BlackFog unveils AI update to detect dormant cyber attackers

Today

BlackFog has announced updates to its AI-based ransomware prevention and anti-data exfiltration platform, introducing baseline activity monitoring to help organisations address advanced persistent threats, living off-the-land attacks, and insider threats.

The updated platform focuses on detecting attackers who remain dormant within networks for prolonged periods before executing targeted assaults. Industry trends have shown that many hackers can remain undetected for months or even years, highlighting the need for improved detection of these so-called variable dwell time attacks. Simultaneously, organisations face heightened risks from insiders, as disgruntled employees and external ransomware groups escalate tactics to recruit or coerce internal actors.

BlackFog's new baseline activity monitoring trains individual devices over seven to thirty days, assessing typical activity and actively searching for deviations. When an activity surpasses a set threshold, an alert is raised in the platform's management console, enabling security teams to investigate further. The technology adapts automatically to an organisation's environment, accounting for factors such as time zones and working days to avoid false positives and ensure suspicious activity is accurately detected.

Dr. Darren Williams, Founder and Chief Executive Officer of BlackFog, commented, "With the increasing costs of remediation, fines, and business loss now exceeding 1 million dollars, it is becoming critical to protect not only customer data but all your digital assets from the threat of extortion. With more than 95% of all ransomware attacks now involving data exfiltration, it is more critical than ever to protect your data."

BlackFog's anti-data exfiltration (ADX) technology is designed to add a further layer of cyber defence, aiming to address gaps left by firewalls and endpoint detection and response (EDR) solutions. The platform offers coverage for devices running Windows, macOS, Chrome, Android, and iOS, providing what the company describes as round-the-clock defence without the need for direct human input. By focusing on blocking emerging attacks powered by artificial intelligence, BlackFog aims to equip organisations with new tools to address an evolving threat landscape.

The updated platform targets common attack vectors, including living off the land attacks, which use legitimate tools and processes to evade detection. BlackFog's focus on baseline monitoring is intended to spot irregularities pointing to such covert techniques or insider threats before they escalate into serious breaches or ransomware incidents.

BlackFog was established in 2015 as a cybersecurity firm utilising artificial intelligence to underpin its anti-data exfiltration technology. The company reports that more than 94% of attacks involve some form of data exfiltration, which it regards as a critical issue for organisations seeking to reduce extortion risk, protect customer data, and safeguard intellectual property.

BlackFog's solutions have been subject to industry recognition, receiving the Gold Globee award for AI-Driven Data Protection Solution and the Cybersecurity Breakthrough Award for AI-based Cybersecurity Innovation of the Year. The company also notes a Gold achievement at the Globee awards in 2024 for best Data Loss Prevention and was recognised in the State of Ransomware report for contributions to digital security.

The new updates reflect an ongoing trend in cybersecurity where proactive prevention and detection mechanisms are viewed as increasingly necessary, given evolving attacker tactics and increased pressure on organisations to avoid costly breaches and data loss.

Share on: