Darktrace, a global leader in cyber security AI, announced that a global provider of financial services recently detected and stopped an attacker attempting to leverage a vulnerability in Log4j to deploy malicious code across the organization.
Top iTechnology Cloud News: Wasabi Technologies Becomes Official Cloud Storage Partner of the Boston Bruins and TD Garden
The company, which has total assets of over $5bn and operates across several continents, uses Darktrace’s Self-Learning AI to detect and respond to cyber-threats at machine speed across the digital estate. By constantly evolving its understanding of the company’s ‘normal’ operations, the AI is able to spot the subtle signs of emerging threats and autonomously interrupt in-progress attacks.
In early March, Darktrace’s AI detected that a Virtual Desktop Infrastructure (VDI) server at the company was behaving unusually, downloading a shell script from a suspicious external endpoint. The attacker had exploited a Log4j vulnerability for initial access and was attempting to use the server to conduct network reconnaissance and perform lateral movement activity.
Top iTechnology Drones News: Terra Drone Raises $70 Million in Series B Funding to Accelerate Growth and Worldwide Adoption of Unmanned Aircraft System Traffic Management (UTM) and Urban Air Mobility (UAM) solutions
The attack prompted the organization to activate Darktrace’s Autonomous Response technology, Antigena, which was able to contain the threat in seconds without interrupting regular business activity on the VDI server. The company has now set Antigena to constant ‘Active Mode’, whereby the AI can independently and intelligently take action to interrupt emerging attacks.
Without the intervention of Darktrace AI, the attacker would have broadened their presence within the organization and would have been able to deploy ransomware or exfiltrate sensitive data.
“High impact vulnerabilities like Log4j allow cyber-attackers to compromise systems with little effort, and responding quickly is absolutely crucial,” said Max Heinemeyer, VP of Cyber Innovation at Darktrace. “Without complete visibility over the organization and a machine speed response using powerful technology like AI, security teams would be fighting a losing battle when it comes to these sophisticated attacks. In this instance, the AI contained the attack in the nick of time – ensuring that the company did not suffer financial or reputational damage.”
Top iTechnology Computer Vision News: Data-as-Code Co. Datagen Secures $50 Million in Series B Funding Led by Scale Venture Partners
[To share your insights with us, please write to sghosh@martechseries.com]