On the Web, Your Neighbour Might Host Your Next Attack

We may think of crime syndicates from Eastern Europe when we think of hacking, or maybe dark rooms of cyber spies in China and Russia, but many of these attacks are actually launched from servers from within your neighborhood. Discussed in our latest report, The Unlikely Origins of Cyber Attacks, cyber assaults take months of planning and require a string of servers, most of them unsuspecting victims.

And when it comes to phishing, by far the biggest threat for companies trying to protect themselves, emails claiming to be from big, recognized brands are the most common bait, Area 1 Security’s report shows.

Bait: Attractive lures (usually consumer brands) that disguise themselves as legitimate emails and are the source of most cybersecurity breaches.

Area 1 researchers analyzed millions of phishing sites in the first part of 2016 and the results prove that companies need to be vigilant in all directions, even from places they trust.

“Focusing on the who and the what of these attacks remains a constant challenge because the attackers keep changing, but it’s much harder to change the attack infrastructure,” Shalabh Mohan, VP of product and marketing for Area 1 Security said. “Watching the infrastructure helps us counter them in the early stages.”

While attackers may actually be hunched over a screen in another country when they pull off their heists, cyber criminals use long, complicated chains of compromised servers, foreign and domestic, to advance their attacks. The computer running a public school’s library, or your best customer’s welding shop can unwittingly end up as the source of an operation to steal your intellectual property or financial information.

Fortunately, companies don’t have to be blind. Even the best hacker leaves bread crumbs about their true location, and web traffic can signal a cyber assault before it happens. Area 1 makes a business of watching attackers, deploying sensors, crawling the web, and tracking the earliest bits traveling between targets and cyber criminals.

The report also highlights more granular details from phishing attacks, showing the servers most likely to be used and the biggest target cities.

Download the full report here.

Read the article by Robert Hackett of Fortune summarizing the report here.

Want to keep up to date with the latest phishing trends? 

Subscribe to our newsletter here!


How to replace your email gateway with Cloudflare Area 1

Leaders and practitioners responsible for email security are faced with a few truths every day. It’s likely true that their email is cloud-delivered and comes with some built-in protection that does an OK job of stopping spam and commodity malware.

Introducing email link isolation – Email gateway replacement playbook

This week was a big one for us at Cloudflare, one of our four innovation weeks which we hold annually, showcasing new developments, product news and reference architectures.

Superhero strategies for the Phish Fight

Today is National Superhero Day, and we would like to dedicate this day to you—the SOC teams and the security experts on the frontline of the phish fight.