Area 1 Security Introduces Cyber Attack Preemption

Preempt Targeted Phishing Attacks. Change Outcomes.

Area 1 Security

Published in

The Azimuth

5 min readJun 13, 2016

Overview

Targeted phishing is the number one cyber attack vector worldwide. Because these socially engineered attacks so easily pierce static defenses, they have successfully disrupted the overall security posture of public and private organizations alike. Unlike traditional solutions that detect or remediate attacks after they’re already inside the enterprise, Area 1 extends beyond the firewall, into the wild, to stop these attacks preemptively in time to change outcomes.

What is Targeted Phishing & Why is it a Problem?

Define Phishing /fiSHiNG/ An attempt to acquire access or information by masquerading as a trustworthy entity.

A phished brand is a brand that cybercriminals imitate in malicious cyber campaigns; the brand is the bait for the phishing scam. While this is certainly detrimental to the brand, with damages extending far beyond the actual data loss and remediation costs, the phished brand is not the only victim in this scenario.

Analogous to real fishing, where the bait does not exactly triumph, the brand is just a vehicle by which to “catch” the true target: the fish. Targeted employees play the role of hook, clicking the bait that malicious attackers have snuck into their inboxes and making vulnerable the big fish the attackers are after: the large enterprises they work for. Attackers know that there is a high likelihood that end users have similar credentials across multiple systems. As soon as just one unsuspecting employee provides his or her login information to a screen such as the counterfeit BOA screen pictured above, the attacker now has a set of working credentials for other systems that the target has access to within the organization.

Creating targeted campaigns is easy, the success rate is high, and over the last year, there has been an exponential increase in nation-state and commercial actors performing effective and repeated cyber attacks using these techniques. The human factor isn’t going away; people have a high propensity to click on messages that come from their trusted circles, whether they are peers, colleagues, families, or brands they interact with on a daily basis.

Motivations vary from data and intellectual property theft to financial account access to corporate M&A activity to corporate espionage — just to name a few. Cybercriminals are relentless and unbiased, and they will prey on victims across all verticals, sizes, and countries.

The Area 1 Difference: Preemption

It’s time for the conversation on cybersecurity to evolve from one of defense and protection to one of preemption. Area 1's aim is to end targeted phishing attacks and fundamentally change the landscape of the cybersecurity industry. When it comes to dealing with phishing attacks, industry focus to date has been on three things:

Working as quickly as possible to clean up the mess once an attack inevitably occurs
Leveraging existing anti-spam solutions that focus on volume detection of bulk messages and hoping they catch targeted, low volume phishing attacks.
Educating employees on how to spot a suspicious email or to avoid clicking on links

Area 1 Security competes with this status quo mentality through a completely unique approach that takes the fight to the hacker’s doorstep to preempt an attack before it launches.

Area 1 Horizon

The industry’s first Cyberattack Preemption solution, Area 1 Horizon identifies threat campaigns, attacker infrastructure, and delivery mechanisms from the outside in. This proactive approach gives customers advance warning and enables the thwarting of targeted attacks during the earliest stages of an attack cycle. Offered as a cloud based service, Area 1 Horizon continuously tracks targeted phishing campaigns by nation-state or commercial actors and provides the means necessary to disrupt their delivery mechanisms and preemptively shut down attacks in their formative stages. This unprecedented visibility provides significant time advantage ranging anywhere from days to weeks ahead, as well as actionable context that enterprises can use to stop an attack at its very source.

The service integrates flexibly and transparently with customer edge devices or security orchestration platforms to stop targeted phishing attacks across a range of delivery vectors — Email, Web, or Network.

Who is Area 1 Security?

Define Area 1 /ˈerēə wən/ The first preemptive cybersecurity approach focused on the origin [when it begins] and source [where it begins] of an attack.

Backed by top tier investors, Area 1 is led by security and data analytics experts coming from NSA, USCYBERCOM, Cisco/IronPort, and FireEye who realized a pressing need for a proactive solution to targeted phishing attacks. Area 1 is working with some of the most sophisticated security organizations including financial firms, insurance providers and health care providers to preempt and stop targeted phishing attacks at the outset and significantly improve their cybersecurity posture.

Leadership Team

Oren Falkowitz, Founder & Chief Executive Officer

Oren Falkowitz previously held senior positions at United States Cyber Command and the National Security Agency focused on Big Data and Computer Network Operations.

@OrenFalkowitz

Blake Darché, Founder & Chief Security Officer

Prior to Area 1, Blake Darché held positions at CrowdStrike and the NSA where he was focused on Computer Network Defense and Computer Network Exploitation.

@BlakeDarche

Phil Syme, Founder & Chief Technology Officer

Mr. Syme previously held multiple positions in which he designed and built software from small single server prototypes to large scale systems involving petabytes of data.

@PhilSyme

Shalabh Mohan, VP Product & Marketing

Before Area 1, Mr. Mohan led product and go-to-market teams across security, enterprise, and cloud infrastructure companies such as IronPort Systems, Cisco and Bracket Computing.

@SMohan1