Get In Touch
September 2014 Archives
In two weeks, I'll be at the Akamai Edge customer conference. It's a terrific opportunity to meet face-to-face with a lot of our customers and get their feedback on what's working for them and what we can improve upon. A robust Web Security track of talks is planned, and I'll be blogging about it. The security track will run each day of Edge. Here's a partial list of what's planned:
A new kind of DDoS attack is currently stressing DNS infrastructure everywhere. Attackers gain access to DNS resolvers through home gateways with open DNS proxies. Proxies forward large bursts of queries with spoofed IP addresses to whatever resolver they are configured to use, usually an ISP resolver. With these attacks, the overwhelming majority of queries require recursion so resolvers in turn query authoritative servers to get answers.
If you create the stage setting and it's grand, everyone who enters will play their part. That was the motto of Morris Lapidus, architect of the Fontainebleau Miami Beach, which will play host to Akamai Edge 2014 in October.
[UPDATE: 9/25/2014 11:30AM] Akamai is aware that the fix to CVE-2014-6271 did not completely address the critical vulnerability in the Bourne Again Shell (bash). This deficiency is documented in CVE-2014-7169. The new vulnerability presents an unusually complex threat landscape as it is an industry-wide risk. Akamai systems and internal Akamai control systems have been or are being urgently patched or otherwise mitigated in prioritized order of criticality. Akamai has developed
Akamai's Prolexic Security Engineering and Research Team (PLXsert) is tracking the spread of Spike, a new malware toolkit that poses a threat to embedded devices, as well as Linux and Windows systems. Several versions of Spike can communicate and execute commands to infected Windows, desktop Linux and ARM-based devices running the Linux operating system (OS), PLXsert said in an advisory Wednesday morning.
Analyst Daniel Humphries has written a review of several threat monitoring tools for the "Software Advice" website, including a positive assessment of Akamai's Real-Time Web Monitor. Ours was among five tools Humphries looked at in his report, "Spotlight: Threat Visualizations." The others were Kaspersky's Cyberthreat Real-Time Map, Digital Attack Map -- a joint project between Google and security vendor Arbor Networks -- the Deutsche Telekom Attack Meter, and Trend Micro's
We are so excited about Akamai Edge this year that we simply can't wait to share some details. The 2014 Digital Entertainment lineup at Akamai Edge boasts world-class speakers ready to share their knowledge and expertise starting Wednesday October 8. The program will cover live events, monetization, devices and much more.
Last year, we released a bunch of videos containing security whiteboard lessons on a variety of topics. This Thursday we shoot four new episodes. Below is a preview of each episode.To see previous security whiteboard videos, go here and here.
Each year at Akamai Edge we update customers on some of the more persistent threats we've dealt with in the 12 months prior. Slides detailing the 2013 threat picture are available here. For an idea of what we'll be sharing at Edge 2014 in a couple weeks, I've assembled this primer. The following blog posts capture the main threats that have kept us busy in recent months:
Twelve co workers crammed into vans all weekend? No sleep? No showers? Camping out under the stars? Running in the woods at night? This is not everyone's idea of a good time but for Team Faster Forward - Akamai it was an amazing experience we will never forget.
Over the last five months, the services and support management teams from Akamai have been working hard on integrating the Akamai and Prolexic Security Operation Center (SOC). Given the progress that we've made along the way, we think it would be timely for us to talk about how this effort from both companies could help our customers against the ever-changing attack sphere.
As previously noted, Akamai InfoSec has been working to make its most sought after compliance documents publicly available. The goal is to make it easier for customers to access the answers they regularly seek, and also to show potential new customers how we operate. We're building the foundation in the form of a compliance page on the Akamai Security microsite, and hope to publish up to two fresh public docs a month. What follows is
It's that time of year, and again I have the pleasure of participating in two Edge conferences: The panel-based EdgeConf conference in San Francisco this Saturday (Sep 20th) and the Akamai customer conference, Akamai Edge, in Miami on Oct 8-10. Both conferences are going to be a blast, and I'm looking forward to both.
A new Akamai PLXsert whitepaper was released this morning: "Web Vulnerabilities: The foundation of the most sophisticated DDoS campaigns." The paper can be downloaded here. Security practitioners know this much from long experience: Attackers who successfully build botnets and launch DDoS campaigns start by exploiting web vulnerabilities. It is the low-hanging fruit. In the white paper, PLXsert explores specific examples of the exploitation of popular web content management systems and web management
This week, Akamai PLXsert Manager David Fernandez and I discuss the latest attack research from his team. David reviews the fallout from a recent advisory about threats to Linux systems, and offers a preview of upcoming research reports.Listen to the full episode HERE You can subscribe to the Akamai Security Podcast and the Security Kahuna podcast from the iTunes store. Hear interviews with Akamai security specialists as well as security
It's fitting that the Akamai Edge customer conference is in October. It's the same month as National Cyber Security Awareness Month, and we'll have a robust security track at Edge.
FIFA World Cup 2014 was one of the largest multimedia sporting events in history . In-person attendance was estimated at more than three and a half million while hundreds of millions of viewers tuned in via TV, Internet, and radio. Akamai's online traffic statistics estimate this year's event to be ten times larger than the 2010 World Cup in South Africa, and two and a half times larger than
Akamai's Bill Brenner, Dave Lewis and Martin McKeay discuss the pros and cons of Google Glass Detector, software designed to detect Google Glass and boot it from any local Wi-Fi network. They also discuss the iCloud/4Chan controversy and look ahead to upcoming security conferences.Listen to the full episode HERE.You can subscribe to Security Kahuna and the Akamai Security Podcast from the iTunes store. Hear interviews with Akamai security specialists as
How fast could your IT team stop a DDoS attack? IDG Research found that it takes an average of 10 hours before a company can even begin to resolve an attack. On average, an attack isn't detected until 4.5 hours after its commencement and typically an additional 4.9 hours passes before mitigation can commence. With outage costs averaging $100,000 per hour, it means that a DDoS attack can cost an
Last year I launched the Akamai Security Podcast. Episode 1 was an interview with Akamai CEO Tom Leighton, who discussed the legacy of Co-Founder Danny Lewin, Akamai's role on 9-11-01, and his vision of Akamai as a major player in the security industry. This week being the anniversary of 9-11, it seems appropriate to re-share. Listen HERE.Related content: 9-11 Anniversary: Danny Lewin's Life and Legacy Internet Security Central To Danny Lewin's
Yesterday's advisory about attackers exploiting Linux vulnerabilities for DDoS assaults got a lot of attention. After hearing the feedback, we decided a follow-up post was necessary to help admins mount a better defense.I spoke with David Fernandez, head of our Prolexic Security Engineering Research Team (PLXsert), and he offered additional details on the countermeasures. First, for the basic details of the threat, check out yesterday's post. Now for the next steps...
Linux users have a new threat to worry about.According to Akamai's Prolexic Security Engineering Research Team (PLXsert), the bad guys have discovered a weakness in Linux systems they can exploit to expand their botnets and launch DDoS attacks. PLXsert released an advisory outlining the danger this morning.The full advisory is available HERE.Also read Akamai Security Advocate Dave Lewis' CSOonline blog post about the threat.
Let's make one thing absolutely clear at the outset: the time to think about the best options for cyber-threat mitigation is NOT when your network is being attacked. In the best-case scenario you will already have a mitigation strategy in place for defending against both network-layer and application-layer attacks. The most important thing to know when you are building a multi-layered approach to securing web applications is that security solutions
Shortly after DEF CON last month, friend and journalist Steve Ragan made an observation in his Salted Hash blog: People standing in the many long lines at the event were forgetting a basic social engineering risk.