Press Release
Updated statement regarding LockBit claims
We have completed a thorough security investigation following yesterday’s tweets by LockBit claiming they had compromised Darktrace’s internal systems. We can confirm that there has been no compromise of our systems or any of our affiliate systems. Our service to our customers remains uninterrupted and is operating as normal and no further action is required.
Press Release
Statement regarding LockBit claims
Earlier this morning we became aware of tweets from LockBit, the cyber-criminal gang, claiming that they had compromised Darktrace’s internal security systems and had accessed our data. Our security teams have run a full review of our internal systems and can see no evidence of compromise. None of the LockBit social media posts link to any compromised Darktrace data. We will continue to monitor the situation extremely closely, but based on our current investigations we are confident that our systems remain secure and all customer data is fully protected.
Press Release
Darktrace AI Stops Emotet Trojan Cyber-Attack at Saudi Arabian Construction Supply Giant
Darktrace AI Stops Emotet Trojan Cyber-Attack at Saudi Arabian Construction Supply Giant
Darktrace, a global leader in cyber security AI, today announced that its Autonomous Response technology, Antigena, successfully took action to halt a recent cyber-attack targeting a construction supply enterprise in Saudi Arabia.
The company, which has been in business for over 50 years and has over 35 branches, was infiltrated by attackers in the early hours of the morning. Darktrace’s Self-Learning AI spotted that a company device was compromised by Emotet, an infamous trojan that rapidly spreads malware from device to device, exfiltrating sensitive financial information. Emotet, which had defeated static security controls in the organization, is often the precursor to ransomware if left uninterrupted.
Within minutes, Darktrace AI took action to successfully block malicious communications occurring between the infected device and an unusual host.
Self-Learning AI formed a constantly evolving understanding of both IT and operational technologies at the Saudi Arabian construction giant, allowing it to identify the subtle, emerging signs of Emotet. Within seconds, the algorithms took targeted action to interrupt the encroaching attack. This allowed the organization to continue normal business operations without disruption, and investigate the incident further.
The attack occurred amidst rising global cyber tensions and follows warnings from the Five Eyes urging companies to bolster defenses – particularly operators of critical national infrastructure or organizations that are critical to global supply chains.
“Since its emergence in 2014 the Emotet trojan has undergone multiple iterations and recently made a comeback globally,” commented Max Heinemeyer, Director of Threat Hunting at Darktrace. “Emotet is particularly dangerous because this type of botnet can quickly escalate into something like ransomware if not stopped. Business leaders should know there is technology out there that can stop these attacks in their tracks, before sensitive data leaves the organization and before any ransom is demanded.”