Darktrace/Email against cyber threats such as generative AI business emails

June 9, 2023

  • Darktrace/Email is able to detect novel email attacks on average 13 days earlier than email security tools built on knowledge of past threats
  • Darktrace research shows 135% increase in novel social engineering attacks in 2023 amid widespread availability of ChatGPT
  • Darktrace/Email is already used by over 3,000 organisations worldwide

Darktrace has released a major new upgrade to Darktrace/Email. Rated top by Gartner Peer Insights, the email security solution prevents the most sophisticated attacks through its customised understanding of the individual and the organisation, regardless of previous attacks. As part of the Darktrace Cyber AI Loop, Darktrace/Email’s new features include an AI feedback loop for employees; account takeover protection; endpoint, network and cloud insights; and behaviour-based detection of emails accidentally sent to the wrong recipient. These features improve the security and productivity of employees and corporate security teams. Darktrace/Email is already used by over 3,000 organisations worldwide.

In the professional environment, email remains the primary tool for collaboration and communication. Traditional security solutions are based on intelligence from historical threats. As a result, they cannot protect organisations and their employees from emerging threats. According to Darktrace’s analysis, other email security solutions – including native, cloud-based and “static AI” tools – take an average of 13 days to detect an attack. In contrast, Darktrace/Email can detect attacks as soon as they are launched. This is because instead of training based on past attacks, the solution learns the normal patterns of behaviour in each individual organisation.

The danger is increasing

This deep individual understanding is critical given the rise in novel email attacks and linguistically ever-improving malicious communications. Darktrace researchers observed a 135 per cent increase in novel social engineering attacks among thousands of active Darktrace/Email customers from January to February 2023. This coincides with the widespread use of ChatGPT. These novel social engineering attacks use sophisticated linguistic techniques, including increased text volume and sentence length, as well as enhanced punctuation. At the same time, there has been a decline in malicious emails that contain links or attachments. This trend suggests that generative AI such as ChatGPT offers cybercriminals the ability to carry out sophisticated and targeted attacks with speed and scale.

With the latest upgrade, Darktrace Cyber AI Analyst now combines information about anomalous email activity with other data sources, including endpoints, networks, clouds, apps and OT. The ability to automatically combine and analyse data sources from different parts of the enterprise in one system to mutually strengthen email and network security is a technology patented by Darktrace. Sophisticated cyber attacks usually start in the email inbox, but often penetrate other areas such as the network, for example in multi-stage ransomware attacks. Darktrace’s AI is able to make more informed decisions because its insights are in a wider context. The algorithms have a complete picture of what normal behaviours of a user look like from different perspectives. This enables highly reliable, contextual and actionable conclusions that save human security teams time.

Key features

  • New features of Darktrace/Email include:
  • Account takeover protection and email security in one product.
  • Behavioural detection of accidentally misaddressed emails prevents intellectual property or confidential information from being sent to the wrong recipient.
  • AI feedback loop for employees provides real-time contextual alerts and security warnings for suspicious emails based on individual habits.
  • Intelligent email management for improved productivity in the face of unopened bulk email (graymail), spam and newsletters clogging up email inboxes.
  • Streamlined workflows and integrations for security teams, including the Darktrace Mobile App.
  • Automated investigations of email incidents in combination with other areas by Darktrace’s Cyber AI Analyst.

“Email is the biggest vulnerability for businesses today,” comments Max Heinemeyer, Chief Product Officer, Darktrace. “Security teams are faced with sophisticated generative AI attacks and entirely new types of scams that use unknown techniques and reference topics. In a world of increasing AI-powered attacks, we can no longer leave it to humans alone to verify the veracity of received communications. This is now a task for artificial intelligence. Darktrace continues to lead the way in cybersecurity through its unique approach that focuses not on past attacks, but on understanding organisational and employee behaviours to stop novel social engineering attacks.”

Related Articles

Share This