Akamai Diversity

The Akamai Blog

I can Haz TLS 1.3 ?

Everybody wants to be able to use TLS 1.3. Among the reasons are:

Fast Flux Botnet: Research Results

Just like that, another Akamai Edge has come and gone. If you were able to join us this year, I hope you had a chance to stop by my presentation on Threat Intelligence Insights: An In-Depth Analysis of a Fast Flux Botnet.

It's no secret that businesses are rapidly adopting Cloud Service Providers such as Amazon Web Services, Microsoft Azure or Google Cloud Platform for cost efficiency, agility, scalability and global distribution to serve their customers more easily. A recent IDG survey indicates that 70% of businesses have at least 1 application in the cloud and 16% plan to take their first app to the cloud in the next 12 months.

KRACK Vulnerability in WiFi WPA2

Akamai is aware of a family of vulnerabilities known as the Key Reinstallation Attack or KRACK.  These vulnerabilities abuse implementation flaws found in all modern wireless networks using WPA2. The KRACK attack is effective at the protocol level and therefore affects all systems using current WiFi encryption, including iOS, Linux, Windows and Android.  The vulnerabilities allow the attacker to reinstall a previously used cryptographic key. This would allow for the decryption, injection, or forging of traffic on the affected network, depending on which vulnerability is used.

Service providers looking to enhance and secure the online experience for their residential and business subscribers often struggle to find solutions that are easy for their customers to configure and use - particularly when it comes to setting policies that carry across fixed, mobile and converged networks. This type of simple, seamless management is actually a key distinguishing feature of Nominum, now part of Akamai, solutions. And not just from a "here's what our products can do" perspective, but from a "here's how easily your customers can do this" perspective.

Akamai's Leading Role in the DNS Renaissance

In case you haven't been paying attention, an unlikely technology, the Internet's Domain Name System, or DNS, is experiencing a renaissance. For much of its existence, DNS has maintained a simple and singular function - to resolve Internet names to IP addresses. Over the past several years, however, DNS, or more specifically, the recursive DNS (rDNS) resolver, has assumed a number of new roles, made possible by the fact that it's used by almost every Internet-connected device. rDNS is now a services platform. It's a security agent. It's a tool for optimizing delivery of Internet content and offloading traffic from ISP backbone networks. In short, the people who best understand rDNS have not only figured out new ways to use it, they've figured out ways to monetize it.

Data Breaches and Credential Stuffing: Don't Get TKOd

It has been a very rough month for the information security community.  It feels like we've been on the losing end of a championship fight against Floyd Mayweather. 

Introduction to DNS Data Exfiltration

Written by Asaf Nadler and Avi Aminov

Spyware is a malicious software (malware) used to gather information about a person or organization without their consent. In a typical setting, a remote server, that acts as a command and control server (C&C), waits for an incoming connection from the spyware that contains the gathered information. Statistics reported by Avast estimate that nowadays over 100M types of spyware are active worldwide.

In the presence of network security products (e.g., firewalls, secure web gateways, and antiviruses), spyware must communicate with its C&C server over a covert channel, to prolong its operation. Among commonly used covert channels, the domain name system (DNS) protocol stands out.

Taking the Fight Where It Belongs

This Guest blog was written by Robert Mahowald, a Group Vice President at IDC who leads IDC's Worldwide Applications research practice, in addition to co-leading IDC's Cloud Services: Global Overview program.

A surprising set of facts emerged from the most recent quarterly installment of IDC's CloudView 2017 survey (February 2017, n= 6,212 tech buyer respondents in 31 countries): Year-over-year, the percent of organizations sourcing their tech capability from cloud providers grew 137%.

 But that's not all that's new:

  • In large companies, respondents choosing net new and replacement technology for their companies stated that they will go with "cloud-first" for these services, rather than cloud-also and cloud-last
  • The percentage of organizations that are "multi-cloud" is on track to grow from 70.6% today to 91.7% within 24 months
  • For the first time, respondents pointed to "security" as the #1 driver for their company's use of cloud technology

A Productive Path to NFV

Provider networks continue to experience growth in traffic, which raises costs, without corresponding growth in revenues. Accommodating this growth and increasing complexity while managing costs is forcing CSPs to assess how they build and maintain their networks. Everyone agrees everything ultimately resolves to software and fortunately there's been considerable innovation that will support provider business imperatives.