Major French Hospital Group Stops Ransomware Attack With Darktrace AI

Farma Darya

 CISO of Dordogne Hospital Group says detection is no longer enough; autonomous response is vital for containing attacks

Cambridge, England, April 12, 2022 /PRNewswire/ — Darktrace, a global leader in cyber security AI, today announced that Antigena, its autonomous response technology, stopped a sophisticated ransomware attack at Dordogne Groupements Hospitaliers de Territoire (Dordogne GHT).

In 2021, still in the midst of the Covid-19 pandemic, Dordogne GHT selected Darktrace’s detect, respond and investigate capabilities to defend against threats across all eleven of its hospitals including across corporate and medical devices in its accident and emergency departments. Just two months after deploying Darktrace, the Group, which employs close to 5,000 staff, was targeted by Ryuk ransomware – a notorious ransomware strain known to target critical organizations across the public sector globally.

Ryuk, which was first developed by the prolific cyber-criminal organization named ‘Wizard Spider’, is known for combining advanced encryption techniques and subsequently demanding a high ransom in return for a private decryption key. It is one of the first ransomware families capable of encrypting not only data but network drives and resources. Ryuk has previously taken down entire city councils, and was responsible for an attack which hit over 200 hospitals in the US in 2021.

Darktrace AI immediately detected the initial warning signs of the attack which came in the form of some basic .dat files being downloaded onto one of the businesses devices from an unknown IP address.

Initially, Dordogne GHT had Darktrace’s autonomous response capability, Antigena, in ‘human confirmation mode’, where the security team must approve suggested actions. As the ransomware attack began to spread rapidly, threatening medical devices in emergency departments, the team switched to ‘active mode’ allowing the AI to take intelligent action to enforce normal operations and ultimately stop the attack.

“We have seen first-hand how a ransomware attack could bring down our systems in minutes and impact human lives,” commented Vincent Genot, CISO of Dordogne GHT. “It is clear to me that in this new era of cyber-threat, detection is no longer enough. Darktrace has invented a technology that can respond to attacks on behalf of humans, at computer speed, so that organizations can continue running normally even while under attack. This is the future of security.”

“At a time when national cybersecurity agencies are urging organizations to be hyper-vigilant and lock down their systems, we can be in little doubt that defenders of healthcare systems will be working to keep the bad guys out,” commented Justin Fier, VP of Tactical Risk and Response, Darktrace. “Autonomous response technology that uplifts human security teams by allowing them to make strategic decisions while the AI stops the attack before it causes disruption is critical in defending organizations vital to everyday life.”

About Darktrace

Darktrace (LSE: DARK.L), a global leader in cyber security AI, delivers world-class technology that protects over 6,500 customers worldwide from advanced threats, including ransomware and cloud and SaaS attacks. Darktrace’s fundamentally different approach applies Self-Learning AI to enable machines to understand the business in order to autonomously defend it. Headquartered in Cambridge, UK, Darktrace has more than 1,700 employees and over 30 offices worldwide. Darktrace was named one of TIME magazine’s ‘Most Influential Companies’ for 2021.

Media Contacts 

SOURCE Darktrace

Next Post

What Is Value-Based Healthcare, Really?

VALUE-BASED CARE HAS BEEN HELD OUT AS A PANACEA FOR AMERICAN HEALTHCARE. BUT IS IT REALLY? MATTHEW HAYWARD Attend any healthcare conference and you’ll quickly discover that it’s become downright fashionable for healthcare leaders to talk about their unwavering commitment to “value-based care.” The expression has become ubiquitous in healthcare […]