Press Release
Updated statement regarding LockBit claims
We have completed a thorough security investigation following yesterday’s tweets by LockBit claiming they had compromised Darktrace’s internal systems. We can confirm that there has been no compromise of our systems or any of our affiliate systems. Our service to our customers remains uninterrupted and is operating as normal and no further action is required.
Press Release
Statement regarding LockBit claims
Earlier this morning we became aware of tweets from LockBit, the cyber-criminal gang, claiming that they had compromised Darktrace’s internal security systems and had accessed our data. Our security teams have run a full review of our internal systems and can see no evidence of compromise. None of the LockBit social media posts link to any compromised Darktrace data. We will continue to monitor the situation extremely closely, but based on our current investigations we are confident that our systems remain secure and all customer data is fully protected.
Press Release
Darktrace Extends Autonomous Response to Enforce Normal Behavior on Endpoints
Darktrace Extends Autonomous Response to Enforce Normal Behavior on Endpoints
Darktrace, a global leader in cyber security AI, today announced that its Autonomous Response technology now takes action on the endpoint – rounding out the Darktrace Antigena product family, which already includes coverage for SaaS applications, cloud, email, network, and Operational Technology (OT).
Endpoints have moved farther outside traditional infrastructure and have started housing even more sensitive data. As a result, CISOs and security professionals have been left grappling with the complexities of protecting their organizations and dynamic workers in the wake of flexible work arrangements and the dawn of the ‘Great Resignation’.
A novel approach to this challenge could be to augment security teams with AI that learns on the job how this flexible, dynamic workforce is working. Irregularity of endpoint activity can be continuously re-evaluated, and subtle, indiscernible actions can be taken that allow productive work to continue while stopping only threatening activity.
Antigena Endpoint does just that. It detects anomalous activity and intelligently makes micro-decisions based on unusual activity, such as out-of-the-ordinary initial file downloads and data exfiltration attempts, command and control traffic or lateral movement that might represent a cyber-threat. It uses various techniques to interrupt attacks on Mac, Windows, and Linux devices, including data leaks, ransomware and insider threats.
Contextual awareness gained from other parts of the digital estate is also beneficial in stopping endpoint attacks. For example, in the case of Antigena Email and Antigena Endpoint deployed together, the precision of response is enhanced by the more nuanced understanding of new and expected senders across all endpoint and email activity. A brand-new sender soliciting an employee into making a bank transaction on its own might warrant action. But, with the added information that the website has no prior relevancy to the organization, the increased context would solidify the case and alter the system’s response.
“Antigena Endpoint is the evolution of Darktrace’s platform that I have anticipated and been excited about most. It truly is a game-changer and gets straight to the heart of what our customers need right now,” said Mike Beck, Darktrace’s Global Chief Information Security Officer. “The reassurance that Darktrace can not only detect the early signs of attacks but now also take action on all employee endpoints is more important than ever before.”