Darktrace has discovered 16,000 ‘serious’ early-stage threats across 1,200 deployments of its Enterprise Immune System technology worldwide, according to a report by the company.
“With 8.6 billion things connected by 2020, Asia-Pacific is shaping up to be the leading region for the ‘Internet of Things’ (IoT),” says Sanjay Aurora, Darktrace Managing Director, Asia-Pacific.
“However, the distinction between offline and online is blurring as attackers can now gain access through previously unrelated vectors, such as infecting videoconferencing equipment and biometric sensors with malware.”
“Clearly, greater visibility needs to be extended beyond traditional enterprise systems, and machine learning technology can help cope with tracking anomalies across the vast IoT environment before any serious damage is done.”
IoT increases attack surface
The emerging IoT movement is transforming business, and opening new windows of opportunity for attackers. Non-traditional IT, from connected coffee machines to videoconferencing units, are now being exploited by attackers to jump into corporate networks, unobserved. Darktrace discovered that a video conferencing system at a multinational retailer has been compromised, allowing intruders to listen in to the audio content.
Digital attacks impact physical security
Connected devices are also putting physical safety and security at risk, whether as part of industrial networks or the IT network. In one example, an attacker was caught compromising a fingerprint scanner, which restricted physical access to the machinery at an important manufacturing plant, and replacing legitimate fingerprint data.
‘Automated attacks’ are too fast for humans
The speed of attacks is increasing. Automated attacks can move at the speed of computer processes, with ransomware crippling entire groups of computers in minutes. Darktrace’s self-learning approach allowed the detection of an automated ransomware attack within one minute of infiltration. The victim organization was able to stop the spread of the malicious code in real time, avoiding a significant ransom demand.