in Security

Darktrace AI stops Emotet trojan cyber-attack

Posted 24 February 2022 · Add Comment

Cambridge based Darktrace announced today that its Autonomous Response technology, Antigena, successfully took action to halt a recent cyber-attack targeting a construction supply enterprise in Saudi Arabia.

Image copyright Shutterstock

The company, which has been in business for over 50 years and has over 35 branches, was infiltrated by attackers in the early hours of the morning. Darktrace's Self-Learning AI spotted that a company device was compromised by Emotet, an infamous trojan that rapidly spreads malware from device to device, exfiltrating sensitive financial information. Emotet, which had defeated static security controls in the organisation, is often the pre-cursor to ransomware if left uninterrupted.

Within minutes, Darktrace AI took action to successfully block malicious communications occurring between the infected device and an unusual host.

Self-Learning AI formed a constantly evolving understanding of both IT and operational technologies at the Saudi Arabian construction giant, allowing it to identify the subtle, emerging signs of Emotet. Within seconds, the algorithms took targeted action to interrupt the encroaching attack. This allowed the organisation to continue normal business operations without disruption and investigate the incident further.

The attack occurred amidst rising global cyber tensions and follows warnings from the Five Eyes urging companies to bolster defenses – particularly operators of critical national infrastructure or organisations that are critical to global supply chains.

"Since its emergence in 2014 the Emotet trojan has undergone multiple iterations and recently made a comeback globally," commented Max Heinemeyer, Director of Threat Hunting at Darktrace. "Emotet is particularly dangerous because this type of botnet can quickly escalate into something like ransomware if not stopped. Business leaders should know there is technology out there that can stop these attacks in their tracks, before sensitive data leaves the organization and before any ransom is demanded."



* required field

Post a comment

Other Stories
Latest News

Serco acquires Sapienza

Serco Group plc has entered into an agreement to acquire Sapienza Group, from TP Group plc, to expand its offering to the European space sector.

Menzies Aviation renews Air Canada contract at Heathrow

Menzies Aviation today announced it has renewed a significant ground services contract with Air Canada at Heathrow Airport (LHR) and won new business at Copenhagen Airport (CPH).

Views sought to boost security of UK data centres and cloud services

Looking to strengthen security and resilience of UK’s data infrastructure to protect against outages and national security threats, the Government has announced it is seeking views on how to boost the security and resilience of

UK Government to host AFF22 onboard HMS Prince of Wales in New York

On 28th-29th September, the UK Government will host the Atlantic Future Forum (AFF22) on the aircraft carrier HMS Prince of Wales in New York, bringing together senior politicians, policymakers, military leaders, academia, business

Stay ahead of the airplane

Neil Ballinger, head of EMEA at EU Automation, looks at ways of stepping up to the challenges currently facing aerospace supply chains.

Airbus launches UK ZEDC

Airbus is strengthening its presence in the UK with the launch of a Zero Emission Development Centre (ZEDC) for hydrogen technologies, to be based in Filton, Bristol.

ODU SK0105310522
See us at
Advanced Engin BT2504031122DVD BT2704220922Future Arm Vehicles Active Protection Systems BTFuture Arm Vehicles Power Systems BTFuture Armoured Vehicles Weapon Systems BT