Akamai Diversity
Home > February 2016

February 2016 Archives

If you're headed to the RSA Conference 2016, be sure to stop by the Akamai booth #4000, in Moscone North Hall. We're very excited about the recent launch of our Bot Manager web security technology and we'll show you firsthand how it works in a live demo. You'll see how Bot Manager provides, for the first time, the capability to categorize bot types and manage bot activity on your website. This is a significant advance over the simple detection and blocking techniques commonly available today. The result? You'll be in control of both the business and technological impact of bot traffic - without blindly mitigating everything and potentially escalating the bot problem.

Akamai's State of the Internet Security Report with Andy Ellis

The State of the Internet Security report by Akamai is issued four times a year with information on the types of online attacks that Akamai Technologies protects its customers from every day. In this free report, you can read about changes in Distributed Denial of Service (DDoS) attacks with multiple different metrics. In addition, we look at the various types of web attacks against our customers and a spotlight on a specific technique or attack group. 

In this video, Akamai CSO Andy Ellis gives a breakdown:

Today Akamai released the Q4 2015 State of the Internet Security (SOTI Security) Report (download here). I'll write posts throughout the week focusing on specific parts of the report, but let's begin with an overview in the form of an infographic.

#RSAC 2016 State of Internet Security Presentations

Today, as RSA Conference 2016 opens, Akamai is releasing its Q4 2015 State of the Internet Security Report.

At the Akamai Booth in Moscone Center's North Exhibit Hall, I'll give overviews of the report and we'll hand out printed copies. If you want to check out a presntation, here's the schedule:

  • Tuesday - 10 -6, noon and 3 p.m. PT
  • Wednesday - 10-6, noon and 4 p.m. PT
  • Thursday - 10-3, noon and 2 p.m. ET

Hope to see you there! 

You can also check this blog throughout the week for further alalysis. To download the full report, click here.

Not a single member of the Akamai automotive team has been to a Super Bowl party in the last 12 years. It's not because we're anti-social - quite the opposite - during each Super Bowl, we find ourselves in the same location where we are collectively sitting with one eye on the game, one eye on our screens and usually on a call (or several) with our automotive customers.  We are waiting with bated breath after their television ads run during the game and hoping for huge spikes in visitors to their sites. Our singular aim during Super Bowl is to ensure that the traffic our customers drive online is as large, error-free, secure, high-performing and successful as possible.

IKE/IKEv2 Ripe for DDoS Abuse

By Bill Brenner, Akamai SIRT senior tech writer

Akamai's Security Intelligence Research Team (SIRT) is conducting research into the security posture of the Internet Key Exchange (IKE & IKEv2) protocol. The paper outlines the findings thus far, including configurations in the protocol itself that attackers could potentially leverage to launch reflected DDoS campaigns.

Join Akamai at Game Developers Conference

If you'll be at GDC this year, I urge you to stop by the Akamai booth. Not just because we've got a charming group of local games experts there, and not just because we've got a pretty cool demo station, but because we want to hear from you. We want to know what's making it hard to get your games launched, seen, played and loved by players.

3 Key Insights

As the mother of two Millennials, I know first-hand about the wants and needs of this young generation. My sons are always connected to their smartphones, expect immediacy in their digital experiences, have very little patience for processes that aren't smooth and easy, and spend significant time researching products and services in-depth online before making purchasing decisions. Because of this dedication to pre-purchase research, there have been times that, even though I study and research the financial services industry every day,  they have introduced me to a new finance app, or credit card offer that I hadn't yet discovered.

eTail West Preview - 2016

I love eTail West - and not just because I get to stay in warmer climates (sorry, New England folks!), but because eTail West is a meeting of the savviest minds in the retail space. Not only am I excited about the upcoming show, but also about some of our own recent retail announcements that align with the type of innovation showcased throughout the conference. 

Akamai continues to investigate the Glibc vulnerability outlined in CVE-2015-7547 to see how its technology may be affected.

As part of the DNS query process, Glibc is used by many systems across the Internet -- and at Akamai -- and all versions of Glibc's getaddrinfo () library functions since version 2.9 are potentially vulnerable to a range of attacks based on a stack buffer overflow.

Ransomware cyberattacks in healthcare? Sadly, yes.

It's been widely reported that Hollywood Presbyterian Medical Center experienced a ransomware attack on February 5 that encrypted their data and disabled their network.  The hospital was forced to revert to paper and faxes to relay patient information, and hospital operations were so strained that they succumbed to the cyberattack and paid the hackers 40 bitcoins, or about $17,000, to get the decryption key.

Game Tech Vs. Art Vs. Business

Do you remember when Roger Ebert declared that video games can never be art? Many of my friends in the industry threw themselves (metaphorically) on the floor in fits of rage, as if Ebert was nearby and could hear them.

Bot Manager: Why It Matters

Earlier today, Akamai announced the launch of a completely new product, Bot Manager. You can read more about the details in the press release and on Akamai.com. I won't bore you by repeating them, but I did want to add some color on why it matters.

Digital Transformation, Millennials, and the Future of Financial Services

Digital performance is more important to Financial Services Institutions (FSIs) than ever before. As they continue to work to regain the trust of customers, investors, and regulators, FSIs must prepare to engage and attract the next generation of customers - millennials. Simultaneously, digitally native startups are making inroads on their market share. In response, FSIs must undergo a digital transformation - redefining value propositions and optimizing business models and processes with a laser focus on changing customer relationships and experiences. To support this innovation, FSIs must rely on web performance and security experts to deliver fast, safe, digital experiences to their customers and focus on what they do best - build trusted relationships based on exceptional financial services.

DNSSEC Targeted in DNS Reflection, Amplification DDoS Attacks

By Bill Brenner, Akamai SIRT Senior Tech Writer

During the past few quarters, Akamai has observed and successfully mitigated a large number of DNS reflection and amplification DDoS attacks abusing Domain Name System Security Extension (DNSSEC) configured domains.

As with other DNS reflection attacks, malicious actors continue to use open DNS resolvers for their own purpose -- effectively using these resolvers as a shared botnet. This technique has also been linked to the DDoS-for-hire underground market.

The attacks are outlined in a new Security Bulletin written by Akamai SIRT, the full report can be downloaded at the following link: http://www.stateoftheinternet.com/dnssec-attacks.

Redirecting On the Edge

On the web, every second counts. Service engineers and operations teams are looking for ways to save milliseconds from web pages' load times. One of the simpler ways to squeeze better performance from web pages already using a Content Delivery Network (CDN) is to move the redirection responses from origin to the edge. A simple and common example of redirects could be to upgrade the protocol used from HTTP to HTTPS. Another example could be to redirect to a locale-specific path. By using Akamai's Edge Redirector Cloudlet, customers can consolidate redirects that are being made through multiple layers in the technology stack to a single location on the edge.

Join Akamai at D.I.C.E.

I'm not a Vegas kind of guy. It's the heat mostly, but I think it's a gamble to put $1.25 in a hotel vending machine, hoping all the way that my corn chips don't get stuck on the dispenser rings. As such, it's a very big deal when I go to Vegas on purpose, and an even bigger deal when I can say I'm excited about it.

CBS Breaks Super Bowl Streaming Records

Congratulations to CBS for delivering the most streamed Super Bowl in history.  According to official CBS numbers and a report by Streaming Mediathe Super Bowl 50 live stream drew 3.96 million unique viewers who watched for an average of 101 minutes each. Viewers consumed more than 315 million minutes of coverage during the showdown between the Denver Broncos and Carolina Panthers, with an average audience size of 1.4 million. These are all new records for a Super Bowl live stream.

(All We Are Saying Is) Give Bots a Chance

Lately, it seems, bots have been taking a beating in the security press.  They are blamed for DDoS attacks, for Web Attacks, for price scraping, for Grey Marketeering, and even, according to some, for Ted Cruz's recent win in Iowa.  Bot are ALL bots bad ALL the time?  We say NO!  Why not? Let me count the ways:

In our last blog post, we discussed the many ways the Request Control Cloudlet could be used to provide conditional visitor access to your site or application. In this post, I'll break down which easy-to-configure Cloudlet app - Phased Release or Audience Segmentation - is right for you when it comes to splitting traffic over two or more origins.  

Understanding Brotli's Potential

When it comes to compression on the web, GZIP reigns supreme. In the 18 years since GZIP was first supported by browsers, other compression methods have been introduced but none have matched GZIP's combination of speed, support and results.

The information security community is losing its collective mind because actors from the much-maligned "CSI: Cyber" TV series are on the keynote schedule for RSA Conference 2016. A lot of analysis has been devoted to RSA's decision. In this episode of the Security Kahuna Podcast, Akamai security's Bill Brenner, Dave Lewis and Martin McKeay weigh in. Also discussed: Some tiny coming attractions for the Q4 2015 State of the Internet Security Report.

I recently spoke with Insurance CIO Outlook Magazine in response to an award Akamai received as a top 10 security provider for insurers. As part of the discussion, I shared the importance of security for insurance digital transformation.

Changing the Rules of the Game

A common defensive rule of information security is that once you detect an attack against your organization's Web applications, you must mitigate the attack by stopping it. In other words: "stop it once you can."

But what if the rules of the defenders vs. attackers "game" have changed and the teams are not playing in the same league anymore? For example, here are some of the "game" changers from recent years: