Darktrace, a global leader in cyber security artificial intelligence, and a Double Award Winner in the 2022 ‘ASTORS’ Homeland Security Awards Program, has released three new cyber threat trend reports disclosing 2022 attack data observed across its global customer fleet, pertaining to the energy, healthcare, and retail sectors.
“These industry-specific reports are the first of their kind released by Darktrace, representing an important effort to surface the data underpinning the rapidly evolving threat landscape that we are defending against,” explains Toby Lewis, Darktrace’s Global Head of Threat Analysis.
“The trends reveal crucial sector-specific challenges, from the tendency for hackers to siphon off the energy sector’s resources in the form of crypto-jacking*, through to the invaluable nature of patient data which leads to data exfiltration in the healthcare sector.”
“The surge in credential-based attacks across the retail sector reflects the fact that identity theft will be a key trend for 2023, increasing the need for AI-based behavioral analytics for understanding employee actions in rich context and authenticating the actions taken using certain credentials.”
Key Findings in Darktrace’s Energy Sector Report:
Amidst a global energy crisis, Darktrace’s energy sector report reveals that illegal crypto-mining threats, (events involving bad actors stealing energy and processing power from other devices and networks), are on the rise across the industry.
Notable Energy Sector Findings Include:
-
High-priority crypto-mining** accounted for 13 times more of all observed cyber incidents in the U.K. energy sector in 2022 compared to 2021.
-
High-priority crypto-mining accounted for three times more of all observed cyber incidents in the U.S. energy sector in 2022 compared to 2021.
The report divulges two real-world crypto-mining threat finds from a European and U.S. energy organization respectively, which were stopped by Darktrace’s AI technology.
In the first case, attackers were caught attempting to mass pool crypto-mining capabilities using five internal servers at the organization.
(Darktrace 6 gets you ‘loop ready’, regardless of where you are in your Cyber AI journey. Bringing PREVENT into the Cyber AI Loop, and with significant enhancements across DETECT and RESPOND, Darktrace 6 is now available to all customers. Courtesy of DArktrace and YouTube. Posted on Dec 9, 2022.)
Key Findings in Darktrace’s Retail Sector Report:
As online shopping remains popular, Darktrace’s retail sector report reveals that over the course of 2022, criminals increasingly turned toward credential theft, spoofing**, and stuffing*** to target this multi-billion-dollar industry’s online infrastructure.
Notable Retail Sector Findings Include:
-
Credential theft, spoofing, and stuffing accounted for over 170% more of all observed cyber incidents in the U.S. retail sector in 2022 compared to 2021.
-
Credential theft, spoofing, and stuffing accounted for over 14% more of all observed cyber incidents in the U.K. retail sector in 2022 compared to 2021.
-
Credential theft, spoofing, and stuffing accounted for over 70% more of all observed cyber incidents in the Australian retail sector in 2022 compared to 2021.
One threat found in the report from August 2022 details the discovery of a never-before-seen attack tool lying dormant inside a well-known U.K. automotive retailer.
Months before Darktrace had been adopted by the retailer, one of its devices had become infected with novel malware that lay dormant, establishing a foothold and waiting for the right time to launch an attack.
After deployment, Darktrace AI caught the malware when it made multiple authentication attempts using spoofed credentials for one of the organization’s security managers.
If successful, the attack could have undermined the organization’s entire security posture, allowing malicious software to gain control of the company’s infrastructure from within.
Key Findings in Darktrace’s Healthcare Sector Report:
Hospitals and other healthcare organizations are often viewed as a ‘soft target’ for cyber-criminals, with extremely rich data sources from which attackers can profit by selling patient information such as medical records, credit cards, and/or banking details.
Notable Healthcare Sector Findings Include:
-
Data exfiltration was one of the top 3 observed threats faced by healthcare providers globally, with organizations in the U.K. and Australia suffering an increased volume in 2022
-
The most common attack type observed across healthcare globally in 2022 was suspicious network scanning, a form of intelligence gathering which often constitutes the initial phase of a cyber-attack
This new report unveils a real-world sophisticated threat faced by U.S. healthcare providers in which a malicious PowerShell script***** was discovered to be deployed on one of the organization’s internal servers, an attempt to give bad actors remote control over the target network.
The threat was autonomously thwarted by Darktrace’s RESPOND™ technology before attackers could cause harm.
(From the initial phishing email to encryption of devices, see a hypothetical attack scenario and how Darktrace RESPOND neutralizes an intrusion using Autonomous Response technology. Courtesy oof DArktrace and YouTube. Posted on Apr 16, 2021.)
Darktrace delivers complete AI-powered solutions in its mission to free the world of cyber disruption.
Featuring breakthrough innovations from the Darktrace Cyber AI Research Centre in Cambridge, UK, and its R&D center in The Hague, The Netherlands, Darktrace has filed more than 115 patent applications and published significant research to contribute to the cyber security community.
(Darktrace’s technology vision is of a Cyber AI Loop, a system that improves cyber security and augments humans at every stage of an attack life cycle, from the pre-incident phase with PREVENT, to DETECT and RESPOND for an in-progress attack, and – coming in 2023 – HEAL, for the post-incident phase, after an attack has taken place. Courtesy of Darktrace and YouTube. Posted on Oct 24, 2022.)
Darktrace’s technology continuously learns and updates its knowledge of ‘you’ for an organization and applies that understanding to achieve an optimal state of cyber security.
Delivering the first Cyber AI Loop, it fuels a continuous end-to-end security capability that can autonomously prevent, detect, and respond to novel, in-progress threats in real time.
Darktrace was named one of TIME magazine’s ‘Most Influential Companies’ in 2021, employs over 2,100 worldwide, and protects over 7,700 organizations globally from advanced cyber threats.
The data pertains to January-October 2022 and is compared with the same period in 2021.
- *Cryptojacking is the act of hijacking a computer to mine cryptocurrencies against the users will, through websites, or while the user is unaware.
- **Bitcoin mining is the process by which new bitcoins are entered into circulation.
- ***Identity spoofing occurs when a scammer assumes the identity of another person/entity and uses that identity to commit fraud, by stealing credentials from people or businesses through password attacks and credential capture processes.
- ****Credential stuffing is the automated injection of stolen username and password pairs (credentials) into website login forms, to fraudulently gain access to user accounts.
- *****PowerShell is a task automation and configuration management program from Microsoft, consisting of a command-line shell and the associated scripting language.
Darktrace Takes Home Platinum & Gold in 2022 ‘ASTORS’ Cyber Homeland Security Awards
American Security Today’s Annual ‘ASTORS’ Awards is the preeminent U.S. Homeland Security Awards Program, and now entering it’s Eighth Year, continues to recognize industry leaders of Physical and Border Security, Cybersecurity, Emergency Preparedness – Management and Response, Law Enforcement, First Responders, as well as federal, state and municipal government agencies in the acknowledgment of their outstanding efforts to Keep our Nation Secure.
Darktrace (First of Two)
Best Cyber Critical Infrastructure Solution
-
Darktrace DETECT/OT
-
The increase in cyber-attacks from both cyber-criminals and nation-state actors jeopardizes the critical infrastructure and utilities on which society relies, presenting real-world threats to economic and national security. As seen from the attack on Colonial Pipeline, attacks now run at machine speed, outpacing human security teams’ ability to detect and respond to malicious activity.
-
Overwhelmed security teams can no longer keep up with the speed of cyber-attacks that threaten to shut down power grids and disrupt how we work. The boundaries of modern-day businesses are blurred, particularly with the convergence of IT and OT/ICS technologies due to increased remote working in industrial and manufacturing environments. Security teams in this space must defend an increasingly complex attack surface because of rapid digital transformation and an explosion in IoT.
-
For organizations operating critical infrastructure across all 16 sectors designated by the Cybersecurity and Infrastructure Security Agency, Darktrace Detect/OT (formerly the Darktrace Industrial Immune System), uses Self-learning AI to fill this critical gap. Darktrace’s Self-Learning AI offers security teams a breadth of contextual understanding and visibility, autonomously identifying and mitigating against these risks rather than just alerting these organizations that they are vulnerable.
-
At its core, Darktrace Detect/OT exists to deliver AI-powered technology that can autonomously defend these organizations that humans depend on in daily life from sophisticated, stealthy, and machine-speed cyber-attacks. This immune system technology uses Self-learning AI to understand ‘normal’ behavior for each unique business, detect anomalous events or behaviors, and build a robust and bespoke cyber-defense based on enforcing this ‘normal.”
-
Today, this ability for the machine to fight back is, on average, stopping ransomware within one second of detecting threatening activity. By stopping threats in their tracks, companies using Darktrace self-learning AI do not have to shut down systems for days on end and do not have to pay hefty ransoms to criminals.
(Darktrace co-founder Emily Orton discusses the risks associated with remote working and why AI is necessary to secure increasingly complex digital infrastructures, in this interview with The Telegraph. Courtesy of The Telegraph, Darktrace, and YouTube.)
-
Self-learning AI technology protects over 6,800 organizations – from renewable energy suppliers to education and healthcare providers – letting them focus on their respective goals. Darktrace technology sets it apart from not only every other cybersecurity solution on the market today but also from other approaches to AI.
Darktrace (Second of Two)
Best Cyber Security Solution
-
Darktrace RESPOND
-
Every other cyber company learns from historical attack data to stop known attacks from getting inside an organization.
-
Darktrace’s Self-Learning AI doesn’t rely on historical data. Instead, it analyzes and determines ‘normal’ behaviors for users and devices across a digital estate. By evolving its understanding to learn the businesses, not the breach, Darktrace is fundamentally different from other vendors.
-
Through its Autonomous Response technology Darktrace RESPOND (formerly Darktrace Antigena), Darktrace’s AI uses this understanding to identify anomalous behavior and interrupt attacks in real time before they escalate into a crisis and disrupt business operations.
-
From internet-connected machinery to email, endpoints, and SaaS applications, Darktrace can protect the entire business, wherever data lives. Darktrace RESPOND can enforce normal 24/7, whether the organization experiences an out-of-hours ransomware attack or an insider exfiltrating sensitive data. Darktrace globally responds to a threat every three seconds.
(From the initial phishing email through to the encryption of devices, see a hypothetical attack scenario and see how Darktrace RESPOND neutralizes an intrusion using Autonomous Response technology. Courtesy of Darktrace and YouTube.)
- Darktrace RESPOND can defend any technology in any environment. With coverage areas ranging from network to the cloud to email and SaaS, Darktrace RESPOND continues to augment the world’s ability to respond to complex and novel cyber-attacks.
-
With the critical visibility allowed by Self-learning AI, this autonomous response technology has recently been extended to protect endpoints and better integrate with Zero Trust architectures through partnerships with Microsoft and AWS.
-
Darktrace RESPOND intercepts complex, multi-step ransomware attacks, combatting malicious activity at machine speed, anywhere within an enterprise. In the wake of the ransomware breach of Colonial Pipeline, Darktrace protects customers from similarly damaging attacks across all 16 critical infrastructure sectors designated by the Cybersecurity and Infrastructure Security Agency.
As cyber-attacks get faster, more advanced, and more automated, security teams are overwhelmed and outpaced. Autonomous Response changes the stakes for defenders by giving security teams the ability to contain fast-moving threats, even when they are not in the office or online and cannot respond fast enough.
-
Darktrace’s AI does not replace human security teams – it augments them, giving them greater resources to focus on strategic tasks. It helps businesses make micro-decisions so humans can focus on higher-priority responsibilities.
-
*Darktrace is a Returning Competitor in the 2022 ‘ASTORS’ Homeland Security Awards Program, having secured a Win in the 2019 ‘ASTORS’ Awards Program.
Homeland Security remains at the forefront of our national conversation as we experience an immigration crisis along our southern border and crime rates that are dramatically higher than before the Pandemic across the United States.
These challenges have become a national priority with an influx of investments in innovative new technologies and systems.
Enter American Security Today, the #1 publication and media platform in the Government Security and Homeland Security fields, with a circulation of over 75,000 readers and many tens of thousands more who visit our AST website at www.americansecuritytoday.com each month.
The pinnacle of the Annual ‘ASTORS’ Awards Program is the Annual ‘ASTORS’ Awards Ceremony Luncheon Banquet, an exclusive, full-course plated meal event, in the heart of New York City.
This year’s exclusive sold-out ‘ASTORS’ luncheon featured representatives of law enforcement, public safety, and industry leaders who came together to honor the selfless service of those who stand on the front lines, and those who stand beside them – providing the capabilities and technologies to create a safer world for generations to come.
This year marks the 20th anniversary of the Department of Homeland Security (DHS), which came out in force, to discuss comprehensive collaborations between private and public sectors that have led to the development of intelligence and technologies which serve to protect our nation.
The continually evolving ‘ASTORS’ Awards Program emphasized the trail of Accomplished Women in Leadership in 2022, as well as the Significance and Positive Impact of Advancing Diversity and Inclusion in our Next Generation of Government and Industry Leaders.
The keynote address was provided by U.S. Customs and Border Protection (CBP) Office of Field Operations (OFO) Deputy Executive Assistant Commissioner (DEAC) Diane Sabatino, who described the changes to CBP through the tragedy of 9/11 and the relentless commitment to its mission and ongoing investment in the latest technologies and innovations to protect our borders and Homeland.
The resounding theme of the DEAC’s remarks was her pride in the women and men of the CBP and their families who support them.
AST was also joined by Legendary Police Commissioner William Bratton, who spoke, as always, about his love for the City of New York, the Profession of law enforcement to which he has dedicated his life, and for which he continues to drive thought leadership and innovation.
New York City Police Department (NYPD) Chief of Department Kenneth Corey, came out to address Luncheon attendees and shared some of his experiences and the changes in policing he’s witnessed over his more than three decades of service.
FDNY Chief Joseph Jardin honored the men and women of the FDNY, not only those who currently serve but all of those who have selflessly served, with a special recognition of those lost on 9/11.
Chief Jardin spoke about the continuing health battle of many following 9/11 with cancer and respiratory disease, yet now knowing the full consequences, would not have made a different decision to respond.
As Chief Jardin noted, mission-driven service is in the lifeblood of every firefighter, volunteer and sworn and has been so throughout the history of the Fire Service.
Former head of the FBI’s active shooter program, Katherine Schweit joined AST to sign complimentary copies of her book, ‘STOP THE KILLING: How to End the Mass Shooting Crisis,’ thanks to the generosity of our 2022 ‘ASTORS’ Awards Sponsors.
The 2022 ‘ASTORS’ Awards Program was Proudly Sponsored by NEC National Security Systems (NSS), ATI Systems, Automatic Systems of America, guardDog AI, Fortior Solutions, IPVideo Corporation, Rajant Corporation, RX Global, and SIMS Software!
We were pleased to welcome the esteemed New York City Fire Department (FDNY); the New York City Police Department (NYPD); and the NYC Hospital Police, as well as Executive Management from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), and many other DHS agencies, Federal law enforcement agencies, and private/public partnerships such as the National Association of Women Law Enforcement Executives (NAWLEE), the 30×30 Initiative, a coalition of professionals advancing the representation of women in policing; and Operation Lifesaver, Inc. (OLI) (rail safety advocates).
The prestigious Annual ‘ASTORS’ Homeland Security Awards Program highlights the most cutting-edge and forward-thinking security solutions coming onto the market today, to ensure our readers have the information they need to stay ahead of the competition and keep our Nation safe – one facility, street, and city at a time.
In 2022 over 240 distinguished guests representing Federal, State, and Local Governments, and Industry Leading Corporate Firms gathered from across North America, Europe, and the Middle East to be honored among their peers in their respective fields.
Each year, to keep our communities safe and secure, security dealers, installers, integrators, and consultants, along with corporate, government, and law enforcement/first responder practitioners, convene in New York City to network, learn and evaluate the latest technologies and solutions from premier exhibiting brands at ISC East, the Natural Disaster & Emergency Management Expo (NDEM EXPO), and the ASIS NYC Expo.
ISC East is the Northeast’s leading security & public safety event, hosted in collaboration with sponsor Security Industry Association (SIA) and in partnership with ASIS NYC.
Corporate firms, the majority of which return year to year to build upon their Legacy of Wins, include:
Advanced Detection Technologies, AMAROK, ATI Systems, Axis Communications, Automatic Systems, BriefCam, Canon U.S.A., Cellbusters, CornellCookson, CyberArk Fortior Solutions, guardDog.ai, Hanwha Techwin of America, High Rise Escape Systems, IPVideo Corporation, Konica Minolta Business Solutions, NEC National Security Systems, NICE Public Safety, OnSolve, PureTech Systems, Quantum Corporation, Rave Mobile Safety, Regroup Mass Notification, Robotic Assistance Devices, Rajant Corporation, SafeLogic, Select Engineering Services LLC, Singlewire Software, SolarWinds Worldwide, Teledyne FLIR, Valor Systems, and West Virginia American Access Control Systems, just to name a few!
Why American Security Today?
The traditional security marketplace has long been covered by a host of publications putting forward the old-school basics to what is Today – a fast-changing security landscape.
American Security Today is uniquely focused on the broader Homeland Security & Public Safety marketplace with over 75,000 readers at the Federal, State, and local levels of government as well as firms allied to the government.
American Security Today brings forward a fresh compelling look and read with our customized digital publications that hold readers’ eyes throughout the story with cutting-edge editorial that provides solutions to their challenges.
Harness the Power of the Web – with our 100% Mobile Friendly Publications
AST Digital Publications are distributed to over 75,000 qualified government and homeland security professionals, in federal, state, local, and private security sectors.
‘PROTECTING OUR NATION, ONE CITY AT A TIME’
AST Reaches both Private & Public Experts, which is essential to meeting these new challenges.
Today’s new generation of public safety and security experts need real-time knowledge to deal with domestic and international terrorism, lone wolf attacks, unprecedented urban violence, shifts in society, culture, and media bias – making it increasingly difficult for Homeland Security, Law Enforcement, First Responders, Military and Private Security Professionals to implement coordinated security measures to ensure national security and improve public safety.
These experts are from Government at the federal, state, and local levels as well as from private firms allied to the government.
AST provides a full plate of topics in our AST Monthly Magazine Editions, AST Website, and AST Daily News Alerts, covering 23 Vital Sectors such as Access Control, Perimeter Protection, Video Surveillance/Analytics, Airport Security, Border Security, CBRNE Detection, Border Security, Ports, Cybersecurity, Networking Security, Encryption, Law Enforcement, First Responders, Campus Security, Security Services, Corporate Facilities, and Emergency Response among others.
AST has Expanded readership into integral Critical Infrastructure audiences such as Protection of Nuclear Facilities, Water Plants & Dams, Bridges & Tunnels, and other potential targets of terrorism.
Other areas of concern include Transportation Hubs, Public Assemblies, Government Facilities, Sporting & Concert Stadiums, our Nation’s Schools & Universities, and Commercial Business Destinations – all enticing targets due to a large number of persons and resources clustered together.
To learn more about ‘ASTORS’ Homeland Security Award Winners solutions, Be On the LookOut for the 2022 ‘ASTORS’ CHAMPIONS Edition Fully Interactive Magazine – the Best Products of 2022 ‘A Year in Review’.
The Annual CHAMPIONS edition includes a review of ‘ASTORS’ Award Winning products and programs, highlighting key details on many of the winning firm’s products and services, including video interviews and more.
It will serve as your Go-To Source throughout the year for ‘The Best of 2022 Products and Services’ endorsed by American Security Today, and can satisfy your agency’s and/or organization’s most pressing Homeland Security and Public Safety needs.
From Physical Security (Access Control, Critical Infrastructure, Perimeter Protection, and Video Surveillance Cameras and Video Management Systems), to IT Security (Cybersecurity, Encryption, Data Storage, Anti-Malware, and Networking Security – to name a few), the 2021 ‘ASTORS’ CHAMPIONS EDITION will have what you need to Detect, Delay, Respond to, and Mitigate today’s real-time threats in our constantly evolving security landscape.
It will also include featured guest editorial pieces from some of the security industry’s most respected leaders, and recognized firms in the 2022 ‘ASTORS’ Awards Program.
A complete list of 2022 ‘ASTORS’ Award Winners will be announced shortly.
For more information on All Things American Security Today, as well as the 2023 ‘ASTORS’ Awards Program, please contact Michael Madsen, AST Publisher at mmadsen@americansecuritytoday.com.
AST strives to meet a 3 STAR trustworthiness rating, based on the following criteria:
- Provides named sources
- Reported by more than one notable outlet
- Includes supporting video, direct statements, or photos
Subscribe to the AST Daily News Alert Here.
Learn More…
Darktrace Reveals Increased Cyber Incidents in U.S. Transport & Logistics