CIO Influence
CIO Influence News Security

Darktrace AI Stops Cyber-Attack Exploiting Log4j Vulnerability At Global Financial Services Provider

Darktrace AI Stops Cyber-Attack Exploiting Log4j Vulnerability At Global Financial Services Provider

Darktrace, a global leader in cyber security AI, announced that a global provider of financial services recently detected and stopped an attacker attempting to leverage a vulnerability in Log4j to deploy malicious code across the organization.

Top iTechnology Cloud News: Wasabi Technologies Becomes Official Cloud Storage Partner of the Boston Bruins and TD Garden

The company, which has total assets of over $5bn and operates across several continents, uses Darktrace’s Self-Learning AI to detect and respond to cyber-threats at machine speed across the digital estate. By constantly evolving its understanding of the company’s ‘normal’ operations, the AI is able to spot the subtle signs of emerging threats and autonomously interrupt in-progress attacks.

In early March, Darktrace’s AI detected that a Virtual Desktop Infrastructure (VDI) server at the company was behaving unusually, downloading a shell script from a suspicious external endpoint. The attacker had exploited a Log4j vulnerability for initial access and was attempting to use the server to conduct network reconnaissance and perform lateral movement activity.

Top iTechnology Drones News: Terra Drone Raises $70 Million in Series B Funding to Accelerate Growth and Worldwide Adoption of Unmanned Aircraft System Traffic Management (UTM) and Urban Air Mobility (UAM) solutions

The attack prompted the organization to activate Darktrace’s Autonomous Response technology, Antigena, which was able to contain the threat in seconds without interrupting regular business activity on the VDI server. The company has now set Antigena to constant ‘Active Mode’, whereby the AI can independently and intelligently take action to interrupt emerging attacks.

Without the intervention of Darktrace AI, the attacker would have broadened their presence within the organization and would have been able to deploy ransomware or exfiltrate sensitive data.

“High impact vulnerabilities like Log4j allow cyber-attackers to compromise systems with little effort, and responding quickly is absolutely crucial,” said Max Heinemeyer, VP of Cyber Innovation at Darktrace. “Without complete visibility over the organization and a machine speed response using powerful technology like AI, security teams would be fighting a losing battle when it comes to these sophisticated attacks. In this instance, the AI contained the attack in the nick of time – ensuring that the company did not suffer financial or reputational damage.”

Top iTechnology Computer Vision News: Data-as-Code Co. Datagen Secures $50 Million in Series B Funding Led by Scale Venture Partners

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

Waverley Labs Launches RESILIANT Essential To Zero Trust Model

CIO Influence News Desk

Arctic Wolf Introduces New Innovations to Its Industry-Leading Security Operations Platform to Support Organizations in New Hybrid Work Era

Teklink International Inc. Launches Cloud Nucleus an Innovative Cloud IaaS Support Service To Solve Companies

CIO Influence News Desk

Leave a Comment