A team of elite ex-NSA hackers is giving everyone the ability to hunt down the most advanced cyber threats
A company founded by three ex-National Security Agency analysts says it can predict where hackers may strike next – up to a year before it even happens.
“To really understand how these attackers work, it is really helpful to have been on that side of the fence,” Oren Falkowitz, CEO and cofounder of Area 1 Security, told Tech Insider.
Based out of Silicon Valley and backed by $25 million in funding, Area 1 has been operating in stealth over the past two years. In that time, the company has been persuading the owners of computers that have been taken over by hackers to let them continue to operate – under their watchful eye.
“We’ve been pushing this idea of preemption,” Falkowitz said.
Hackers often infiltrate one computer so they can use it in later attacks, and that method has given Area 1 insight into where they may strike next. That’s because the company has built out a network of sensors on servers that recognizes data patterns before a breach occurs.
They’re almost like earthquake sensors, in a sense. And Area 1 specifically counters phishing attacks – crafty emails containing malicious software that are used in more than 90% of targeted cyber attacks.
Area 1’s solution to the problem of cyberattacks is interesting, given the background of its founders. CEO Oren Falkowitz and CTO Phil Syme served as analysts at NSA. In fact, both Chief Security Officer Blake Darché and Falkowitz sat next to each other in the agency’s Tailored Access Operations group, the NSA’s secretive and elite hacker team.
“We were really kind of at the cutting edge, looking back on it,” Falkowitz said, adding that it was “fortuitous” to have worked at NSA as its cyber efforts ramped up, with private industry not far behind.
Paul Szoldra/Tech Insider
Similar to Area 1’s efforts, the NSA has, for roughly a decade, surreptitiously implanted “beacons” onto systems in China and North Korea that give it early warning of cyber attacks, The New York Times reported.
Those implants hidden at the source of attack were critical to helping the US point the finger at North Korea for the 2014 Sony hack, though some still remain skeptical of that attribution.
But it’s worth mentioning that Area 1’s sensors are very different from NSA’s, since the latterdoesn’t necessarily ask for permission before they are installed. Though they arguably perform just as well: Area 1 debuted a preview of its product in January of this year and watched roughly 2.15 million phishing attacks take place, with 64% coming from US-based computers, even though the attackers were sometimes overseas.
In one instance, the firm had tracked some well-known Chinese hackers dubbed the Codoso Group, as it used a small Wisconsin welding company’s computer to attack a startup in Silicon Valley, a New York law firm, and other targets.
“Many of these mom-and-pop shops are ambivalent because the attacks don’t directly impact their business and revenue,” Derek Smith, CEO of Shape Security, told The New York Times. “Meanwhile, they unwittingly operate this attack infrastructure.”
Falkowitz told Tech Insider his sensors are deployed on five continents, and the company has a web crawler that covers the entire internet looking for cyber threats over a period of 10 days.
“People take preemptive action every day,” he said. “Whether that’s getting a flu vaccine or putting a seatbelt on when you get into a car. That is the model that we’re right for in the cybersecurity space, and we hope that if we’re successful, we’ll talk more about attacks that have been stopped versus the damage that’s been caused.”
Source | TechInsider