Cyber-attacks on critical infrastructure have become a growing problem since war broke out in Ukraine.

Following the 2014 annexation of Crimea, infrastructure in Ukraine has been ravaged by an ongoing barrage from Russian-affiliated groups. The following year, the country passed the first confirmed hack to turn off a power grid.

The attacks have continued since the full-scale invasion of Russia began in February 2022. According to a recent report from Google’s Threat Analysis Group, Russian military intelligence has repeatedly used destructive malware to degrade Ukraine’s civilian infrastructure.

Analysts are now increasingly concerned about the threats that are spreading around the world. In November, a general who commanded US military forces in Europe from 2014 to 2017 said that cybersecurity just as important as missile defense systems for the defense of German ports.

The EU is also expressing growing alarm. A watchdog for the block last month alerted members to improve their defenses due to increased risks of hacks by foreign states.

To mitigate the threats, cybersecurity companies are experimenting with different defense methods. Dark trailone of the UK’s largest technology companies, has chosen to apply AI in a natural way of thinking: thinking like an attacker.

This approach is embedded in Prevent/OT, a new product that identifies routes adversaries take to attack critical infrastructure.

The software visualizes possible routes to the assets. Defenders can then harden their environments to prevent attacks before they can happen.

“Many people in the industry lose sight of what they have to do every day.

A crucial part of the product is Darktrace’s self-learning ability AI, which detects anomalies in assets that indicate cyber threats. The company says its software enables its overworked workforce to prioritize the needs of their unique environments.

“It’s really maximizing the value of their time and implementing controls,” Jeffrey Macre, Industrial Security Solutions Architect at Darktrace, told TNW.

“Many people in the industry are so focused on what the next big attack will be that they lose sight of what they need to do on a day-to-day basis to implement really good cybersecurity.”

The new ability is part of Darktrace’s operational technology (OT) product family. According to the company the solutions are already used by hundreds of critical infrastructure companies.

Those numbers were bolstered recently by several new deals. Darktrace said this represents the company’s largest contract to date with a critical infrastructure organization.

The announcements come during a challenging period for the FTSE 250 business. The company recently lower its sales forecasts amid declining customer growth, and had to deny the allegations of a short seller of fraudulent accounting.

However, there are signs that the new product is already improving Darktrace’s business. Analysts on So said investment bank Jefferies the company is now making progress despite the short-seller attack — and that the launch of Prevent/OT has helped attract new customers.