Akamai Diversity
Home > September 2017

September 2017 Archives

Introduction to DNS Data Exfiltration

Written by Asaf Nadler and Avi Aminov

Spyware is a malicious software (malware) used to gather information about a person or organization without their consent. In a typical setting, a remote server, that acts as a command and control server (C&C), waits for an incoming connection from the spyware that contains the gathered information. Statistics reported by Avast estimate that nowadays over 100M types of spyware are active worldwide.

In the presence of network security products (e.g., firewalls, secure web gateways, and antiviruses), spyware must communicate with its C&C server over a covert channel, to prolong its operation. Among commonly used covert channels, the domain name system (DNS) protocol stands out.

Taking the Fight Where It Belongs

This Guest blog was written by Robert Mahowald, a Group Vice President at IDC who leads IDC's Worldwide Applications research practice, in addition to co-leading IDC's Cloud Services: Global Overview program.

A surprising set of facts emerged from the most recent quarterly installment of IDC's CloudView 2017 survey (February 2017, n= 6,212 tech buyer respondents in 31 countries): Year-over-year, the percent of organizations sourcing their tech capability from cloud providers grew 137%.

 But that's not all that's new:

  • In large companies, respondents choosing net new and replacement technology for their companies stated that they will go with "cloud-first" for these services, rather than cloud-also and cloud-last
  • The percentage of organizations that are "multi-cloud" is on track to grow from 70.6% today to 91.7% within 24 months
  • For the first time, respondents pointed to "security" as the #1 driver for their company's use of cloud technology

A Productive Path to NFV

Provider networks continue to experience growth in traffic, which raises costs, without corresponding growth in revenues. Accommodating this growth and increasing complexity while managing costs is forcing CSPs to assess how they build and maintain their networks. Everyone agrees everything ultimately resolves to software and fortunately there's been considerable innovation that will support provider business imperatives.

Keeping up with DNSSEC

DNS was first conceived in 1983, back when one of the most memorable movie quotes of all time was popularized: "Go ahead, make my day" (Clint Eastwood in "Sudden Impact"). The internet as we know it today did not yet exist; however, ARPANET, its predecessor network, was the exclusive domain of a small group of academics and researchers, so no one gave much thought to security. A lot has changed.

Written by Mani Sundaram, SVP Global Services & Support; Francis Trentley, VP Security Services & Support; Roger Barrango, Director Global Security Operations.

Hurricane Irma affected millions this week. As always here at Akamai, taking care of people comes first, and the wellbeing of our team was the foremost priority. Akamai had both personnel and facilities in the storm path and operated with an abundance of caution to ensure the safety of our people as well as continued continuity of operations for our customers.

This Guest blog was written by Martha Gomez Vazquez, a Senior Research Analyst for IDC's Infrastructure Services research practice focusing on Security Services and Hardware & Software Support and Deployment.

The widespread success of security breaches over the past few years has proven beyond a doubt that the security threat landscape continues to evolve on a daily basis, forcing organizations to constantly rethink their security posture. At the same time, many organizations are also on a digital transformation journey, one that relies on technologies such as cloud, big data and analytics, mobile, and social. These technologies are rapidly changing the ways we connect and work; they are also changing how organizations now view network perimeters and security. By 2020, IDC predicts that digital transformation will shift to an entirely new scale and 50% of global companies will generate half of their business from digitally transformed offerings, operations, and supplier distribution and customer networks.

Written by Sr. Solutions Engineer, Micah Maryn.

Most folks around the Washington DC beltway have heard the cybersecurity Executive Order (EO 13800 - Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure) referred to as a simple risk assessment. But the reality is that it is much more about broadly modernizing federal IT infrastructure and improving the cybersecurity of our federal networks. Sure, the first step is a risk management report, but the next focuses on procurement of shared IT, including cloud and cybersecurity services.

Akamai's DNS Contribution to Internet Resiliency

Background

Akamai Technologies recently contributed its "Serve Stale" DNS algorithm to Version 9 of the Internet Systems Consortium's (ISC) Berkeley Internet Name Domain (BIND) open source Domain Name System (DNS) project.

As the Internet's most widely used DNS implementation, BIND operates ubiquitously throughout the Internet. The ongoing availability of answers from BIND servers is a critical element for the ongoing availability of the Internet for many users.

WireX update: UDP attack capabilities

*Akamai would like to acknowledge the research by F5 containing additional information on the capabilities of this malware, released September 2nd.

Finding new features

The WireX botnet was discovered due to its role in a series of prolonged attacks against several organizations. It was brought to our attention, thanks to researchers at 360.cn, that some WireX samples found in the wild appeared to have additional UDP attack capabilities that weren't discussed in the initial publication.