Darktrace AI Stops Cyber-Attack Exploiting Log4j Vulnerability at Global Financial Services Provider
Darktrace, a global leader in cyber security AI, announced that a global provider of financial services recently detected and stopped an attacker attempting to leverage a vulnerability in Log4j to deploy malicious code across the organization.
The company, which has total assets of over $5 Billion and operates across several continents, uses Darktrace’s Self-Learning AI to detect and respond to cyber-threats at machine speed across the digital estate. By constantly evolving its understanding of the company’s ‘normal’ operations, the AI is able to spot the subtle signs of emerging threats and autonomously interrupt in-progress attacks.
Recommended AI News: Smarsh Announces Availability in AWS Marketplace
In early March, Darktrace’s AI detected that a Virtual Desktop Infrastructure (VDI) server at the company was behaving unusually, downloading a shell script from a suspicious external endpoint. The attacker had exploited a Log4j vulnerability for initial access and was attempting to use the server to conduct network reconnaissance and perform lateral movement activity.
The attack prompted the organization to activate Darktrace’s Autonomous Response technology, Antigena, which was able to contain the threat in seconds without interrupting regular business activity on the VDI server. The company has now set Antigena to constant ‘Active Mode’, whereby the AI can independently and intelligently take action to interrupt emerging attacks.
Recommended AI News: Viakoo Extends Zero Trust to IoT Through Automation With New Device Certificate Manager
Without the intervention of Darktrace AI, the attacker would have broadened their presence within the organization and would have been able to deploy ransomware or exfiltrate sensitive data.
“High impact vulnerabilities like Log4j allow cyber-attackers to compromise systems with little effort, and responding quickly is absolutely crucial,” said Max Heinemeyer, VP of Cyber Innovation at Darktrace. “Without complete visibility over the organization and a machine speed response using powerful technology like AI, security teams would be fighting a losing battle when it comes to these sophisticated attacks. In this instance, the AI contained the attack in the nick of time – ensuring that the company did not suffer financial or reputational damage.”
Recommended AI News: IBM Gives Control to Businesses for Securing Data in Hybrid, Multicloud Environments
[To share your insights with us, please write to sghosh@martechseries.com]
Comments are closed.