Darktrace Artificial Intelligence Stops Cyberattack at Italian Electronics DistributorDarktrace Artificial Intelligence Stops Cyberattack at Italian Electronics Distributor
Vulnerability allows attackers to run arbitrary commands, including the ability to delete, modify, and exfiltrate private source code.
February 17, 2022
CAMBRIDGE, England, Feb. 17, 2022 /PRNewswire/ -- Darktrace, a global leader in cyber security AI, today announced that its Autonomous Response technology, Antigena, successfully took action to stop a cyber-attack exploiting a GitLab vulnerability for the purposes of running crypto-mining malware at a major Italian electronics distributor.
The GitLab vulnerability, which has been well reported, allows attackers to run arbitrary commands, including the ability to delete, modify, and exfiltrate private source code. Research revealed that over 6 months after a patch for the vulnerability was released, over 30,000 publicly accessible GitLab servers remained unpatched and open to exploitation. The attacks have been opportunistic, indiscriminate and automated.
Powered by Self-Learning AI, Darktrace technology develops an understanding of normal business operations for each organization which allows it to spot abnormal activity. From this understanding, Antigena was able to make micro-decisions and autonomously quarantine the infected devices, preventing lateral movement of the suspected cryptojacking threat actor – all without business disruption. With the CISO out of office and not due to return for another two weeks, compounded by having a small security team, without autonomous response technology the attack would have escalated causing disruption that would have impacted the company financially and reputationally. Though the attacker was caught using the GitLab vulnerability to mine cryptocurrency, the exploitation of this vulnerability could have served as the first stage of a more destructive ransomware attack, or resulted in the theft of intellectual property.
Darktrace reports that every minute, of every day, its autonomous response technology stops a threat from escalating and it is capable of taking action in seconds.
Darktrace (DARK:L), a global leader in cyber security AI, delivers world-class technology that protects over 6,500 customers worldwide from advanced threats, including ransomware and cloud and SaaS attacks. Darktrace's fundamentally different approach applies Self-Learning AI to enable machines to understand the business in order to autonomously defend it. Headquartered in Cambridge, UK, Darktrace has over 1,700 employees and over 30 offices worldwide. Darktrace was named one of TIME magazine's "Most Influential Companies" for 2021.
Tricks to Boost Your Threat Hunting GameNov 06, 2023
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
The Evolving Ransomware Threat: What Business Leaders Should Know About Data Leakage
2021 Gartner Market Guide for Managed Detection and Response Report
Managed Security and the 3rd Party Cyber Risk Opportunity Whitepaper