Akamai Diversity
Home > April 2015

April 2015 Archives

And the winner is..... Akamai!

Wow! Last night the Akamai Adaptive Media Delivery Service was crowned Best Cloud or CDN Service Delivery solution at the TV Connect Awards 2015. I was thrilled to be there at the awards ceremony on behalf of Akamai and accept the award.
Last week, Google officially rolled out its mobile friendly update, which "boosts the ranking of mobile friendly pages on mobile search results." A long time in the making, the update is a response to the increasingly mobile world we live and work in. This update underscores Google's focus on mobile customer experience. For companies scrambling to respond to this development, fret not. Akamai, the leader in optimizing mobile performance, is here to help. In this post, I'll discuss what drove Google's focus toward customer experience, identify a solution considered a Google best practice, and highlight the specific ways Akamai can provide a seamless experience across devices that meet consumers increasing performance expectations.

I gave a keynote at a customer experience conference in New York City earlier this month. The title was "It Takes a Village: Creating a Customer-Centric Culture That Works," and it was about how people make a difference. We all know that research and studies will evolve and acronyms will change, but at the heart of all customer programs are the customer and the people who touch them. Recent opinion is moving towards understanding the customer experience through relationships and interactions. In this session, I talked about how a technical support group (our Customer Care) at Akamai moved along the path of understanding and communicating better with customers and changed the perception of what was important in those interactions!

Videos: Akamai at #RSAC 2015

Tenable Network Security commissioned media pro David Spark to produce videos during RSA Conference and BSidesSF 2015. His lens caught a lot of Akamai. Here are some particularly good interviews.

Interop PSA

With Interop on the not-so-distant horizon, we want to give you a rundown of what to look forward to seeing from Akamai at this year's conference.

Black Friday and Cyber Monday RUM Insights - Part II

Performance across different device types

In Part 1 of this blog post we looked at traffic trends and performance on individual devices. When we compare performance across devices we see another interesting result. This is a large data set and it is made up of different pages from different websites so there is a large element of noise here, however all device types contain a substantial sample size and the randomness of the data is shared across each parameter.

Missed #RSAC 2015? We've Got You Covered!

It's hard to believe that RSA Conference 2015 was just last week!

Did you miss attending it this year? That's ok! We live tweeted the entire conference, so take a moment to catch up on all the exciting things that happened last week, by reading our tweets.

Enjoy!

Q1 2015 SOTI Preview: Cruel (SQL) Intentions

The Q1 2015 State of the Internet - Security Report is due out next month, and we spent much of last week's RSA Conference 2015 previewing sections. We continue doing so today.

Last week we reviewed the significance of a 100 GBPS attack, the continuing trend of website defacements and DNS Hijacking, and the potential security risks of widespread IPv6 adoption. Today, we look at an analysis of SQL injection attacks based on data from Akamai's Kona Site Defender web application firewall (WAF).

RSA 2015 Video: Four Cloud Mistakes to Avoid

Tenable Network Security commissioned media pro David Spark to produce videos during RSA Conference and BSidesSF 2015. Along the way, he caught up with Akamai Security Advocate Dave Lewis and myself. Here's the resulting interview.


Live from RSA 2015: Security Kahuna Podcast

State of the Internet Security Podcast Host Bill Brenner catches up with Akamai security advocates Dave Lewis and Martin McKeay.

Friends and industry colleagues, the trio dissects RSA 2015 from a security expert perspective. Over the last few years, the RSA conference been considered an insider event with a structured theme and coinciding messaging - Brenner and team discuss the expansion of RSA into a major event lacking central messaging.

In addition to discussing the changes observed at RSA 2015, Brenner also discusses with McKeay and Lewis the future for RSA in events to come and how businesses are evolving to adapt to customers and prospects who attend.

DD4BC Operation Profile [Medium Risk]

Update: In an earlier version of this bulletin, we discussed how chaotic actors were exploiting Google services as part of their operations. Some have misconstrued it as Google backing a botnet. To be clear, Google has no part in this activity, and certainly does not condone such activity.

DD4BC, a malicious group responsible for several Bitcoin extortion campaigns last year, is expanding its extortion and distributed denial of service (DDoS)
campaigns to target a wider array of business sectors. In recent days, two Akamai customers have fallen into its crosshairs.

Akamai's Prolexic Security Engineering and Research Team (PLXsert) has conducted new research into DD4BC in recent weeks.

DD4BC appears to use Google IP address ranges, and in some cases AppEngine instances, in its attacks. It appears to use common UDP reflection DDoS attack techniques, as well as SYN floods that spoof Google crawler IP addresses, to mask the malicious traffic.

In one threat, DD4BC claimed it had the firepower to launch 400+ Gbps DDoS attacks, though there is no concrete proof it could carry out an assault of that size.

Late last year, the group repeatedly tried to blackmail Bitcoin exchanges and gaming sites - threatening victims with DDoS attacks in order to extort bitcoins.

Campaigns typically consisted of an email informing the victim that a low-level DDoS attack was underway against the victim's website. Emails explained that the DDoS activity could be observed in server logs at low levels in order to not interrupt the victim's operations. Following this explanation, DD4BC demanded a ransom paid in bitcoins in return for protecting the site from a larger DDoS attack capable of taking down the website.

State of the Internet Security Podcast Host Bill Brenner catches up with an old friend: Tenable Network Security's Jack Daniel.

The two have been friends and industry colleagues for the last decade, having spent many a security conference in the trenches together. For travel to and from one such event, they shared a cramped RV from Boston to Washington, DC three years in a row.

Some things have changed in the security industry since those early days, while other things have stayed the same. In this conversation, Brenner and Daniel reminisce and look at where the state of security is headed.

98% of employees access business applications from their mobile device outside the office. Many enterprises were caught off guard by the rapid adoption of mobile. In less than a decade, organizations have moved from locked down BlackBerry devices to the chaotic BYOD free-for-all of today. With this trend, three big enterprise challenges surrounding mobile have emerged: complexity, connectivity, and speed.
It's exciting to see how Web Performance is increasingly going mainstream. More conferences have performance talks, more organizations have performance teams, more business goals include performance requirements... It's fun to see what used to be a small community of passionate speed fanatics grow and expand into the broader web tech world. 

With this broader adoption, it's critical that we also scale how we educate about web performance. We need to expand from one-on-one education, or even conference presentations, to great education content that can be consumed anywhere, anytime. Google's Web Fundamentals section about web performance, and Ilya Grigorik's Udacity Web Performance Course are great examples of doing just that. 


The Q1 2015 State of the Internet - Security Report is due out next month, and we think the week of RSA Conference 2015 is a good time to start previewing sections.

Yesterday we reviewed the continuing trend of website defacements and DNS Hijacking. The day before that we reviewed the potential security risks of widespread IPv6 adoption. Today, we look at the significance of a 100 GBPS attack.

The Internet Will Never Be the Same

Yesterday, the Internet changed: Google has implemented its long awaited algorithm changes to search results. From now on, websites that appear in the search results will be evaluated and ranked on a new data point: mobile friendliness.

google-mobile-update.png
 
We have been blogging about how the world is becoming an increasingly mobile place, and that it will continue to be even more so. We've gone so far to consider that perhaps people should no longer consider mobile as a separate category. Many organizations have responded by adopting strategies to align with their customers or end-users' mobile lifestyles. For those who have been procrastinating, the pressure to change and adapt to mobile user has drastically increased today.  If you do not have a mobile friendly site, not only your customers will abandon your site due to sub-standard performance, but Google will penalize you with your site's search rankings.
 
If you are one of the few organizations who have still yet to cater to your mobile users, your business will suffer. Fear not, however, you do have options. If you work with a content delivery network (CDN) vendor, such as Akamai, you can work with them to help ensure your business is well suited for mobile audiences.  These solutions will help optimize website performance on a per-user and per-device basis.

In addition, you should use Responsive Web Design (RWD) principles when developing your sites. Sites employing RWD operate on a single code base and render content based on end-user's device characteristics, presenting them with an optimized and consistent experience across all browsers and devices. This is what the Google algorithm is looking at when they apply the label "mobile-friendly."
 
That said, RWD is not easy and only solves part of the problem. If not implemented properly, RWD can significantly impact performance and page load speed due to over-downloading. Why? Though there is an operational benefit to having a single code base, it also means that mobile devices download the entire page code and then adjust the way its presented based on the respective device capabilities. Without proper RWD implementation, you may end up getting better rankings on Google searches for mobile friendliness, but end up frustrating end users and increasing abandonment rate. It's also important to keep in mind that Google is testing a "slow" label for search results. Soon enough, being mobile-friendly won't  be enough, your site will have to perform above certain standards (that Google has yet to make public) or risk getting tagged with the "slow" label. 
 
So, what can you do? Work with web performance professionals to ensure your site is: 

1) Optimized to deliver consistent experiences across devices and
2) Fast enough to meet users rising performance expectations

One particular area of focus to help optimize web sites for mobile is images.  Akamai has created a reporting tool that can give you quick and easy insight into how well your site is optimized for the delivery of images to mobile devices. You can request a full Performance Insights report here.

In the new mobile world, delivering consistent, high performing experiences isn't just an option, it's a necessity. 

- - - - -

Berk Veral is Senior Product Marketing Manager at Akamai

Akamai's Response to CVE-2015-1635

In response to the vulnerability discussed in the Microsoft disclosure at https://technet.microsoft.com/library/security/MS15-034, Akamai has analyzed its production servers and has determined it is not running any version of the software that is susceptible to the vulnerability.
 
Akamai has created a permanent rule for the Trustwave® ModSecurity® Core Rule Set (CRS) and Akamai® Kona Rule Set (KRS) rule to help protect customer servers from attacks that exploit this vulnerability. This rule (3000031) is available on Luna Control System and can be manually added to your Firewall policy using the following actions:
 
For Existing Firewall Policies using CRS v1.6.1:
  1. Access Luna Control Center and the Web Application Firewall page (CONFIGURE >> WAF Configuration).
  2. On the Web Application Firewall page, select the WAF Configuration version with which you would like to work.
  3. On the resulting Web Application Firewall Configuration page, edit the Firewall Policy for which you would like to enable rule 3000031.
  4. On the resulting Edit Firewall Policy page, click the Next button.
  5. On the resulting Application Layer Controls page, in the 1.6.1 Rule Set list, scroll to rule 3000031 and select its check box.

6. Click the Next button, and continue clicking it on any subsequent pages until you reach the final page.

7. Click Finish to finish updating the Firewall Policy.


For Existing Firewall Policies using KRS v1.0:
  1. Access Luna Control Center and the Web Application Firewall page (CONFIGURE >> WAF Configuration).
  2. On the Web Application Firewall page, select the WAF Configuration version with which you would like to work.
  3. On the resulting Web Application Firewall Configuration page, edit the Firewall Policy for which you would like to enable rule 3000031.
Be aware, unless you created your Firewall Policy on or after April 1, 2015, you must upgrade to the latest KRS version for rule 3000031 to become available to your Firewall Policy; a KRS 1.0 Update Requirednotification will appear on the Web Application Firewall Configuration page for each affected Policy. In addition, if you choose to create a new version of a WAF Configuration or Firewall Policy from an existing one created prior to April 1, 2015, you must be certain to upgrade KRS in the new version.
 
Complete the upgrade procedures in the Upgrading the KRS, Version 1.0 Rule Set section of the Kona Site Defender User Guide available in Luna Control Center (Support >> User and Developer Guides >> Kona Security Solutions) in order to proceed with enabling the rule.
4. On the resulting Edit Firewall Policy page, click the Next button.
5. On the resulting Application Layer Controls page, in the KRS 1.0 Rule Set list, scroll to rule 3000031 and select its check box.

6.      Click the Next button, and continue clicking it on any subsequent pages until you reach the final page.
7.      Click Finish. The Firewall Policy is now updated.

For New Firewall Policies:
1.      Access Luna Control Center and the Web Application Firewall page (CONFIGURE >> WAF Configuration).
2.      On the Web Application Firewall page, select the WAF Configuration version with which you would like to work.
3.      On the resulting Web Application Firewall Configuration page, click the plus sign (+) button at the upper right-hand corner of the Firewall Policies area.
4.      On the resulting Create New Firewall Policy page, enter and select all desired parameters, including the Application Layer Controls rule set (1.6.1 or KRS 1.0), then click the Next button.
5.      On the Application Layer Controls page, in the rule set list, select all desired rules, being certain to include rule 3000031, by selecting their respective check boxes.

Rule 3000031 in CRS v1.6.1.

Rule 3000031 in KRS v1.0.

6.      Click the Next button.
7.      On any subsequent pages, fill out and/or select all desired parameters, and click their Next buttons until you reach the final page.
8.      Complete the final page, and click Finish to create the Firewall Policy.
After a dozen years in the advertising industry, looking back I remember the first few chapters of online video being written, as more and more content began to make it onto the Internet. A few years later the same online video content was starting to be accessed on mobile devices, and I was trying to pitch a partnership with a video ad network; a couple of executives at the online advertising network I worked at were very skeptical, calling it a fad that will never take off. I remember one saying, "I would never watch a video on a small screen; there's no way this will capture people's attention." 

At that time, people didn't realize how many new handheld devices with different capabilities, screen sizes, and formats would start to emerge and take over the consumer market. They had no idea how these devices would change people's viewing habits, in turn affecting the many content providers and publishers to scramble to produce, publish, and repurpose existing TV content. There were very few advertising agencies that understood online video advertising, and if they did, they would include video ads along with their primary request of banner ads as a nice to have or a bonus in the RFI/RFP. Video advertising CPMs were all over the place because there was very little video content, no standards, and limited tracking, so monetization was not taken very seriously. 



In 2014, several successful malicious attacks against large financial services, government and private sector firms gave a clear indication of the changes occurring in the network security industry. The recent Ponemon Institute Cost of a Data Breach study found the average cost of a data breach to be $3.5 million with average cost per compromised record more than $145. (1) 
Akamai's State of the Internet Report for Security, Q4, 2014, also indicates a rise in attacks with a 90 percent increase in DDoS attacks and 121 percent increase in infrastructure layer attacks over the previous quarter.

Internet Penetration in Q4 2014

Every day, Akamai services approximately two trillion requests for web content, giving us unique insight into Internet penetration around the globe. In the fourth quarter of 2014, around 803 million unique IPv4 addresses from 239 countries or regions connected to the Akamai Intelligent PlatformTM. This represents annual growth of more than 2.5 percent from the fourth quarter of 2013.

Andrew Hay, BSidesSF volunteer and research director at OpenDNS, talks to Bill Brenner about the major security issues being discussed at this year's two-day BSides event, as well as problems with attack attribution, potential fearmongering and what we might expect at RSA.

Best Practices Coming Out of the Winter Shopping Season

The 2014/2015 holiday and winter shopping season has come to a close. Now, it's time for retailers to optimise and prepare for next year's certain growth in eCommerce and mCommerce activity. With the major holidays out of the way, retailers can now reflect what did and didn't work and what they can do to improve sales performance for the year ahead.

The Q1 2015 State of the Internet - Security Report is due out next month, and we think the week of RSA Conference 2015 is a good time to start previewing sections.

Yesterday we reviewed the potential security risks of widespread IPv6 adoption. Today, we look at the continuing trend of website defacements and DNS Hijacking.

Q1 2015 SOTI Preview: IPv6 Security Challenges

The Q1 2015 State of the Internet - Security Report is due out next month, and we think the week of RSA Conference 2015 is a good time to start previewing sections.

Let's begin with the potential security risks of widespread IPv6 adoption.

Black Friday and Cyber Monday RUM Insights - Part I

At Akamai, we see A LOT of traffic through our platform and when our customers get busy, we get busy! With the introduction of our free Real User Monitoring (or "RUM") tool, our customers get insight into their end-users' actual experiences across all kinds of connectivity situations. We have published a report around US shopping trends already to analyse user behaviour by device used during the busy retail period and especially Black Friday and Cyber Monday.

Akamai Cloud Networking At Interop

Interop is just around the corner. I am sure there will be plenty of thought provoking content about how to transform IT, flashy demos, and SDN everywhere you look. But let's not forget the reality of most IT organizations today.

Akamai Showcases Client Reputation at Finovate

Last month Akamai returned to the Finovate stage in London, presenting our Client Reputation security product to a record-setting crowd of 1,250 attendees from leading financial services firms from across Europe and around the world. This marked our third time on stage at Finovate, since our first demo of Kona Site Defender at Finovate New York back in 2012.

Finovate.png

An Evening With Akamai and AT&T During #RSAC 2015

As RSA Conference 2015 attendees continue to finalize evening schedules, here's a suggestion: Come by our event with AT&T. Meet and mingle with Akamai, AT&T and your fellow security professionals. Enjoy libations and hors d'oeuvres.

Location:
The Burritt Room,
Mystic Hotel

Date & Time:
Wednesday, April 22
7:30-10:30 p.m.

Register today to attend this invitation-only reception at Burritt Room in the historic Mystic Hotel just North of Union Square in San Francisco.

Hope to see you there!

RSAC-Party_AS.jpg

How Semantic URL Structure Improves SEO

This is an interesting time to be responsible for your organization's web presence. You've probably heard that marketing is becoming more accountable for business growth from websites, applications and all kinds of digital programs.

I'm going to Disney World!

For years I've been taking the commuter rail to the Akamai office, and Boston's South Station has served as the prime location for trying to capture my attention with big, print display advertisements. The well-placed ads last month down the stairwell for the new Caribbean resort definitely appealed to my inner desire to quickly escape the dreary, long winter - but the reality of having two young boys in school makes this, unfortunately, only a dream for me. Last year, a beer ad in the same stairwell tried to convince me that "less is more" with the introduction of a new, slim 8.5oz can designed for summer. I'm sorry, but the idea of buying smaller, slimmer cans during the hot summer for the sake of refreshment just didn't jive with me. More is more, right?

Internet Disruptions in Q4 2014

Internet disruptions are still a frustrating reality in many regions across the globe. The most common types of disruptions generally fall into three categories: accidental (backhoes or ship anchors severing buried fiber), natural (hurricanes, earthquakes), or political (government shutdowns in response to protest). As a provider of customer content across the globe, Akamai is in a unique position to monitor traffic levels in each country or region. The following events are highlights of global disruptions that affected traffic levels across the fourth quarter of 2014.

Agenda for #BSidesSF 2015

A lot of attention is on RSA Conference 2015, which commences a week from Monday. But let's not forget that BSidesSF is also that week. Below is a full agenda for the event, which is April 19 and 20 at the OpenDNS offices at 135 Bluxome St., San Francisco.

Long Live the Botnet

Botnets are, in many ways, living organisms. They are formed by their creators - both malicious and benign - and then roam the internet. Much has been written about good and bad bots, but not much as been written about the lifecycle of the bot. Do Bots die? If so, when? What is the average life-span of a good bot? A bad bot?

Your 2015 Survival Guide for #rsac and #BSidesSF

It's two weeks until RSA, the biggest security conference of the year. For first-timers, this is the time to start preparing and understanding what lies ahead. It can be an overwhelming experience, with two loud exhibit halls, too many evening events to count on two hands, and so many talks it can be hard to choose what's best for your interests.

To that end, here's some advice for RSA 2015, which takes place April 20-24 at the Moscone Center in San Francisco:

Speaking of NAB ...

Experts from Akamai's Media & Entertainment team will be participating in a host of conference panels, partner workshops and in-booth presentations during the 2015 NAB Show in Las Vegas.
The Internet connectivity in the U.S. showed strong positive growth in the fourth quarter of 2014, as shown by Akamai's Internet connectivity metrics. These metrics include: average connection speed, average peak connection speed, broadband adoption, high broadband adoption, and 4K readiness. For additional insight into the metrics, refer to the State of the Internet Metrics: What Do They Mean? blog post.
As I alluded to in my last post, Responsive Web Design (RWD) is more than just a Google recommended best practice - it's essential for retailers to provide a seamless customer experience across the multi-device retail landscape. RWD offers a host of advantages, but I want to focus on two primary ones.
After last week's news that RSA Conference 2015 will ban so-called booth babes, I heard from a lot of people who agree vendors need to find other ways to attract attention during security conferences. Others felt the issue was nothing but useless security industry drama, but there is a lesson in this discussion for marketers.

One reader told me the use of booth babes isn't the result of bad intentions. It's just that some marketing teams don't know any better. They assume the booth babes work because they see others using them. I think there's some truth to that.

So I've decided to give marketing practitioners some examples of successful exhibits that succeeded without the sex.

Here are four examples of exhibits that won on the strength of the security message. They use other gimmicks, to be sure, but in my opinion they are more about creativity than exploitation. Feel free to disagree with what follows, or share other examples of displays that worked.