In a breakthrough development, Barracuda Networks, Inc., a cloud-first security solutions provider, has revealed impressive results from the first half of 2023. Their AI-based pattern analysis, employed by Barracuda Managed XDR, successfully detected and neutralised thousands of high-risk incidents within a vast pool of nearly one trillion IT events.
Artificial intelligence (AI) has proven its mettle by recognising patterns of normal activity and flagging anomalies. This exceptional capability transforms it into a formidable security tool when dealing with attackers who attempt to exploit compromised accounts using valid credentials.
During the initial six months of 2023, the three most frequent high-risk detections included "Impossible Travel" login detection, "Anomaly" detection, and Communication with known malicious artefacts. These threats warranted immediate defensive actions.
"Illegal travel" login detections arise when a user logs into a cloud account from two vastly distant locations in quick succession—locations that could not be feasibly reached in such a short time. While this may sometimes involve VPN usage, it often signals unauthorised access by an attacker.
Merium Khalid, Director of SOC Offensive Security at Barracuda, shared an incident: "A user logged into their Microsoft 365 account from California and, just thirteen minutes later, from Virginia. To physically achieve this, they would have had to travel at speeds exceeding 10,000 miles per hour. The IP used for the Virginia login had no known VPN association, and the user didn't typically log in from that location. We alerted the customer, who confirmed this was an unauthorised login. They promptly reset their passwords and logged out the rogue user from
Read more on tech.hindustantimes.com