Akamai Diversity

The Akamai Blog

Akamai's DNS Contribution to Internet Resiliency

Background

Akamai Technologies recently contributed its "Serve Stale" DNS algorithm to Version 9 of the Internet Systems Consortium's (ISC) Berkeley Internet Name Domain (BIND) open source Domain Name System (DNS) project.

As the Internet's most widely used DNS implementation, BIND operates ubiquitously throughout the Internet. The ongoing availability of answers from BIND servers is a critical element for the ongoing availability of the Internet for many users.

WireX update: UDP attack capabilities

*Akamai would like to acknowledge the research by F5 containing additional information on the capabilities of this malware, released September 2nd.

Finding new features

The WireX botnet was discovered due to its role in a series of prolonged attacks against several organizations. It was brought to our attention, thanks to researchers at 360.cn, that some WireX samples found in the wild appeared to have additional UDP attack capabilities that weren't discussed in the initial publication.

Infographic: How Botnets Work

With IoT on the rise, consumers are rightfully afraid of privacy invasions. But, infected devices can serve far more sinister purposes. Herewith, we breakdown the ways a botnet works.

Girls Who Code: That's a Wrap!

The Summer Immersion Program for Girls Who Code at Akamai wrapped up this past week. The girls finished their final projects and presented them at a graduation ceremony attended by friends and family as well as supporters and mentors from Akamai.

Game Crunch Doesn't Always Have to be a Thing

You've been dreading the conversation. You know there's no way out of it, given the timeline. Your execs have made it clear that the very large marketing spend is going to hit during the week when two of your engineers were planning to be on vacation.

You've got a brilliant team that has helped you stand up games and keep them working even when the fan excitement threatened to overwhelm your servers. This time, you know the plan is for a global launch, and in the back of your mind you're worried you've underbuilt. There's good reason for this - infrastructure isn't free, and there's no way you'd get the budget to build out to the best case scenario all over the world. This situation is one you've tried to plan for, until the marketing dates moved.

Introduction

On August 17th, 2017, multiple Content Delivery Networks (CDNs) and content providers were subject to significant attacks from a botnet dubbed WireX. The botnet is named for an anagram for one of the delimiter strings in its command and control protocol. The WireX botnet comprises primarily Android devices running malicious applications and is designed to create DDoS traffic. The botnet is sometimes associated with ransom notes to targets.

A few days ago, Google was alerted that this malware was available on its Play Store. Shortly following the notification, Google removed hundreds of affected applications and started the process to remove the applications from all devices.

Take a Bite out of Cybercrime by Analyzing New Core Domains

We just conducted our monthly Cyber Insider discussion, this time focusing on what deep analysis of new core domains reveals about new threats and zero-day malware. As a company that processes 1.7 trillion DNS queries a day and analyzes 100 billion queries a day from our global service provider customers, we are in a unique position to gain insights.

What makes a good "DNS Blacklist"? - Part 2

In "What makes a good 'DNS Blacklist'? - Part 1", we explored the background and factors that have gone into Akamai's thinking behind New security products like Enterprise Threat Protect (ETP). This article continues with a list of factors and questions to ask any DNS Threat Feed providers, including Akamai.

What should enterprises look for in the DNS Threat Policies?

DNS Threat Policies are more than a DNS Blacklist.  The term "DNS threat policy" refers to a combination of three factors: the reputation of the FQDNs or IP, the reference to the threat vector (C&C, downloader, etc),  and the action (NXDOMAIN, Null Response, Redirect to Remediation Page, Redirect to Tracker, etc). A DNS Threat Policy is more than a "threat feed." It is more than a "DNS blacklist.".

What makes a good "DNS Blacklist"? - Part 1

Reflections on Modern Actionable Threat Intelligence used to turn a DNS Resolver into a Critical Security Tool

Akamai has just launched the Enterprise Threat Protection (ETP) platform. ETP is built on Akamai's global AnswerX Cloud that now reaches 28 countries and is expanding to new countries every month. As a new player in Cloud DNS resolver services, competitors will ask "why Akamai?" or "what gives Akamai the knowledge and capacity to build effective DNS blacklists?" These are good questions from our competition, and are also questions that our customers should ask. Let's explore why Akamai is in a unique position to help enterprises and carriers use Akamai's Cloud Security Intelligence (CSI) as a DNS Security Policy tool.

Week 6 of the Girls Who Code summer-immersion program at Akamai featured a field trip to IBM's Watson Health, where the girls learned about the concept of "cognitive computing," and how this technology is being used by IBM to help doctors help their patients. The girls met some of the women at IBM who are making this technology a reality.