIT担当者は、生産を守り、稼働時間を維持し、重要資産を保護するという絶え間ないプレッシャー下にあります。そしてAIは非常に大きなチャンスとともに、新たなサイバーリスクももたらしています。製造業全体で、AIはワークフローや意思決定に組み込まれつつあり、自律型AIエージェントが従業員やシステムに代わって行動する場面が増えています。

エージェント型システムは独立して行動できるため強力ですが、その同じ自律性がサイバーリスク、運用上のリスクも生み出します。エージェントは広範な権限を持ち、複雑なタスクの実行、意思決定、ツールや外部システムとのやり取りを、ほとんどまたは全く人間の介入なしに行うことができます。

あらかじめ定義されたタスクを実行する従来のAIモデルとは異なり、AIエージェントは高度なテクニックを使用して人間の意思決定プロセスを模倣することにより、新たな課題に動的に適応し、また自らの判断に基づいて意思決定し、アクションを実行します。彼らは業務の上では従業員のように見えますが、人間が持つ判断力、倫理観、または行動の結果に対する恐れが欠けています。これは、サイバー犯罪者によって簡単に操られる可能性があることを意味しており、OTネットワーク全体に埋め込まれたAIエージェントは、データ漏洩をはるかに超える脅威を生み出します。たとえば、BMWでは、AI は溶接プロセスのエラーの発生を識別するのに使われています。同社のスパータンバーグ(米サウスカロライナ州)の工場では、すべてのSUVフレーム上の300-400個のスタッドの溶接をAIが監視し、スタッドの配置間違いや欠陥を検知し直ちに修正します。このAIシステムが破損すれば壊滅的な品質管理問題につながる恐れがあります。

製造全体にエージェント型AIシステムを導入することについて多くのセキュリティチームはさまざまな懸念を示しています。ダークトレースの行ったAIサイバーセキュリティの現状調査では、製造業のセキュリティプロフェッショナルの78%が従業員によるAIエージェントの利用に懸念を抱いており、これは彼らの最も大きな危惧でした。それに続く問題点が従業員によるCopilotやChatGPT等の生成AIツールの使用であり、製造業のセキュリティプロフェッショナルの76%が懸念を抱いていました。これらのツールがますます多くのビジネスデータやプロセスにアクセスし、組織内でより多くの自律性を持つようになるにつれ、エージェントのアクティビティがほとんど可視化されていない現在、セキュリティチームにおいては機密データの露出(60%)や偶発的なポリシーおよび規制違反(59%)への懸念が高まっています。

外部からのAIによる脅威も急激に進化

製造業を変革しているのと同じAIの能力が、サイバー攻撃の形も変貌させています。

AIにより攻撃者は偵察を自動化し、標的をより高度に絞り込み、リアルタイムで適応できるようになっています。かつては人手による作業と時間を要していたことが、今では継続的かつ大規模に実行できるようになりました。そして、製造業はすでにその影響を実感しています。当社が調査した製造業のセキュリティプロフェッショナルの76%は、すでにAIを活用した脅威の影響を受けており、90%がAIによってソーシャルエンジニアリング攻撃の成功率が高まっていると回答しています。

また、攻撃のテクニック自体も進化しています。製造業界全体で、AIを利用した攻撃の経路の多様化に対する懸念が高まっています。特にリアルタイムで進化する適応型マルウェアについて、調査対象の製造業のセキュリティプロフェッショナルの半数近く(49%)が懸念しており、これは全産業の平均よりも9%高い数値です。AIを使った適応型マルウェアに続くその他の懸念には次が含まれます:

  • 自動化された脆弱性スキャンとエクスプロイトチェイニング(48%):Anthropicの新しいMythos AIモデルにより脆弱性探索が深刻化する中で、この問題は一層差し迫ったものとなっています。
  • 超パーソナライズされたフィッシングキャンペーン(46%):フィッシングは依然としてハッカーの主力兵器の1つであり、AIによってフィッシングメールはより説得力が高く検知困難なものとなり、その効果は増幅されました。

これは単に攻撃の量の増加だけでなく、攻撃の展開につれて静的な防御が対応できるよりも速く進化する脅威への変化なのです。

こうした認識が高まっているにもかかわらず、製造業の多くはまだこの変化に対応する準備ができていません。半数以上(51%)がAI駆動の脅威への準備が十分にできていないと回答し、AIの導入を管理する正式なポリシーを持っている組織はわずか37%でした。  

可視性、コンテキスト、およびガードレールを通じてAIのセキュリティを確保

これらの問題に対処するためにAIイノベーションを遅らせる必要はありません。それには、AIと同じスピードと規模で動作できる、これまでとは異なるアプローチのセキュリティが必要です。具体的には、製造業がAIの力を活用する上で、次の3つの優先課題が浮上しています。

可視性はすべての土台  

AIがどこで使用されているか、何にアクセスできるか、そしてITおよびOT環境にわたってどのように動作するかを理解する必要があります。それがなければ、リスクを測定したり管理したりすることはできません。ダークトレースの調査において、製造業のセキュリティプロフェッショナルの91%が、AIを信頼する前に、それがどのように意思決定を行うかを理解する必要があると回答したのは当然のことです。OT環境においてこのことはさらに重要です。稼働の中断は安全や環境、財務、および評判に大きな影響を及ぼすからです。

可視性をアクションにつなげるにはコンテキストが必要  

AIによって形作られる環境において、正常とされる挙動は絶えず変化します。つまり、脅威を検知するにはビヘイビアベースのアプローチが必要なのです。組織全体で生活パターンを理解し、わずかな逸脱をリアルタイムに検知すること- これは従来のセキュリティとリスク管理に対するアプローチからの根本的な変化です。

エージェントからの露出を防ぐガードレール  

AIシステムがより大きな責任を担うようになるなかで、組織はAIが何をできるか、そしていつ独立して行動できるかについて、明確な境界を設ける必要があります。これらのコントロールは何かがあってから適用されるのではなく、システム自体に組み込んでおかなければなりません。  

製造業のITおよびOT環境におけるAIエージェントのセキュリティ

エージェント型AIの出現は製造業を変革し、次世代のオペレーションを支える一方で、脅威ランドスケープも一変させています。これは単なる脅威の増加ではなく、自律型システムへの移行、挙動の絶え間ない変化、そしてマシンスピードで進行するリスクです。AIを活用しつつリスクを管理するという課題に取り組む組織にとって、可視性、コンテキスト、ガードレールはセキュリティの基盤となります。

Darktraceはこの基盤を実現することにより、製造業の安全なAIアプローチ構築を支援します。ITおよびOT環境全体を可視化し、異常なアクティビティに対するリアルタイムの検知および対応を提供することにより、従業員が使用するプロンプトや構築するエージェントから、それらのエージェントの環境全体での動作に至るまで、AIアクティビティの理解を可能にします。これにより、AIの導入を拡大する製造業はコントロールを犠牲にすることなくイノベーションの基盤を構築することができます。

Continue reading
About the author
Dr. Oakley Cox-Robinson
Senior Director of Product
あなたのデータ × DarktraceのAI
唯一無二のDarktrace AIで、ネットワークセキュリティを次の次元へ