The Akamai BlogSubscribe
June 2017 Archives
Petya Runs Wild
As has been widely reported, a new ransomware known as 'petya' (also being referred to as `notpetya` or `petwrap` in the research community) started circulating on the internet earlier this week. It appears the attacks started in Eastern Europe and caused widespread damage around the globe.
AnswerX - Akamai's 'Secret' DNS Platform
As I work with Operators all over the world, I'm amazed at two worrying. First, Operators are still treating DNS as an afterthought. Everyone knows that if DNS is down, the network is down. Too many people are taking DNS's resiliency for granted. DNS "just works" is assumed to be norm until it does not work. Operators (Carriers, ISPs, Cloud Operators, Mobile Operators, etc) really need to put the robustness
Why You Should Care About DNS Latency
The term latency is used a lot in networking and most commonly refers to how long it takes a packet to reach a destination and come back again. The most common tools for measuring network latency are ping and traceroute, but there are more. When I speak to operators around Asia Pacific about DNS though, it's interesting to hear that latency is not often used when benchmarking or measuring their
Dealing with Petya
Akamai is aware of and is tracking the malware threat known as "Petya". Petya is ransomware spread using several methods, including PSexec, Windows Management Instrumentation Command-line (WMIC), and the EternalBlue exploit used by the WannaCry family of ransomware. The malware spreads via port 139 and 445; it probes IP addresses on the local subnet for vulnerable systems.
Akamai Launches New Solution to Help Enterprise Secu ...
Today, we are proud to introduce Akamai Enterprise Threat Protector (ETP). ETP is designed to provide customers quick-to-deploy and easy-to-manage cloud-based protection against the impact of complex, targeted threats such malware, ransomware, phishing, and DNS‑based data exfiltration. One organization already seeing the benefit of using Enterprise Threat Protector is innovator in cruise travel, Norwegian Cruise Line. According to Fidel Perez, the company's Director of Enterprise Architecture and Performance, "An important
The Importance of DNS in Security - Part 2
In my last blog post, part 1 of this series, I discussed the important role DNS plays in protecting service provider networks from DNS amplification attacks, and the necessity of not only blocking malicious queries but also of not blocking good queries. In this post, I'll look at Pseudo-Random Subdomain (PRSD) attacks and other malware (like phishing and ransomware), showing why DNS is perfectly suited to protect both networks and
Enterprise Security: EAA Exceeds Compliance Standard ...
I sat down again with John Payne, Akamai's Chief Architect of Infrastructure and Security, as well as Keith Hillis, Director IT Risk & Security. We spoke about enterprise security compliance, and how Enterprise Application Access (EAA) exceeds Akamai's requirements and simplifies the process for auditors.
Balance traffic intelligently by leveraging Applicat ...
Gaining new customers and retaining existing ones is at the core of every business. In the past few years, two major trends have emerged in this drive towards customer centricity To meet the ever increasing customer demands, most modern digital applications leverage microservice architecture to achieve scalability, agility and reduce time to market. These are ideal for DevOps teams that need continuous deployment workflows. But all this comes at a
Telegraph delivers better experience with Image Mana ...
The Telegraph Media Group (TMG) is a multi-media news publisher and its titles include The Daily Telegraph, The Sunday Telegraph and The Telegraph website. Today, its site serves more than 380 million pages to over 84 million unique visitors every month across the globe, featuring on average about 15,000 stories and 900 videos. While The Telegraph is a true digital pioneer - its website launched four years before Google and
Reducing Infrastructure Cost with new Enterprise App ...
In an earlier blog, "Remote Access no longer needs to be Complex and Cumbersome", I wrote about the new game-changing remote access solution available from Akamai called Enterprise Application Access (EAA). My thesis was that in our cloud-first, mobile-dominated world, providing access to behind-the-firewall applications need not be as complex as with today's traditional DMZ/VPNs infrastructure.
The Importance of DNS in Security - Part 1
The importance of the DNS security protocol, in general, is widely understood, particularly in today's overall security landscape. Anyone who currently manages (or has managed) caching/recursive or authoritative DNS servers knows the pain it causes when they go down. It's bad. Without available DNS there is no internet, at least no usable internet. Generally, most, if not all applications today rely on DNS to locate resources somewhere on the internet
Comey testimony generates massive interest, massive ...
Online viewers of former FBI Director James Comey's live testimony last week generated a massive peak of 2.5 Tbps of live streaming video traffic on the Akamai platform, despite the hearing occurring in the middle of the work week, in the middle of the work day.
Advanced, Targeted Threats: What do They Mean for Yo ...
Too often, we are so focused on our day-to-day that we neglect to consider the bigger picture. I have been writing about recursive DNS and threat intelligence, Domain Generation Algorithms (DGAs), and DNS-based data exfiltration assuming that the vast majority of readers are familiar with the business impact of malware, ransomware, and phishing. Turns out, that isn't necessarily the case.
Passive HTTP2 Client Fingerprinting - White Paper
HTTP2 is the second major version of the HTTP protocol. It changes the way HTTP is transferred "on the wire" by introducing a full binary protocol, made up of TCP connections, streams and frames, rather than simply being a plain-text protocol. Such a fundamental change between HTTP/1.x to HTTP/2, meant that client side and server side implementations had to incorporate completely new code to support new HTTP2 features - this
20 Years of DNS Data Exfiltration: Why, How, and Wh ...
In the last few posts, I talked about why recursive DNS (rDNS) combined with threat intelligence makes for such a simple-to-deploy security solution that effectively mitigates and prevents advanced, targeted threats. Not to belabor the point, but the recent punycode phishing news makes the effectiveness of rDNS plus threat intel even more evident. Identifying punycode domains lexically through a combination of rDNS and threat intel is quite straightforward, either by