BlackFog collected threat statistics on a global basis for the first 6 months of 2019. What follows is a summary of the data exfiltration across all endpoints across Windows, Mac, Android and iOS devices.
Dark Web
BlackFog saw some trends from Q1 with a significant increase in Dark Web exfiltration representing 5.67% of traffic, a 40% increase from Q1. BlackFog also saw a 44% decrease in Powershell attacks over the same period moving from 6.34% to 3.51% of all threats. This is most likely due to the changes implemented by Microsoft in recent Windows updates to eliminate some of the known execution vulnerabilities with PowerShell.
Geographic Data Exfiltration
BlackFog also saw the most dramatic changes this quarter in the amount of data exfiltrated to Russia which has now risen by more than 26% from 15.22 to 19.22% of all traffic. Interestingly, this peaked in April and May at 20.81 and 21.69% respectively before settling down at 15.16% in June. During the same period we saw a significant decrease in exfiltration to China from 4.58 to 2.65% a decrease of approximately 42% from Q1.
Direct IP’s and Spyware
No significant changes were found with other core statistics. Spyware represented 2.39%, and the use of direct IP’s for communicating with servers represented 43.26% of all attacks.
Major Threat Vectors
Related Posts
The State of Ransomware 2024
BlackFog's state of ransomware report measures publicly disclosed and non-disclosed attacks globally.
CDK Global Ransomware: What Happened and How It Impacted Businesses
Here you will learn about the CDK Global ransomware attack, the impact on auto dealerships, relevant recovery steps and general cybersecurity practices for businesses.
Ransomware Containment: Effective Strategies to Protect Your Business
Discover effective ransomware containment strategies for your business. This guide discusses network segmentation, zero trust, and practical best practices for IT managers and cybersecurity professionals to reduce ransomware damage.
Ransomware Meets Retail: Sainsbury’s, Starbucks and Morrisons Feel the Heat from Blue Yonder Attack
The Blue Yonder ransomware attack disrupted major retailers like Sainsbury’s, Starbucks, and Morrisons, highlighting the vulnerabilities of global supply chains and the urgent need for stronger cybersecurity defenses.
Top 5 Cyberattacks During Black Friday and Thanksgiving
Find out about the top five biggest cyberattacks for Black Friday and Thanksgiving, from data breaches and ransomware, to see the risks businesses experience during the holidays.
Healthcare Ransomware Attacks: How to Prevent and Respond Effectively
Learn how to protect yourself from healthcare ransomware attacks. We discuss the main security weaknesses, suggest security steps, and offer possible means of protecting patient information.