BlackFog collected threat statistics on a global basis during the first quarter of 2019. What follows is a summary of the threats determined via data exfiltration techniques across Windows, Mac, Android and iOS clients. Third party use is granted with appropriate attribution back to BlackFog.
During the first quarter of 2019 BlackFog saw continued focus by both Russia and China to exfiltrate data back to servers within their borders. This represented 20% of total threats and 50% of threats by all other countries combined. Russia represented 15.5% and China 4.1%. This does not include anonymized, advertising or profiling servers which would increase these numbers significantly.
PowerShell Attacks
With the exception direct or raw IP addresses, PowerShell attacks now represent 5.65% of all threat vectors. With the increased sharing and sophistication of cybercriminal networks working code is quickly leveraged. Hence, the increase in the use of PowerShell and fileless attacks. In fact PowerShell attack vectors represent 9.24% of attacks when data exfiltration by country threats are excluded.
Direct IP’s
Direct, or raw IP addresses still represent a major problem and are used in 48.8% of all attacks. This provides an easy way for cybercriminals to obfuscate an attack and anonymize their location. Unfortunately, some legitimate applications still employ direct IP’s instead of using common domain names. There is no reason this should be employed in a working application, unless the vendor is trying to also hide their actions.
Major Threat Vectors
Dark Web and Spyware
The Dark Web continues to provide a network for cybercriminals to steal your data and evade detection. This underground network is routinely used to transact and exchange data with other cybercriminals. It represented 3.9% of attacks in the first quarter of 2019.
Lastly, spyware and ransomware contributed 2.6% to the total number of threats.
Related Posts
Data Backup and Data Recovery: What Every Business Needs to Know
Understand these critical data backup and data recovery steps to reduce the risk of lengthy downtime following data loss.
DNS Exfiltration: How Hackers Use Your Network to Steal Data Without Detection
Learn how DNS exfiltration works and why this method of data theft often goes undetected.
How Do You Protect Yourself From Hackers? Proactive Strategies for Business Data Security
Follow these advanced data protection strategies to help protect your firm from hackers in an increasingly challenging environment.
5 Steps to a Disaster Recovery Plan That Protects Your Business
Follow these key steps to develop a data backup and recovery plan fit for the digital-first world.
Data Protection Management: Building a Resilient Data Security Framework
Keep these six key principles in mind to ensure your data protection management solutions are as effective as possible.
Data Leakage Demystified: Risks and Mitigation Strategies
Learn everything you need to know about common data leakage risks and how to mitigate them.