Press Release
Updated statement regarding LockBit claims
We have completed a thorough security investigation following yesterday’s tweets by LockBit claiming they had compromised Darktrace’s internal systems. We can confirm that there has been no compromise of our systems or any of our affiliate systems. Our service to our customers remains uninterrupted and is operating as normal and no further action is required.
Press Release
Statement regarding LockBit claims
Earlier this morning we became aware of tweets from LockBit, the cyber-criminal gang, claiming that they had compromised Darktrace’s internal security systems and had accessed our data. Our security teams have run a full review of our internal systems and can see no evidence of compromise. None of the LockBit social media posts link to any compromised Darktrace data. We will continue to monitor the situation extremely closely, but based on our current investigations we are confident that our systems remain secure and all customer data is fully protected.
Press Release
Darktrace Detects Malware Botnet Infection in Leading Financial Services Company
Darktrace Detects Malware Botnet Infection in Leading Financial Services Company
Darktrace, the leader in Enterprise Immune System technology, and Synoptek, an award-winning Managed IT Services Provider (MSP), have today announced the successful detection and remediation of a large-scale malware infection in a leading financial institution’s network.
Due to the sensitive nature of their data and the stringent regulatory environment within which they operate, financial institutions are consistently targeted by threat actors. In addition, this particular organization lacked a dedicated and robust security team. To meet these challenges, the financial institution deployed Darktrace’s Enterprise Immune System to detect and defend against pernicious cyber-threats. It also turned to a leading MSP, Synoptek, to assist with threat investigation and analysis.
A few weeks after deploying Darktrace’s self-learning technology, the AI algorithms alerted the financial institution to a serious anomaly in its network. Eight VoIP devices were spotted reaching out for new databases which contained the ShellShock vulnerability, a form of malware predominantly associated with DDoS attacks that performs stealthy scans of the network. The unpatched devices were managed by a third-party service provider who failed to maintain the appropriate patch levels.
As a result, the internet-connected phones had been compromised and brought into the fold of a large and sophisticated botnet army. Thanks to the complete visibility into the financial institution’s network enabled by Darktrace’s AI technology, the customer was able to identify more than 60 other devices that were vulnerable to compromise. The Enterprise Immune System uncovered the emerging threat within minutes. Once the attack had been identified and neutralized, the customer was able to rely on Synoptek’s expertise to remediate any impacted devices. Additionally, Synoptek helped the customer craft new security policies that third party service providers must adhere to when providing services containing IoT devices to the company.
Powered by unsupervised machine learning, the Enterprise Immune System is capable of learning ‘self’ for corporate networks. Darktrace’s AI algorithms uniquely establish a ‘pattern of life’ for every network, device, and user without the use of rules, signatures, or prior assumptions of ‘bad’, thus allowing companies to detect never-seen-before threats. Darktrace’s autonomous response technology, Antigena, completes the platform by taking immediate, precise and proportionate action, buying back the time for security teams and their MSPs.
Financial services organizations remain a top target for sophisticated cyber attacks, but some of these boutique firms often do not have the resources and processes to detect anomalies within their networks,” commented Tim Britt, CEO, Synoptek. “Synoptek and Darktrace, which provides a truly game-changing AI technology, have partnered to provide continuous operational processes that leverage a great technology to improve IT security operations and achieve a more mature cyber security strategy.”
Across our 2,500 deployments, we spot and stop malicious infections every day,” commented Justin Fier, Director of Cyber Intelligence and Analytics, Darktrace. “Without the company’s use of Darktrace’s AI technology, it would lack even the basic visibility required for identifying this insidious threat, as it was emerging. Our partnership with Synoptek’s invaluable MSP program has allowed for companies that lack a robust security team to efficiently identify and investigate serious in-progress cyber-threats before they can do real damage.”
About Synoptek
Synoptek offers IT consulting, managed services, cloud services, and on-premise IT management as well as 24/7 end user support for improving business results. With over 525 employees and more than 2,000 active customers in the United States and abroad, Synoptek provides comprehensive information technology management services and support. Synoptek leverages ITIL service management processes, customer-focused IT architecture, and operational excellence to deliver uninterrupted services demanded by today’s market. Over the past four years, Synoptek has been consistently recognized for thought leadership and growth as confirmed by industry awards and recognition including a #4 Total-Service-Provider by MSPmentor in the World’s Top Managed Service Providers in 2016, CRN’s Elite 150 Managed Service Providers, and recognition on the Talkin’ Cloud Top 100 Cloud Service Providers list for 2014, 2015, and 2016. For more information, visit www.synoptek.com.
About Darktrace
About Darktrace
Darktrace is the world’s leading machine learning company for cyber security. Created by mathematicians from the University of Cambridge, the Enterprise Immune System uses AI algorithms to automatically detect and take action against cyber-threats within all types of networks, including physical, cloud and virtualized networks, as well as IoT and industrial control systems. A self-configuring platform, Darktrace requires no prior set-up, identifying advanced threats in real time, including zero-days, insiders and stealthy, silent attackers. Headquartered in San Francisco and Cambridge, UK, Darktrace has 23 offices worldwide.