Darktrace’s artificial intelligence stops a cyberattack at an Italian electronics distributor
CAMBRIDGE, England, Feb. 17, 2022 /PRNewswire/ — Darktrace, a global leader in AI for cybersecurity, today announced that its autonomous response technology, Antigena, has successfully taken action to stop an exploitative cyberattack. a GitLab vulnerability for the purpose of running crypto-mining malware at a major Italian electronics distributor.
The well-reported GitLab vulnerability allows attackers to execute arbitrary commands, including the ability to delete, modify, and exfiltrate private source code. The research found that more than 6 months after a patch for the vulnerability was released, more than 30,000 publicly accessible GitLab servers remained unpatched and open for exploitation. The attacks have been opportunistic, indiscriminate and automated.
Powered by self-learning AI, Darktrace technology develops an understanding of normal business operations for every organization, enabling them to detect anomalous activity. Based on this understanding, Antigena was able to make micro-decisions and autonomously quarantine infected devices, preventing lateral movement of the suspected cryptojacking threat actor – all without business interruption. With the CISO absent and not expected to return for two weeks, compounded by the presence of a small security team, without autonomous response technology, the attack would have escalated, causing disruption that would have impacted financially and on the company reputation. Although the attacker was caught using the GitLab vulnerability to mine cryptocurrency, exploiting this vulnerability could have served as a first step to a more destructive ransomware attack or lead to intellectual property theft.
Darktrace reports that every minute, of every day, its Autonomous Response technology prevents a threat from escalating and is able to act within seconds.
Darktrace (DARK:L), a global leader in cybersecurity AI, provides world-class technology that protects over 6,500 customers worldwide against advanced threats, including ransomware, cloud and SaaS attacks. Darktrace’s fundamentally different approach applies self-learning AI to enable machines to understand the business in order to defend it autonomously. Based in Cambridge, UK, Darktrace has over 1,700 employees and over 30 offices worldwide. Darktrace was named one of TIME magazine’s “Most Influential Companies” for 2021.