8th Mar 2017CIO
6 Emerging Cyber-Threats You Didn’t See in the News
As an industry, the constant stream of cyber-attacks in the news can be overwhelming. It seems like every day we see front-page headlines announcing defaced websites or massive data breaches.
But what about the attacks that never make the news?
Here at Darktrace, our worldwide deployments find early-stage threats every day. While these developing threats never make the headlines, they often emerge in fascinating and unexpected ways.
Here’s a selection of what we’ve found for our customers:
This company used network-connected fingerprint scanners, allowing the attacker to use Telnet connections and default credentials to gain access. There were strong indicators that the attacker was able to breach other servers from.
Using a backdoor Trojan Horse, the attacker used six external computers to collect data from the camera, presumably in an attempt to steal video from confidential meetings.
Using random, algorithmically-generate websites, the attackers tried to plant incriminating evidence on the network by generating illegal web activity.
To gain entry, the attacker used DNS servers — an essential capability for internet communication, though rarely used for information transfer.
After penetrating the SCADA energy network, the attacker tried to establish a remote control link by using access codes listed as factory defaults online.
Using a fake email, the attacker claimed to have an invoice from a legitimate supplier. The attached pdf contacted a server in Ukraine and downloaded malware attempting to encrypt the non-profit’s network.
Our ‘immune system’ technology caught each attack at an extremely early stage, giving us a rare look at how modern threats are able to bypass legacy systems. Traditional security solutions can only detect attacks with pre-determined signatures. But in each case, threat-actors used signature-less attacks to blend into the noise of the network.
By harnessing the power of unsupervised machine learning, the Enterprise Immune System learned ‘normal’ for each of these networks, and detected the threats as anomalous behaviour. Our threat analysts then determined the nature of the attack and counselled the organization to take appropriate action.
If you’re interested in learning the full story behind these emerging cyber-threats, check out Darktrace’s full Global Threat Case Studies report.
Justin Fier, Director of Cyber Intelligence, Darktrace.
You have missed out some details, please try again.