in Security

Darktrace AI fends off phishing attack on North American private equity firm

Posted 21 April 2022 · Add Comment

Darktrace today announced that its AI-powered email security solution, Antigena Email, recently uncovered a targeted phishing attack at a North American private equity firm.

Image courtesy Darktrace

The company, which manages over 150 restaurants across the US, was trialling Darktrace’s Self-Learning AI when the attack took place. Intending to bolster email security, the company had deployed Darktrace’s email security solution, Antigena Email, which had learned the ‘normal’ email communications of every user within the organisation in order to detect the abnormalities associated with an email threat.

The attack, which slipped past the company’s existing security controls, started when an employee received an email appearing to originate from internal ‘HR’. The email had been carefully designed to look like a SharePoint Microsoft document and was titled ‘Q3 Commission 2021 and Agenda’, an attempt to induce the recipient into clicking on a malicious link.

Detecting that the IP address of the email was unusual, Darktrace AI identified this as spoofing activity and further investigation suggested it was part of a wider trend of targeted phishing campaigns at the time which used fake Microsoft branding. These attacks are often launched with the intention of causing operational disruption or conducting IP and financial theft.

The company’s security team were alerted and issued company-wide warnings about the attack, averting a crisis. Had Antigena Email been deployed in fully autonomous mode, it would have double-locked the malicious links to ensure they were not clickable.

“Email impersonation attacks have been on the rise for a number of years – these are hyperrealistic ‘digital fakes’ that expertly mimic the writing style of trusted contacts, colleagues and suppliers,” commented Mike Beck, Darktrace’s Global CISO. “We simply cannot put the onus on humans to spot these well-researched, targeted email attacks and that’s why it is crucial that organisations have AI in place as a first line of defense – capable of detecting the subtle signs of a fake and intervening before a user even has to engage with the email. This is the future of email security.”



* required field

Post a comment

Other Stories
Latest News

Serco acquires Sapienza

Serco Group plc has entered into an agreement to acquire Sapienza Group, from TP Group plc, to expand its offering to the European space sector.

Menzies Aviation renews Air Canada contract at Heathrow

Menzies Aviation today announced it has renewed a significant ground services contract with Air Canada at Heathrow Airport (LHR) and won new business at Copenhagen Airport (CPH).

Views sought to boost security of UK data centres and cloud services

Looking to strengthen security and resilience of UK’s data infrastructure to protect against outages and national security threats, the Government has announced it is seeking views on how to boost the security and resilience of

UK Government to host AFF22 onboard HMS Prince of Wales in New York

On 28th-29th September, the UK Government will host the Atlantic Future Forum (AFF22) on the aircraft carrier HMS Prince of Wales in New York, bringing together senior politicians, policymakers, military leaders, academia, business

Stay ahead of the airplane

Neil Ballinger, head of EMEA at EU Automation, looks at ways of stepping up to the challenges currently facing aerospace supply chains.

Airbus launches UK ZEDC

Airbus is strengthening its presence in the UK with the launch of a Zero Emission Development Centre (ZEDC) for hydrogen technologies, to be based in Filton, Bristol.

Future Armoured Vehicles Weapon Systems
See us at
DVD BT2704220922Future Armoured Vehicles Weapon Systems BTFuture Arm Vehicles Active Protection Systems BTFuture Arm Vehicles Power Systems BTAdvanced Engin BT2504031122