Akamai Diversity

The Akamai Blog

Dean McDonald

Dean McDonald

June 20, 2017 4:54 PM

The Importance of DNS in Security - Part 2

In my last blog post, part 1 of this series, I discussed the important role DNS plays in protecting service provider networks from DNS amplification attacks, and the necessity of not only blocking malicious queries but also of not blocking good queries. In this post, I'll look at Pseudo-Random Subdomain (PRSD) attacks and other malware (like phishing and ransomware), showing why DNS is perfectly suited to protect both networks and

Dean McDonald

Dean McDonald

June 13, 2017 3:03 PM

The Importance of DNS in Security - Part 1

The importance of the DNS security protocol, in general, is widely understood, particularly in today's overall security landscape. Anyone who currently manages (or has managed) caching/recursive or authoritative DNS servers knows the pain it causes when they go down. It's bad. Without available DNS there is no internet, at least no usable internet. Generally, most, if not all applications today rely on DNS to locate resources somewhere on the internet

Lorenz Jakober

Lorenz Jakober

June 13, 2017 8:29 AM

Advanced, Targeted Threats: What do They Mean for Yo ...

Too often, we are so focused on our day-to-day that we neglect to consider the bigger picture. I have been writing about recursive DNS and threat intelligence, Domain Generation Algorithms (DGAs), and DNS-based data exfiltration assuming that the vast majority of readers are familiar with the business impact of malware, ransomware, and phishing. Turns out, that isn't necessarily the case.

Lorenz Jakober

Lorenz Jakober

June 1, 2017 8:19 AM

20 Years of DNS Data Exfiltration: Why, How, and Wh ...

In the last few posts, I talked about why recursive DNS (rDNS) combined with threat intelligence makes for such a simple-to-deploy security solution that effectively mitigates and prevents advanced, targeted threats. Not to belabor the point, but the recent punycode phishing news makes the effectiveness of rDNS plus threat intel even more evident. Identifying punycode domains lexically through a combination of rDNS and threat intel is quite straightforward, either by

Akamai

Akamai

May 31, 2017 10:56 AM

Delivering a Safe, Reliable Internet to Canadians

The Domain Name System - the DNS - is the foundation of the internet. Beyond connecting IP addresses with web requests, DNS provides the basis for both the detection of and protection from global cyberthreats before they reach an organization's corporate network resources --particularly given that more than 90% of malware uses DNS for command and control. This presents a tremendous opportunity for service providers to utilize their DNS infrastructure

Arlen Frew

Arlen Frew

May 24, 2017 12:29 PM

Security as a Service for SMBs: How ISPs can Fill a ...

With cyberattacks affecting SMBs at an alarming rate, business owners are challenged with putting strong enough security in place to protect them from the average $20,000 price tag per incident. Ransomware, in particular, has hit the SMB sector hard. As stated in a recent study by Arctic Wolf Networks, last year saw a 433% increase in ransomware attacks against SMBs1 - a number that is expected to grow.

Avi Aminov

Avi Aminov

May 24, 2017 9:19 AM

Spotlight on Malware DGA Communication Technique

Written by Avi Aminov and Or Katz Overview Imagine you are standing in the middle of a crowded train station and want to have a private conversation with an old friend. You've been waiting for the perfect time to contact him and get some advice on how to move forward with some important life choices. But you couldn't wait any longer, and now you're on a train platform. There are

Lorenz Jakober

Lorenz Jakober

May 17, 2017 10:11 AM

What Are Domain Generation Algorithms (DGAs) And Why ...

Last time I talked about how a proactive approach to defending against targeted threats using cloud-based recursive DNS and threat intelligence just makes sense. Taking this proactive approach early in the killchain can help mitigate known and unknown threats before any IP connection, file download or execution even happens. So, what are some of the common targeted threats and/or DNS-based techniques that we run across? We generally see malware, ransomware,

Craig Sprosts

Craig Sprosts

May 15, 2017 4:36 PM

Taking a Defense in Depth Approach to Ransomware

By now you've most likely heard about the WannaCry (a.k.a. WannaCrypt) ransomware that began wreaking havoc in parts of the world this past Friday (May 12, 2017). Given Nominum's, now part of Akamai, broad, deep view into DNS data from our service provider customers around the world, we were able to gather insights into how WannaCry made its way onto subscriber networks around the globe (see the WannaCry: views from