BlackFog collected threat statistics on a global basis for the first 9 months of 2019 (threat statistics Q3 2019). What follows is a summary of the data exfiltration across all endpoints including Windows, Mac, Android and iOS devices.
Dark Web
BlackFog saw a steady decline in Dark Web exfiltration over the quarter representing 1.69% of traffic, a decrease from both Q1 and Q2. However, BlackFog saw a dramatic increase in PowerShell attacks in Q3 at 7.86%, which is the highest we have seen for the year, up from 3.51% in the previous quarter. This reflects the increased use of the PowerShell for fileless attacks and the increase in the number of ransomware attacks globally.
Geographic Exfiltration
BlackFog reported a decrease in data exfiltrated to Russia this quarter, totaling 13.5% compared to 19.43% in the previous quarter. Exfiltration to China remained relatively stable at 2.13% compared with 2.62% in the previous quarter.
Direct IP’s and Spyware
No significant changes were found with other core statistics. Spyware represented 1.57%, and the use of direct IP’s for communicating with servers represented 37.03% of all attacks.
Major Threat Vectors
Related Posts
Everything That You Need to Know About the Dark Web and Cybercrime
Learn about the dark web, including who uses it, how it operates, and what tools cybercriminals obtain on it. Find out how BlackFog monitors networks, forums, and ransomware leak sites in order to stay ahead of new threats.
BlackFog unveils AI based anti data exfiltration (ADX) platform for ransomware and data loss prevention
BlackFog unveils the latest version of its AI based anti data exfiltration (ADX) platform for even more powerful ransomware and data loss prevention. Version 5 introduces new features including air gap protection, real-time geofencing, and baseline activity monitoring to ensure the highest level of cybersecurity protection.
EDR Kill Shifter: Why a Layered Cybersecurity Approach is Required
Learn how ransomware-as-a-service is simplifying ransomware tool creation and increasing ransomware attack accessibility in cybercrime. Find out how modern ransomware syndications use RaaS.
The Rise of Ransomware-as-a-Service and Decline of Custom Tool Development
Learn how ransomware-as-a-service is simplifying ransomware tool creation and increasing ransomware attack accessibility in cybercrime. Find out how modern ransomware syndications use RaaS.
The State of Ransomware 2024
BlackFog's state of ransomware report measures publicly disclosed and non-disclosed attacks globally.
Data Exfiltration Detection: Best Practices and Tools
Data exfiltration, a tactic used in 93% of ransomware attacks, can lead to severe consequences including financial losses, reputational damage, and loss of customer trust. To mitigate these risks, organizations must implement effective detection strategies and technologies.