Akamai Diversity
Home > June 2016

June 2016 Archives

With this issue, the start of the ninth volume of the State of the Internet Report, we are introducing several changes, with several more planned to follow in subsequent issues.

The first notable change is within the regional breakout sections of the report. For the last several years, the report has included a "Geography: Europe, Middle East, and Africa (EMEA)" section, surveying a selected set of countries within those regions. Starting this quarter, we've broken that section apart, and the report will now include a "Geography: Europe" section, which includes all 28 member countries of the European Union plus three more non-members that have long been included within the EMEA section. The report will also now include a "Geography: Middle East and Africa (MEA)" section that surveys 13 countries from across that extended region. Given the increasing role the Internet is playing across multiple facets of life in this developing region and the ongoing improvements to both domestic and international Internet connectivity within these countries, we felt it was time to break out connection speeds and broadband adoption rates for Middle East and Africa countries into a distinct section, where surveyed countries can be compared with their local peers.

Green is the Warmest Color

Recently, Akamai announced the company's plans to expand its sustainability initiatives through an innovative renewable energy procurement strategy. Unlike many of its peers in the tech industry, Akamai does not operate its own data centers. That means, for example, we don't have roofs on which to install solar panels, which is one key way of generating your own renewable power.

HTTP/2 Performance Monitoring

This blog post is part of an ongoing series where we discuss a wide range of topics related to HTTP/2 (h2). In today's post, I explore why TTFB (Time to First Byte) may not be the best measure of h2 performance. I also address questions regarding why TTFB may be higher for h2, and why that's not necessarily a bad thing.

In his latest white paper, "Innovation in Communication Services: Breaking with the Past without Waiting for the Future," Patrick Donegan of Heavy Reading discusses a key aspect of digital transformation: the ability to offer innovative services that enhance the subscriber experience. More specifically, he discusses the need for personalized services--as well as why DNS technology is an ideal way to achieve personalization in new service offerings.

How real can fiction become?

It is interesting to see how fiction can affect our judgement or, at least, our opinions. Below, what you have is an excerpt (the first chapter) of a draft of a novel that I have come across and made me think a lot. Bear with me: read this entire article and then come back to this post. If nothing else, you may enjoy 4 minutes of literature.

Locky is Back

When we published our recent Locky blog post, we didn't expect it to have such a quick effect: a day after the post went online, this notorious ransomware went offline. We immediately figured it out - a blog post can change the world.

Images...They're Kind of a Big Deal

They may not have many leather bound books or smell of rich mahogany, but images are...kind of a big deal. In fact, it would be fair to say that content owners and consumers have gone a bit "image crazy" in the past few years.

Predicting Dynamic Malware Threats

We just released a new whitepaper outlining the upcoming types of cyberthreats and malicious activity affecting digital consumers, and how organizations and operators can address them. Below is an excerpt.

By Will Law and Shawn Michels

Apple's June 15th announcement at its Worldwide Developers Conference that it will add fragmented MP4 (fMP4) support to HLS marks a significant step in simplifying online video streaming. fMP4 is the parent of the emerging Common Media Application Format (CMAF), and Apple's plan to support fMP4 brings the industry closer to the single format for OTT distributors and playback support on all consumer electronics devices. The ultimate goal is to reduce the complexity when delivering video online. 

Where is my HTTP/2 Performance?

This blog post is part of an ongoing series where we will discuss a wide range of H2-related topics. In today's post, we talk about some of the misconceptions regarding HTTP/2 being a silver bullet for improved website performance. 

I was on a flight to Brazil last night to kick off a week of meetings with partners and customers in Latin America. During the eight-and-a-half-hour flight from Atlanta, I got an opportunity to watch a few movies I've been meaning to catch up on, and on the top of the list was Steve Jobs. There's a scene near the end of the movie where Steve is trying to recruit John Sculley, the CEO of Pepsi, to join Apple as their new CEO. Steve Jobs' winning pitch was that his vision for the Macintosh will be the equivalent of a bicycle for our minds.

The Human Element of Our Ubisoft Case Study

For a couple of reasons, I'm pleased to share this video and case study showing how Ubisoft is working with Akamai to enhance their player experience and streamline game development. Have a look to learn how the publisher of hugely successful titles such as Assassin's Creed, Tom Clancy's Ghost Recon, Just Dance and many others is addressing rising customer expectations for fast downloads and gameplay, as well as mitigating the challenges that come with globally dispersed development teams. It's pretty cool stuff.

I am scheduled to give a security talk next week at the Gartner Security Summit entitled: Web Application Defender's Field Report.  In the talk, I will be covering statistics and technical details of web application attacks from our just released State of the Internet (SOTI) Report for Q1 2016.  One of the more interesting details of the report centers around the analysis of massive Account Takeover (ATO) attack campaigns that targeted two of our customers.

People just want to play

On my walk into the Akamai office this morning, I passed a small auto repair shop. It didn't spring up out of nowhere; it's been there all along. I just happened to notice it on today's commute because there was a team of two loading tires from a van into the shop. The task itself wasn't worth noticing, but the way they were performing it was.

How to Better Understand the Bot Ecosystem

Jason Miller, our chief strategist of Commerce, was recently published in Retail TouchPoints magazine.  In his article, How to Better Understand the Bot Ecosystem, Jason talks about the different ways to distinguish between good bots and bad bots and how the distinctions change across applications and environments.

It has now been five years since World IPv6 Day and four years since World IPv6 Launch. The long-term global Internet transition to IPv6 is well underway and increasingly entering the mainstream. The American Registry for Internet Numbers (ARIN) exhausted its free pool of IPv4 addresses in September 2015, following all of the other registries except for Africa's AFRINIC (which is on track to exhaust its IPv4 free pool in 2018). The result is that businesses and service providers needing Internet addresses for their mobile users, broadband users, business offices, servers, or cloud infrastructure now need to purchase IPv4 addresses on a transfer market, use IPv4 NAT (network address translation) with corresponding costs and complexity, or make a strategic decision to leverage IPv6.

Why the In-Store Experience Still Matters

While the tactile nature of in-store shopping is nice, what is often missing from the in-store experience is the personalization available online.  Jason Miller, our chief strategist of Commerce, has recently published an article - Why the In-Store Experience Still Matters - on Apparel Magazine to discuss how retailers are finding new ways to personalize the in-store shopping experience.

In my last blog when I kicked off our MobilePerf Blog Series, I talked about mobile Search Engine Optimization (SEO) and Google's guidance on how to make your sites mobile friendly. 

Google just announced that they will also factor in your mobile site's page speed when ranking your organization in the mobile friendly search results. 

Unlocking Locky

Locky is a new cyberthreat that has received a lot of attention in security circles over the last few months because it has been unusually successful. Locky is advanced ransomware that encrypts a person's files and holds them for ransom. It uses a number of different technologies to avoid being detected or blocked and takes great care to hide its path back to the attackers. The code is obfuscated to avoid detection by antivirus and malware software. The blackmailers communicate through TOR and only accept Bitcoin as payment, making it nearly impossible to discover who they are.

Game developers care about friction

Last week, I was standing in Singapore freezing. If you've ever been there, you'll know this sounds crazy, as the typical weather all year long is 88 degrees with 85% humidity. At this moment, I was standing at a small staircase ready to step on stage at Casual Connect Asia in the Hard Rock Hotel. Maybe in response to the weather, this room's air con was cranked up.

By Akamai SIRT

Two quarters ago, we introduced Sankey diagrams to the State of the Internet: Security Report. Sankey graphs help visualize energy, material, or cost transfers between processes.

The Sankey graph below shows how DDoS reflection attacks have trended during the past five quarters. We tracked ten infrastructure-layer DDoS-reflection vectors. The most used vectors seem to correlate with the number of Internet devices that use these specific service protocols for legitimate purposes.


Apple's upcoming App Store submission requirement around supporting IPv6-only environments (announced last year at WWDC and being enforced starting June 1) has been getting plenty of recent coverage. iOS application developers already need to make sure their applications work in IPv6-only environments with NAT64+DNS64; however, this by itself does not mean that those applications (or web-based applications) obtain content over native IPv6.

New DDoS Reflection/Amplification Method Exploits TFTP


Akamai SIRT is investigating a new DDoS reflection and amplification method that abuses TFTP. This is yet another UDP-based protocol that has been added to the list of DDoS amplification scripts available for malicious use.  

A new advisory authored by Jose Arteaga outlining the threat and suggested defenses can be downloaded here.