Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide
  • Home
  • /
  • Security
  • /
  • Laboratory thwarts insider threat with Darktrace AI

Security

Laboratory thwarts insider threat with Darktrace AI

A leading laboratory specialising in vitro diagnostics has successfully stopped an insider threat with the help of Darktrace's self-learning AI.

Image courtesy Darktrace

The company, which has laboratories, offices and distribution centres in over 100 countries worldwide and more than 3,000 employees, specialises in the research, development and manufacturing of innovative in vitro diagnostic tests for disease, conditions and infections. The organisation uses Darktrace's detect, respond and investigate capabilities to defend against in-progress attacks at the early-stages.

Advertisement
Teledyne

Powered by Self-Learning AI, Darktrace technology develops an understanding of normal operations for the company. From this understanding it can then autonomously interrupt in-progress attacks at every stage from the initial entry with sophisticated spearphishing emails to brute-forced remote desktop protocol (RDP), command-and-control, and lateral movement, all without business disruption.

In one instance, Darktrace's Self-Learning AI detected an internal device communicating with the Tor network via an intermediary web service. Tor is an open-source privacy network that enables anonymous web browsing by guiding data traffic through different servers, located all over the world. Whilst it is not wholly malicious, it can be associated with the browsing of non-business or even illegal content.

The device was connecting with a darknet forum relating to the pharmaceutical market. Given that no other device within the organisation had visited the Tor network in the past, Darktrace AI flagged this to the security team as out-of-the-ordinary. With the AI taking care of early detection and making micro-level decisions the security team were uplifted and able to make important decisions that required business context.

The internal security team later found that this was likely an insider looking to sell proprietary intellectual property or even medical supplies on the darknet.

"Malicious or compromised insiders can be difficult to identify because their privileged access and knowledge of company workings allows them to evade detection by traditional security tools," commented Toby Lewis, Global Head of Threat Analysis, Darktrace. "In order to protect intellectual property from insider threat, organizations need to augment security teams with AI-powered technology to stop malicious activity in real time at the moment of detection."

Advertisement
ODU RT

 

 

Advertisement
Babcock LB
Met makes arrest milestone using LFR

Security

Met makes arrest milestone using LFR

10 July 2025

More than 1,000 wanted criminals have now been arrested by the Metropolitan Police Service using Live Facial Recognition (LFR), including paedophiles, rapists and violent robbers.

NCA arrest four for cyber attacks on M&S, Co-op and Harrods

Security

NCA arrest four for cyber attacks on M&S, Co-op and Harrods

10 July 2025

Four people have been arrested in the UK this morning as part of a National Crime Agency (NCA) investigation into cyber attacks targeting M&S, Co-op and Harrods.

Metis to supply Skyperion to NATO ally

Defence Security

Metis to supply Skyperion to NATO ally

10 July 2025

Metis has won a contract to supply a number of Skyperion drone detection systems to a NATO customer to provide the drone detect function as part of an integrated Counter Uncrewed Air Systems (C-UAS) capability.

Serco appoints Keith Williams as Chair

Aerospace Defence Security Space

Serco appoints Keith Williams as Chair

4 July 2025

Serco has appointed Keith Williams to the Board as a Non-Executive Director and Chair designate.

Advertisement
DSEI 2025
Boeing appoints Stephen Parker as CEO of BDS

Defence Security Space

Boeing appoints Stephen Parker as CEO of BDS

3 July 2025

Boeing has appointed Stephen (Steve) Parker as president and chief executive officer of its Defense, Space & Security (BDS) business, effective immediately.

Lancashire aims at advancing cyber-enabled defence and security

Defence Security Events

Lancashire aims at advancing cyber-enabled defence and security

3 July 2025

Over 200 senior business leaders, investors, policymakers and academics from across the UK gathered this week at the Lancashire Cyber Festival to discuss Lancashire’s opportunity to become a global leader in cyber-enabled defence and security.

Advertisement
Teledyne