Akamai Diversity

The Akamai Blog

Operation Profile: Armada Collective

By Bill Brenner, Akamai SIRT Senior Tech Writer

In recent weeks, Akamai's Security Intelligence Research Team (SIRT) has investigated several DDoS attack campaigns targeting Akamai customers. The group responsible for these attacks calls itself "Armada Collective." Its tactics are similar to those used by the group DD4BC, where they threaten the victim with emails warning of an impending DDoS against their website unless a ransom is paid in Bitcoins.

The Holiday Readiness Countdown

It's never too early to prepare when you're a retailer gearing up for the holiday rush, especially with the continued growth in online commerce. Now is usually the time that shoppers begin making their shopping plans, and even start to make purchases. To help prepare, we've pulled together three essential elements for providing an exceptional customer experience during the holidays, and ultimately converting shoppers into buyers! 

The Recipe for SaaS Success Part 1: Make vs. Buy

The demand for cloud solutions is on the rise, driven by new imperatives, delivery choices and requirements for IT organizations. These cloud solutions are changing how IT services are created and delivered. Today's customers are purchasing cloud solutions, not servers, and using SaaS to extend or replace existing applications. Consider the following statistics:

  • The predicted cloud software market size by 2017 is $76.1 billion
  • There will be 2.5x more cloud ISVs by 2017
  • 91% of net new software will be built for cloud delivery in 2015


Last  week at Akamai's Edge 2015 Conference in Miami I had the distinct pleasure of spending time with Andi Gall, the enigmatic and paradigm-shattering CTO of Red Bull Media House. This was Andi's second appearance as an Edge keynote speaker, and once again he completely captivated 1,500 people in the live audience.

We are happy to announce that Orange has selected Akamai Cloud Networking to power Orange Business VPN Internet Accelerate. Orange is the first global telecom provider and IT solutions integrator to deliver multinational corporations end-to-end cloud network solutions across the globe, based on Akamai Cloud Networking Optimized Internet Transport.

The Torte Botnet: A SpamBot Investigation

By Bill Brenner, Akamai SIRT Senior Tech Writer   

Akamai released a new whitepaper today about a spambot investigation conducted by Chad Seaman, a Senior Security Response Engineer from Akamai's Security Intelligence Research Team (SIRT).

Attackers are using a multi-layered, decentralized and widely distributed botnet to launch coordinated brute-force spamming campaigns. Chad named it the "Torte" botnet because its structure resembles a multi-layered cake.

The botnet is fairly large and uses both elf binary and php based infections. The portions that could be mapped account for over 83,000 unique infections across 2 of the 4 infection layers. While binary infections only target Linux, other php-based infections were found running on all major server operating systems -- Windows, Linux, os x, Unix, SunOS, and variants of bsd.

The paper examines Akamai's SIRT investigation, findings and recommended defensive measures.

Family Reach Gets Out of the Kitchen with Akamai

In my work with Family Reach, an organization that helps families battling cancer with out-of-pocket medical expenses and everyday living costs, I learned of a striking statistic: The number one cause of financial bankruptcy for families is paying for the costs associated with cancer.

This statistic is one that Family Reach helps to combat every day, and one of the key drivers of its upcoming Cooking Live event. Created by chef Ming Tsai four years ago, Cooking Live brings together some of the nation's top celebrity chefs to raise awareness of the impact of cancer on families and to cook for some of the families involved with Family Reach.

Cooking Live takes place on Monday, November 2, from 7:30 to 9 p.m. ET. Renowned chefs Masaharu Morimoto, Bryce Shuman, Ken Oringer and Johnny Iuzinni will join host Ming Tsai and celebrity sous chefs Emily Blunt and John Krasinski as they prepare a five-course meal while addressing the serious needs Family Reach addresses on a daily basis.

With the holiday season quickly approaching, retailers are thinking through every element of their company's eCommerce plans to significantly boost sales during the busiest shopping time of the year. One of the biggest drivers of online retail sales is user experience, so retailers should place increased emphasis on bolstering the following customer touchpoints during the holiday rush to ensure positive brand interactions that convert browsing into sales:

Bill Murphy of the RedZone Podcast interviewed me a couple weeks ago. We discussed everything from super vulnerabilities to incident response to the creation of Akamai's Security Intelligence Response Team (SIRT).

From Murphy's program notes:

In this podcast episode I interview Bill Brenner, who is an expert at digesting threat intelligence information and making this information available to a wide pool of people from C-Suite Executives to coders and developers. Bill is a Senior Technical writer for Akamai and has been a writer for CSO Online, and Liquid Matrix Security Digest. Additionally, he created and writes in a blog called the OCD Diaries where he discusses mental health issues with IT Executives and staff within the technology industry.

Three musts for an IT security decision maker that we discussed:

  1. Super-vulnerabilities like Heartbleed, Shellshock, Poodle and OpenSSL - Identify the risks these pose your assets within your company and remediate them.
  2. Incident Response - Remember to develop a BCP/DR plan for IT Security Incidents
  3. Protect Your Brand - Which hacking groups don't like your company or brand that leave you vulnerable to DDoS, cyber espionage, and ransomware style of attacks?
I also shared some of my favorite infosec resources.

NetBIOS, RPC Portmap and Sentinel Reflection DDoS Attacks

By Bill Brenner, Akamai SIRT Senior Tech Writer

Akamai's Security Intelligence Response Team (SIRT) released a new advisory today about three new attack vectors digital miscreants have used to target Akamai customers. The main researchers for this advisory were Jose Arteaga and Wilber Mejia.

In the third quarter of 2015, Akamai mitigated and analyzed the following vectors:

  • NetBIOS name server reflection DDoS

  • RPC portmap reflection DDoS

  • Sentinel reflection DDoS, which reflects off of licensing servers.