BlackFog collected threat statistics on a global basis for the first 6 months of 2019. What follows is a summary of the data exfiltration across all endpoints across Windows, Mac, Android and iOS devices.
Dark Web
BlackFog saw some trends from Q1 with a significant increase in Dark Web exfiltration representing 5.67% of traffic, a 40% increase from Q1. BlackFog also saw a 44% decrease in Powershell attacks over the same period moving from 6.34% to 3.51% of all threats. This is most likely due to the changes implemented by Microsoft in recent Windows updates to eliminate some of the known execution vulnerabilities with PowerShell.
Geographic Data Exfiltration
BlackFog also saw the most dramatic changes this quarter in the amount of data exfiltrated to Russia which has now risen by more than 26% from 15.22 to 19.22% of all traffic. Interestingly, this peaked in April and May at 20.81 and 21.69% respectively before settling down at 15.16% in June. During the same period we saw a significant decrease in exfiltration to China from 4.58 to 2.65% a decrease of approximately 42% from Q1.
Direct IP’s and Spyware
No significant changes were found with other core statistics. Spyware represented 2.39%, and the use of direct IP’s for communicating with servers represented 43.26% of all attacks.
Major Threat Vectors
Related Posts
Manufacturing Industry Faces Surge in Ransomware Attacks in 2024
Ransomware attacks on the manufacturing industry are rising, with notable cases at MKS Instruments, Brunswick Corporation, Simpson Manufacturing, and The Clorox Company. Learn about the financial and operational impacts and why manufacturers are prime targets for cybercriminals.
The State of Ransomware 2024
BlackFog's state of ransomware report measures publicly disclosed and non-disclosed attacks globally.
Enterprise Ransomware Protection: Why it Matters
Why must enterprise ransomware protection be a critical component of any firm's cyber security strategy?
TAG Blog Series 1 – How ADX Supports and Implements Policy
Implementing Anti Data Exfiltration (ADX) solutions is critical for enterprise security. This article provides guidance on establishing effective ADX deployment policies, with a focus on aligning them with business objectives and threat perceptions. Highlighting BlackFog's ADX solution, it explores proactive strategies to prevent data exfiltration, offering valuable insights for practitioners aiming to enhance their security posture.
5 Steps to Ensure Your Enterprise Data Security
Why do enterprise data security strategies need to evolve to cope with a new range of threats?
Ransomware Recovery: Key Steps Every Firm Should Know
What should businesses keep in mind in order to develop an effective ransomware recovery plan?