The networks assessed by SS8 exhibited various signs of malicious evasion and exfiltration activity. Infographic courtesy of SS8.
The networks assessed by SS8 exhibited various signs of malicious evasion and exfiltration activity. Infographic courtesy of SS8.

A recent breach risk assessment of more than 20 organizations running large enterprise networks found that 100 percent showed signs of traffic tunneling, DNS-related exfiltration and malformed protocols in outbound traffic – all indicators of attackers using evasion and exfiltration techniques.

Breach detection firm SS8 conducted the assessment and announced its findings Thursday in its 2016 Threat Rewind Report. The report offers readers a window into cyberattackers' top evasion and exfiltration techniques, based on the company's analysis of over 5 billion network activity records from organizations operating in key sectors including critical infrastructure, education and retail.

Moreover, SS8 found that 77 percent of the participating organizations' networks had at least one device beaconing out to a remote server, 70 percent had compromised non-essential devices on the network, 65 percent had applications built on top of bittorrent platforms, and 30 percent were infected with audio-recording malware.