Press Release
Updated statement regarding LockBit claims
We have completed a thorough security investigation following yesterday’s tweets by LockBit claiming they had compromised Darktrace’s internal systems. We can confirm that there has been no compromise of our systems or any of our affiliate systems. Our service to our customers remains uninterrupted and is operating as normal and no further action is required.
Press Release
Statement regarding LockBit claims
Earlier this morning we became aware of tweets from LockBit, the cyber-criminal gang, claiming that they had compromised Darktrace’s internal security systems and had accessed our data. Our security teams have run a full review of our internal systems and can see no evidence of compromise. None of the LockBit social media posts link to any compromised Darktrace data. We will continue to monitor the situation extremely closely, but based on our current investigations we are confident that our systems remain secure and all customer data is fully protected.
Press Release
Darktrace Artificial Intelligence Autonomously Stops Consequences of Fast-Moving Cyber-Attack at Major Italian Electronics Distributor
Darktrace Artificial Intelligence Autonomously Stops Consequences of Fast-Moving Cyber-Attack at Major Italian Electronics Distributor
Darktrace, a global leader in cyber security AI, today announced that its Autonomous Response technology, Antigena, successfully took action to stop a cyber-attack exploiting a GitLab vulnerability for the purposes of running crypto-mining malware at a major Italian electronics distributor.
The GitLab vulnerability, which has been well reported, allows attackers to run arbitrary commands, including the ability to delete, modify, and exfiltrate private source code. Research revealed that over six months after a patch for the vulnerability was released, over 30,000 publicly accessible GitLab servers remained unpatched and open to exploitation. The attacks have been opportunistic, indiscriminate and automated.
Powered by Self-Learning AI, Darktrace technology develops an understanding of normal business operations for each organization which allows it to spot abnormal activity. From this understanding, Antigena was able to make micro-decisions and autonomously quarantine the infected devices, preventing lateral movement of the suspected cryptojacking threat actor – all without business disruption. With the CISO out of office and not due to return for another two weeks, compounded by having a small security team, without autonomous response technology the attack would have escalated causing disruption that would have impacted the company financially and reputationally. Though the attacker was caught using the GitLab vulnerability to mine cryptocurrency, the exploitation of this vulnerability could have served as the first stage of a more destructive ransomware attack, or resulted in the theft of intellectual property.
Darktrace reports that every minute, of every day, its Autonomous Response technology stops a threat from escalating and it is capable of taking action in seconds.