Darktrace’s AI tool detects and reports attacks

Ransomware attacks — a type of cyber attack that denies access to a computer until a ransom is paid — have more than doubled this year according to security group McAfee.

Another study, by Coveware, which pays bitcoin ransoms on behalf of clients, says the average ransom nearly doubled at the turn of the year to nearly $13,000.

The five case studies here showcase the various methods and tools available to companies to protect themselves and to respond when they are attacked.

Case studies compiled by RSG Consulting.

WINNER: Darktrace
Darktrace, a cyber defence group whose technology acts as a security camera inside a business, was among the first companies to suggest that breaches are inevitable. Darktrace’s AI cyber analyst detects threats and files a report, a job that can take a human several hours. Issues are instantly escalated to a data protection officer or patching software for a response. The analyst monitors entire IT infrastructures and can detect and tackle threats at an early stage.

GWT0CA A logo sign outside of a facility occupied by Aon plc in Southfield, Michigan on July 17, 2016.


A tool created by Aon, a diversified risk business, helps clients assess their vulnerabilities. One company found that ransomware had shut down several of its factories worldwide. Aon diagnosed the attack, liaised with insurance companies and arranged for a third party to pay the 450-bitcoin (£2.8m) ransom. The client was indemnified for its losses and work returned to normal.

Cordery and LexisNexis

The Cordery Breach Navigator, a tool from LexisNexis, the risk management company, and Cordery, the legal compliance business, assesses the seriousness of a security breach. Navigator also covers physical loss, for example, a laptop left on a train. Analytics track the most frequent types of breaches as well as measuring security response times.

DXC Technology

DXC, an IT solutions company, offers a service that automates identifying and patching vulnerabilities. One DXC user is a government organisation that says it can detect threats up to five times faster than it could previously.


A European software company brought in Kroll, a risk management firm, after it was told that sensitive information would be posted on the dark web if it did not pay €1m. Kroll scanned phones and computers for suspicious activity and checked the dark web to see if any leaks had been posted. It then interviewed staff and identified a disgruntled former employee as culprit.


The business services group came to the rescue of a financial services company subject to a ransomware attack. PwC aligned business and IT priorities to get systems back online. It acted to stop reinfection and gave legal advice, resolving the issue within a week.

Get alerts on Cyber Security when a new story is published

Copyright The Financial Times Limited 2022. All rights reserved.
Reuse this content (opens in new window) CommentsJump to comments section

Follow the topics in this article