Akamai Diversity
Home > May 2015

May 2015 Archives

In the past years we have seen an increase in distributed attacks against web applications. By using many attacking resources to target the same destination, attackers are obscuring their identity while boosting attack bandwidth, placing a greater challenge to defensive forces. Most of the distributed attacks use "volumetric" methods such as Distributed Denial of Service (DDoS) or brute force techniques such as "slow and low" to attack web applications.
The lines between offline and online experiences are blurring. Customers no longer go online, they are online 24/7, and that includes inside your stores. In fact according to recent Google research 89% of smartphone users leverage their smartphones while shopping in stores. And close to 70% of those used it to look at that retailer's site and 21% at apps.
Some of us remember when Amazon introduced the concept of online shopping to the masses, sparking countless debates around the water cooler: How long would Amazon last? Would customers buy in to the idea of purchasing goods on a computer, sight unseen? How would this impact brick-and-mortar stores? Which would survive? While some of these questions have been answered, for others, the jury is still out.

Innovation vs. Risk & Compliance in Financial Services

Innovation and investment in FinTech is seemingly all around us in financial services. Hundreds of articles in the press, and dozens of financial services conferences on digital currencies, automated investment advice, investment in innovation labs by banks, the future Internet of Things and more, lead us to believe that innovation is thriving in banking and financial services. But is it really?

In this episode, State of the Internet Security Podcast host Bill Brenner chats with Akamai CSO Andy Ellis about the findings in Akamai's Q1 2015 State of the Internet - Security Report.

Specifically, they discuss how:

  • Q1 2015 set a record for the number of DDoS attacks observed across the PLXrouted and proxy mitigation platforms - more than double the number recorded in Q1 2014 - and a jump of more than 35 percent compared to last quarter.
  • Simple Service Discovery Protocol (SSDP) attacks were the top attack vector Akamai mitigated, comprising more than 20 percent of DDoS attacks. This was an increase of 6 percent compared to the previous quarter.
  • The online gaming sector was once again hit with more DDoS attacks than any other industry.
  • Q1 2015 saw Akamai aggressively moving away from the use of SSL in favor of TLS. This is noteworthy, since SSL flaws were at the heart of some of the vulnerabilities Akamai has dealt with in recent months.
  • A majority of web application attacks in Q1 were attributed to LFI and SQLi exploits. The retail sector was hardest hit by those attacks, followed by media, entertainment, hotel and travel companies.

Listen to the episode.

User experience in the context of web performance is an an overused term that's often conceptually understood, but difficult to concretely define. That's why we asked Akamai senior network architect Matt Ringel to help us define and qualify user experience in the context of enterprise application delivery. In his own words: User Experience = User Interface + User Expectation + Desired Outcome.

Akamai Statement on the Logjam Vulnerability

In response to the Logjam vulnerability discussed in this disclosure, Akamai is continuing to analyze its production servers to determine if it supports the relevant Diffie-Hellman ciphers that would leave customers vulnerable to Logjam.

We have determined that Akamai hosts on our Free Flow and Secure Content Delivery Networks are not vulnerable. 

We do recommend customers check their origin. We also recommend that anyone using a web browser, running a server or developing relevant software read the "What should I do?" section of this advisory.

If our investigation uncovers additional risks, we will provide follow-up blog posts and Luna advisories to update customers on how we are affected and what we're doing about it.

Other resources
We recommend people read this OpenSSL post on upcoming changes related to Logjam and FREAK.
We are more connected than ever before. Mobile devices are ubiquitous, WiFi availability is on the rise, and consumers are accessing information from multiple devices, networks, and locations across the globe. To learn more about the impact the hyperconnected world is having on consumers, Akamai commissioned the 2014 Consumer Web Performance Expectations Survey to build the Performance Matters series.
Today we release the Q1 2015 State of the Internet Security Report. You can grab it here, but we've been previewing it for the last few weeks in the Akamai Blog:

Q1 2015 SOTI Security Preview: 7 Attack Vectors

In this final preview before the report's release, we look at the most-used attack vectors for the quarter.

Coming Soon: The Q1 2015 State of the Internet Security Report

Among the Q1 2015 highlights:

  • We saw a record number of DDoS attacks recorded on the Prolexic network - more than double what was reported in Q1 2014.
  • The profile of typical attacks changed. 
  • Last year, high bandwidth, short-duration attacks were the norm. This time, the typical DDoS attack was less than 10 Gbps and lasted for more than 24 hours. 
  • SSDP attacks -- absent in Q1 2014 -- came on strongly in Q1 2015. 
  • The proliferation of unsecured home-based, Internet-connected devices using the Universal Plug and Play (UPnP) Protocol has made them attractive attack targets.

Q1 2015 SOTI Preview: Significance of a 100 GBPS Attack

Today, we look at the significance of a 100 GBPSattack.

Q1 2015 SOTI Preview: Website Defacements and DNS Hijacking

Today, we look at the continuing trend of website defacements and DNS Hijacking.

Q1 2015 SOTI Preview: IPv6 Security Challenges

The potential security risks of widespread IPv6 adoption.

Move over SMAC! The eCommerce Industry in India has already adopted Social, Mobile, Analytics and Cloud (SMAC) in a big way and even the smaller players are well aware of their massive benefits. In fact today these have become a necessity to stay competitive and some of the innovations are coming from the smaller players.
The past fortnight has been a hectic period for Akamai's security teams in Australia and New Zealand. We've been approached by a number of financial organisations, and large and medium sized business to help mitigate DDoS threats from DD4BC. If you're not familiar with DD4BC, here is a updated writeup on their extortion attempts by Bill Brenner

OWASP AppSec Europe 2015

This Year AppSecEU will be hosted in Amsterdam, Netherlands 19 - 22 May and Akamai Threat Research Team will be on stage.

The Evolution of Mobile

Desktop. mDot. Adaptive. Responsive.

In all likelihood, you've mulled these scenarios over to discern how best to deliver content to your users. Previously, we discussed the challenges of complexity, connectivity, and speed for mobile application delivery in the enterprise. Beyond addressing these challenges, the crucial decision of how to best display your content remains. We outlined the evolution of mobile below to to better guide your content delivery efforts and show you where the application delivery is headed.

Q1 2015 SOTI Security Preview: 7 Attack Vectors

We continue to preview sections of the Q1 2015 State of the Internet Security Report (SOTI Security) due out later this month. So far, we've told you about the continuing trend of website defacements and DNS Hijacking, the potential security risks of widespread IPv6 adoption, and the significance of a 100 GBPS attack. We've also given an overview of Q1 DDoS activity.

Sponsoring the ThirstyBear Cycling Team

Around the Bay Area cycling is often referred to as the new golf. It allows riders to network with peers while getting exercise and enjoying the outdoors. Some are attracted to the sport because the vast array of technology today's bikes utilize - many of them eventually representing the cost of a small car or large motorcycle.
We continue to preview sections of the Q1 2015 State of the Internet Security Report due out later this month.So far, we've told you about the continuing trend of website defacements and DNS Hijacking, the potential security risks of widespread IPv6 adoption, and the significance of a 100 GBPS attack.

Among the Q1 2015 highlights:

  • We saw a record number of DDoS attacks recorded on the Prolexic network - more than double what was reported in Q1 2014.
  • The profile of typical attacks changed. 
  • Last year, high bandwidth, short-duration attacks were the norm. This time, the typical DDoS attack was less than 10 Gbps and lasted for more than 24 hours. 
  • SSDP attacks -- absent in Q1 2014 -- came on strongly in Q1 2015. 
  • The proliferation of unsecured home-based, Internet-connected devices using the Universal Plug and Play (UPnP) Protocol has made them attractive attack targets. 

DD4BC Escalates Attacks

DD4BC, a malicious group responsible for several Bitcoin extortion campaigns last year, is expanding its extortion and distributed denial of service (DDoS) campaigns. In recent days, Akamai has had to protect a growing number of customers from these attacks.

Researchers from Akamai's PLXsert and CSIRT teams continue to research DD4BC's threats and attack activity, and this afternoon released a new bulletin to Akamai customers through the company's Luna portal and Akamai Community.

May OWASP Boston Meeting at Akamai

The Open Web Application Security Project (OWASP) Boston chapter will hold it's monthly meeting Wednesday night at Akamai headquarters. Details below.

SOURCE Boston Agenda - May 27-28, 2015

SOURCE Boston will be held later this month at the Marriott Courtyard. Several people from Akamai InfoSec will be there volunteering, working the Akamai booth and attending talks. The full agenda is below.

BSides Boston 2015: Agenda

BSides Boston is Saturday at Microsoft, 1 Cambridge Center. Several people from Akamai InfoSec will be there volunteering, working the Akamai booth and attending talks. The full agenda is below.