With IoT on the rise, consumers are rightfully afraid of privacy invasions. But, infected devices can serve far more sinister purposes. Herewith, we breakdown the ways a botnet works.
Get In Touch
The Summer Immersion Program for Girls Who Code at Akamai wrapped up this past week. The girls finished their final projects and presented them at a graduation ceremony attended by friends and family as well as supporters and mentors from Akamai.
You've been dreading the conversation. You know there's no way out of it, given the timeline. Your execs have made it clear that the very large marketing spend is going to hit during the week when two of your engineers were planning to be on vacation.
You've got a brilliant team that has helped you stand up games and keep them working even when the fan excitement threatened to overwhelm your servers. This time, you know the plan is for a global launch, and in the back of your mind you're worried you've underbuilt. There's good reason for this - infrastructure isn't free, and there's no way you'd get the budget to build out to the best case scenario all over the world. This situation is one you've tried to plan for, until the marketing dates moved.
On August 17th, 2017, multiple Content Delivery Networks (CDNs) and content providers were subject to significant attacks from a botnet dubbed WireX. The botnet is named for an anagram for one of the delimiter strings in its command and control protocol. The WireX botnet comprises primarily Android devices running malicious applications and is designed to create DDoS traffic. The botnet is sometimes associated with ransom notes to targets.
A few days ago, Google was alerted that this malware was available on its Play Store. Shortly following the notification, Google removed hundreds of affected applications and started the process to remove the applications from all devices.
We just conducted our monthly Cyber Insider discussion, this time focusing on what deep analysis of new core domains reveals about new threats and zero-day malware. As a company that processes 1.7 trillion DNS queries a day and analyzes 100 billion queries a day from our global service provider customers, we are in a unique position to gain insights.
In "What makes a good 'DNS Blacklist'? - Part 1", we explored the background and factors that have gone into Akamai's thinking behind New security products like Enterprise Threat Protect (ETP). This article continues with a list of factors and questions to ask any DNS Threat Feed providers, including Akamai.
What should enterprises look for in the DNS Threat Policies?
DNS Threat Policies are more than a DNS Blacklist. The term "DNS threat policy" refers to a combination of three factors: the reputation of the FQDNs or IP, the reference to the threat vector (C&C, downloader, etc), and the action (NXDOMAIN, Null Response, Redirect to Remediation Page, Redirect to Tracker, etc). A DNS Threat Policy is more than a "threat feed." It is more than a "DNS blacklist.".
Reflections on Modern Actionable Threat Intelligence used to turn a DNS Resolver into a Critical Security Tool
Akamai has just launched the Enterprise Threat Protection (ETP) platform. ETP is built on Akamai's global AnswerX Cloud that now reaches 28 countries and is expanding to new countries every month. As a new player in Cloud DNS resolver services, competitors will ask "why Akamai?" or "what gives Akamai the knowledge and capacity to build effective DNS blacklists?" These are good questions from our competition, and are also questions that our customers should ask. Let's explore why Akamai is in a unique position to help enterprises and carriers use Akamai's Cloud Security Intelligence (CSI) as a DNS Security Policy tool.
Week 6 of the Girls Who Code summer-immersion program at Akamai featured a field trip to IBM's Watson Health, where the girls learned about the concept of "cognitive computing," and how this technology is being used by IBM to help doctors help their patients. The girls met some of the women at IBM who are making this technology a reality.
We are often so caught up in our own realities that we miss obvious similarities or synergies. Luckily when various people look at the same situation, different perspectives emerge. I was reminded of that recently during a conversation with one of our large pharma customers.
Akamai helps our customers fully embrace the transition of their users and applications to the cloud. For most, even if their apps aren't in the cloud yet, end users expect to access them from their favorite managed and unmanaged devices as if they were.
[Me]: To keep your players happy - you need to understand why they're not.
[You]: Uh, yeah obviously. Thanks. So what?
Actually, I have a lot to say on the topic of keeping players happy. A few months back I wrote a quick post about Friction.