BlackFog collected threat statistics on a global basis for the first 9 months of 2019. What follows is a summary of the data exfiltration across all endpoints including Windows, Mac, Android and iOS devices.

Dark Web

BlackFog saw a steady decline in Dark Web exfiltration over the quarter representing 1.69% of traffic, a decrease from both Q1 and Q2. However, BlackFog saw a dramatic increase in PowerShell attacks in Q3 at 7.86%, which is the highest we have seen for the year, up from 3.51% in the previous quarter. This reflects the increased use of the PowerShell for fileless attacks and the increase in the number of ransomware attacks globally.

Geographic Exfiltration

BlackFog reported a decrease in data exfiltrated to Russia this quarter, totaling 13.5% compared to 19.43% in the previous quarter. Exfiltration to China remained relatively stable at 2.13% compared with 2.62% in the previous quarter.

Direct IP’s and Spyware

No significant changes were found with other core statistics. Spyware represented 1.57%, and the use of direct IP’s for communicating with servers represented 37.03% of all attacks.

Major Threat Vectors