Akamai Diversity

The Akamai Blog

WannaCry: What We Know

On Friday, May 12, news agencies around the world reported that a new ransomware threat was spreading rapidly. Akamai's  incident response teams and researchers worked quickly to understand this new threat and how to mitigate it. This blog post is a summary of what Akamai knows at this point.

Remember that this is still an evolving threat and this information may change.

Akamai will update this post as we collect new information.

DDoS Attacks against DNS Infrastructure in the News

DNS-based DDoS attacks have gained mindshare among Akamai customers lately, most recently with last year's Dyn attacks (written about on the Akamai Blog here and here) and this week's attack against Cedexis. DNS infrastructure is a ripe target for malicious actors hoping to disrupt a digital property's availability because it provides the initial resolution for an end user's browser client from hostname to IP address. At best, an attack against your DNS records can significantly delay an end user's connection. At worst, it can render your application inaccessible to the end user, either through a denial of service or through a DNS record hijack or forgery. DNS attacks have consistently been one of the top attack vectors for DDoS, according to Akamai's recent security data.

From "New Core Domains" to "Zero-day Attacks"

Excerpted from Nominum Spring 2017 Security Report

In late April, we released the Nominum Spring 2017 Security Report, the latest report on our security research team's DNS and HTTP analysis which provides a comprehensive view of the current cyberthreat landscape. In the report, we take a look at "new core domains" and how they help us identify "zero-day attacks" so we can take steps mitigate them.

As technology continues to develop, more and more applications become not just convenient, but necessary. It was less than a decade ago that it was inconceivable we would 'need' to carry a consumer device to access the internet in our pockets. Today, it is essential. The same is true with the applications we use for business, commerce and government. They need to be accessible in our pockets 24/7.

Along with this convenience comes the hassles of securely gaining access to these applications, and to do so without putting the security of important organizational data at risk.

Not all Cloud Solutions are Created Equal

The errant swing of a backhoe in a New Jersey field cuts through a major cloud provider's underground cable, bringing activity along the U.S. Eastern Seaboard to a crashing halt.

The outage hits some businesses hard. Every minute of downtime means thousands of dollars of lost revenue and hordes of angry users. But they've no choice but to wait until crews physically arrive on site to repair the cable before business can resume.

Other businesses don't notice a thing. The dollars continue to roll in.

Both groups of businesses rely on cloud solutions for their workflows. So what's the difference?

Akamai IT Challenge - 100 apps on EAA in 100 days

About a month or so ago I shared a quick video interview with Joe DeFelice. Joe is a Sr. Director Enterprise Security & Infrastructure Engineering here at Akamai. In the video Joe outlines a few of the major initiatives he and the team are working on, including moving towards eliminating the VPN.

Since then quite a lot has happened. In particular the challenge that Joe set his team - move delivery and access of 100 Akamai enterprise applications to Enterprise Application Access, all in 100 days.

Akamai Wins with Live OTT at NAB

The latest version of Akamai's Media Services Live streaming solution, featuring the addition of new liveOrigin capabilities specifically for live and 24/7 linear OTT video delivery, earned two awards at last week's 2017 NAB Show in Las Vegas. Streaming Media named it one of its six "Best of NAB" products while TV Technology recognized it with a "Best of Show" award.

There's no doubt the at-show demonstration was key to helping garner those accolades. We were pleased to partner with Playmaker Media, the live streaming and VOD technology service launched last year by NBC Sports Digital, to feature a live OTT feed of NBC Sports Network streaming via Apple TV displayed adjacent to a local Las Vegas cable feed being delivered through a standard set-top box (for the record, the monitors and calibration were identical).

Low Risk Threat: DDoS Extortion Letters

Summary

Adversaries calling themselves the Lizard Squad have been sending businesses extortion letters, demanding payment in bitcoin to prevent a Distributed Denial of Service (DDoS) or other attack against their applications. These letters have been sent to businesses across the globe and across industries for several years, with little follow-through. These letters appear to come from multiple groups including Lizard Squad, the Armada Collective, and DD4BC, though in many case they are from copy-cat or imposter groups. A new wave of these letters seen by Akamai customers from "Lizard Squad" raise concerns that these threats may be legitimate.

The State of Mobile App Performance

In our previous blog, we saw how a new generation of users are increasing the expectations of a mobile app like never before and identified the three key success criteria for mobile apps: 1) increase customer conversions, 2) drive installs and 3) increase customer loyalty. For this blog we profiled the Top 100 retail apps in the app store to explain how you can leverage Akamai features to meet the three success criteria for mobile apps.

Recursive DNS - The Achilles Heel Of Advanced Threats

We all know what happens whenever anyone or anything tries to access a resource on the Internet. It all starts with a DNS request that translates a URL (www.akamai.com) into an IP address (104.97.77.24):

Recursive DNS - The Achilles Heel Of Advanced Threats Fig1.png

Now if we dive a little deeper into the DNS request flow we can see the requester make a request to the recursive DNS infrastructure of either their ISP or their enterprise. In other words recursive DNS infrastructure recurses the DNS hierarchy to return the proper IP address of the intended domain name to the requester.