Blog

항목을 찾을 수 없습니다.

뉴스에서 볼 수 없었던 6가지 새로운 사이버 위협

뉴스에서 볼 수 없었던 6가지 새로운 사이버 위협Default blog imageDefault blog image
24
Oct 2016
24
Oct 2016

As an industry, the constant stream of cyber-attacks in the news can be overwhelming. It seems like every day we see front-page headlines announcing defaced websites or massive data breaches.

But what about the attacks that never make the news?

Here at Darktrace, our worldwide deployments find early-stage threats every day. While these developing threats never make the headlines, they often emerge in fascinating and unexpected ways.

Here’s a selection of what we’ve found for our customers:

       
  1. An attacker hacked into a biometric fingerprint scanner used for physical access at a major manufacturing company.
       This company used network-connected fingerprint scanners, allowing the attacker to use Telnet connections and default credentials to gain access. There were strong indiciators that the attacker was able to use the device to breach other servers.
  2.    
  3. A cyber-criminal gained access to a video conferencing system of a multi-national corporation.
       Using a backdoor Trojan Horse, the attacker used six external computers to collect data from the camera, presumably in an attempt to steal video from confidential meetings.
  4.    
  5. A new strain of malware forced the computers of a security company to visit explicit websites.
       Using random, algorithmically-generated websites, the attackers tried to plant incriminating evidence on the network by generating illegal web activity.
  6.    
  7. A threat-actor hacked a ‘Lost and Found’ computer at a major European airport.
       To gain entry, the attacker used DNS servers, an essential capability for internet communication though rarely used for information transfer.
  8.    
  9. A hacker tried to compromise an industrial power network using default codes.
       After penetrating the SCADA energy network, the attacker tried to establish a remote control link by using access codes listed as factory defaults online.
  10.    
  11. A phishing email launched a ransomware attack on a non-profit charity.
       Using a fake email, the attacker claimed to have an invoice from a legitimate supplier. The attached pdf contacted a server in Ukraine and downloaded malware attempting to encrypt the non-profit’s network.

Our ‘immune system’ technology caught each attack at an extremely early stage, giving us a rare look at how modern threats are able to bypass legacy systems. Traditional security solutions can only detect attacks with pre-determined signatures. But in each case, threat-actors used signature-less attacks to blend into the noise of the network.

By harnessing the power of unsupervised machine learning, the Enterprise Immune System learned ‘normal’ for each of these networks, and detected the threats as anomalous behavior. Our threat analysts then determined the nature of the attack and counseled the organization to take appropriate action.

If you’re interested in learning the full story behind these emerging cyber-threats, check out our Threat Use Cases page.

We look forward to sharing more of our industry insights with you in the future.

More in this series:

항목을 찾을 수 없습니다.

Like this and want more?

Receive the latest blog in your inbox
감사합니다! 제출되었습니다!
양식을 제출하는 동안 문제가 발생했습니다.
INSIDE THE SOC
Darktrace cyber analysts are world-class experts in threat intelligence, threat hunting and incident response, and provide 24/7 SOC support to thousands of Darktrace customers around the globe. Inside the SOC is exclusively authored by these experts, providing analysis of cyber incidents and threat trends, based on real-world experience in the field.
AUTHOR
ABOUT ThE AUTHOR
저스틴 파이어
VP, 전술적 위험 및 대응

Justin is one of the US’s leading cyber intelligence experts, and holds the position of VP, Tactical Risk and Response at Darktrace. His insights on cyber security and artificial intelligence have been widely reported in leading media outlets, including the Wall Street Journal, CNN, The Washington Post, and VICELAND. With over 10 years’ experience in cyber defense, Justin has supported various elements in the US intelligence community, holding mission-critical security roles with Lockheed Martin, Northrop Grumman Mission Systems and Abraxas. Justin is also a highly-skilled technical specialist, and works with Darktrace’s strategic global customers on threat analysis, defensive cyber operations, protecting IoT, and machine learning.

USE CASES
항목을 찾을 수 없습니다.
PRODUCT SPOTLIGHT
항목을 찾을 수 없습니다.
COre coverage
항목을 찾을 수 없습니다.
This Article
뉴스에서 볼 수 없었던 6가지 새로운 사이버 위협
Share
Twitter logoLinkedIn logo

Related Articles

항목을 찾을 수 없습니다.

귀하의 비즈니스에 좋은 소식입니다.
나쁜 사람들에게 나쁜 소식입니다.

무료 평가판 시작

무료 평가판 시작

유연한 배송
가상환경에 설치하거나 하드웨어에 설치할 수 있습니다.
빠른 설치
설치하는 데 1 시간 밖에 걸리지 않으며 이메일 보안 평가판의 경우 더 적게 걸립니다.
여정 선택
클라우드, 네트워크 또는 이메일을 포함하여 가장 필요한 곳 어디에서나 셀프 러닝 AI를 사용해 보십시오.
약정 없음
Darktrace Threat Visualizer 및 세 개의 맞춤형 위협 보고서에 대한 모든 액세스 권한이 있으며 구매 의무는 없습니다.
감사합니다! 제출되었습니다!
양식을 제출하는 동안 문제가 발생했습니다.

Get a demo

유연한 배송
가상환경에 설치하거나 하드웨어에 설치할 수 있습니다.
빠른 설치
설치하는 데 1 시간 밖에 걸리지 않으며 이메일 보안 평가판의 경우 더 적게 걸립니다.
여정 선택
클라우드, 네트워크 또는 이메일을 포함하여 가장 필요한 곳 어디에서나 셀프 러닝 AI를 사용해 보십시오.
약정 없음
Darktrace Threat Visualizer 및 세 개의 맞춤형 위협 보고서에 대한 모든 액세스 권한이 있으며 구매 의무는 없습니다.
감사합니다! 제출되었습니다!
양식을 제출하는 동안 문제가 발생했습니다.