Press Release
Updated statement regarding LockBit claims
We have completed a thorough security investigation following yesterday’s tweets by LockBit claiming they had compromised Darktrace’s internal systems. We can confirm that there has been no compromise of our systems or any of our affiliate systems. Our service to our customers remains uninterrupted and is operating as normal and no further action is required.
Press Release
Statement regarding LockBit claims
Earlier this morning we became aware of tweets from LockBit, the cyber-criminal gang, claiming that they had compromised Darktrace’s internal security systems and had accessed our data. Our security teams have run a full review of our internal systems and can see no evidence of compromise. None of the LockBit social media posts link to any compromised Darktrace data. We will continue to monitor the situation extremely closely, but based on our current investigations we are confident that our systems remain secure and all customer data is fully protected.
Press Release
Major French Hospital Group Stops Ransomware Attack with Darktrace AI
Darktrace, a global leader in cyber security AI, today announced that Antigena, its autonomous response technology, stopped a sophisticated ransomware attack at Dordogne Groupements Hospitaliers de Territoire (Dordogne GHT).
In 2021, still in the midst of the COVID-19 pandemic, Dordogne GHT selected Darktrace’s detect, respond and investigate capabilities to defend against threats across all eleven of its hospitals including across corporate and medical devices in its accident and emergency departments. Just two months after deploying Darktrace, the Group, which employs close to 5,000 staff, was targeted by Ryuk ransomware — a notorious ransomware strain known to target critical organizations across the public sector globally.
Ryuk, which was first developed by the prolific cyber-criminal organization named ‘Wizard Spider’, is known for combining advanced encryption techniques and subsequently demanding a high ransom in return for a private decryption key. It is one of the first ransomware families capable of encrypting not only data but network drives and resources. Ryuk has previously taken down entire city councils, and was responsible for an attack which hit over 200 hospitals in the US in 2021.
Darktrace AI immediately detected the initial warning signs of the attack which came in the form of some basic .dat files being downloaded onto one of the business’s devices from a previously unknown IP address.
Initially, Dordogne GHT had Darktrace’s autonomous response capability, Antigena, in ‘human confirmation mode’, where the security team must approve suggested actions. As the ransomware attack began to spread rapidly, threatening medical devices in emergency departments, the team switched to ‘active mode’ allowing the AI to take intelligent action to enforce normal operations and ultimately stop the attack.
“We have seen first-hand how a ransomware attack could bring down our systems in minutes and impact human lives,” commented Vincent Genot, CISO of Dordogne GHT. “It is clear to me that in this new era of cyber-threat, detection is no longer enough. Darktrace has invented a technology that can respond to attacks on behalf of humans, at computer speed, so that organizations can continue running normally even while under attack. This is the future of security.”
“At a time when national cyber security agencies are urging organizations to be hyper-vigilant and lock down their systems, we can be in little doubt that defenders of healthcare systems will be working to keep the bad guys out,” commented Justin Fier, VP of Tactical Risk and Response, Darktrace. “Autonomous response technology that uplifts human security teams by allowing them to make strategic decisions while the AI stops the attack before it causes disruption is critical in defending organizations vital to everyday life.”