Akamai Diversity
Home > Web Security

Recently in Web Security Category

Meet Akamai's Security Intelligence Response Team

Written by Bill Brenner, senior tech writer in the Akamai SIRT

Akamai has officially launched a new Security Intelligence Response Team that combines the resources of Akamai's CSIRT and Prolexic's PLXsert teams, further integrating Prolexic and Akamai security research.

Akamai SIRT is a dedicated group of cyber threat researchers, analysts and incident responders that monitors malicious cyber threats globally and analyzes these attacks using proprietary techniques and equipment. 

Through research, digital forensics, real time and post-event analysis, Akamai SIRT is able to build a global view of security threats, vulnerabilities, tactics, techniques and procedures (TTPs) as well as trends which are shared with customers and the security community. This further enables Akamai to protect customers from a wide variety of attacks ranging from abuse to scrapers to data breaches to hijacking to distributed denial of service.  By identifying the sources and associated attributes of individual attacks, along with expert analysis to identify and mitigate security threats and vulnerabilities, Akamai SIRT helps organizations make more informed, proactive decisions.

As part of that mission, Akamai SIRT maintains close contact with peer organizations around the world, trains Akamai's security teams to recognize and counter attacks from a wide range of adversaries, acts as subject matter experts for customers under attack, and keeps customers and the security community informed by conducting briefings, issuing advisories, publishing threat intelligence, and producing Akamai's State of the Internet Security Report.

The Akamai SIRT protects customers and the broader public by applying security research, intelligence analysis, and Akamai's unique visibility into Internet threats. 

Akamai SIRT publishes its research in the following places:

Edge 2015: Security Threat Landscape - A Year in review

A quick scheduling note ahead of Akamai Edge 2015: I'll be moderating a panel with fellow Akamai security researchers about the various trends we've been tracking in the last 12 months. If you're at Edge, please join us.

Security Threat Landscape - A Year in review
Description: The more you know about the security threat landscape and the mindset of malicious attackers, the stronger your cloud security strategy defense can be. In this session, members of Akamai's threat intelligence team will show how they use their expertise in security research and threat intelligence to stay one step ahead of cyber attackers. Learn about the threat landscape for 2015, emerging attack trends, techniques, toolkits and botnet activity.Session Date/Time: Wednesday Oct 21, 2:40-3:20 p.m.

The talk is part of a robust security track scheduled for this year. 

Researching WordPress Plugin Flaws

Akamai Security Intelligence Response Team (SIRT) researchers Larry Cashdollar and Chad Seaman have spent months researching vulnerabilities in plug-ins often used with Wordpress. The results of that research are outlined in the Q2 State of the Internet Report, and an excerpt on the section can be found in this Akamai Blog post. In the following post, Larry shares some tips for researching Wordpress plug-ins.


***


By Larry Cashdollar, Senior Security Intelligence Response Engineer


I've been looking at Wordpress plugin code and discovering new vulnerabilities. The vulnerabilities range from Cross Site Scripting, Remote File Inclusion to blind SQL Injection. I'll admit I've enjoyed this research more than my examination of Ruby Gems because with Wordpress you can easily test a proof-of-concept exploit by setting up a Wordpress installation and testing your code against it.

9-11 Anniversary: Danny Lewin's Life and Legacy

Today is the 14th anniversary of the Sept. 11, 2001 terrorist attacks. To mark the occasion, I'd like to share this post from 2013, in which Akamai CEO Tom Leighton and CSO Andy Ellis share memories of co-founder Danny Lewin -- including his tragic death aboard American Airlines Flight 11 that tragic day. They shed more light into Akamai's actions that day, which kept the Internet running in the face of crushing demand for information.

The interviews coincided with the release of a book about Danny called "No Better Time: The Brief, Remarkable Life of Danny Lewin, The Genius Who Transformed The Internet."

Akamai at Cloud Partners Conference

Scheduling note: I'll be moderating a keynote panel at the Cloud Partners Conference in Boston Wednesday, Sept. 16. The conference is Sept. 16-18 at the Hynes Convention Center.

Panel details:
  • Time: 12:30 - 1:30 p.m.
  • Topic: Cloud Risk: Hype Vs. Reality
  • Description: We'll discuss security best practices in the cloud and hear what is and isn't working for different companies. The ultimate lesson: Cloud security is attainable.
  • Moderator: Bill Brenner, Senior Tech Writer, Akamai Security Intelligence Response Team (SIRT)
  • Panelists: Andy Daudelin, Vice President, Cloud and Cloud Networking, AT&T, Mike Davis, CTO, CounterTack and Bernie McGroder, Vice President, Sales Engineering, GTT Communications Inc.

I look forward to a great discussion!

Akamai Edge 2015 Cloud Security Track

Next month, I'll be at the Akamai Edge customer conference. It's a terrific opportunity to meet face-to-face with a lot of our customers and get their feedback on what's working for them and what we can improve upon. A robust Web Security track of talks is planned, and I'll be blogging about it. 

The security track will run each day of Edge. Here's a tentative look at some of the discussions we have planned.

Teens Busted for Exploiting Lizard Squad Attack Tool

In January, we told you about Lizard Squad, an attack group that ruined Christmas for a lot of Sony Playstation and Xbox users by launching DDoSes against those gaming networks. The authorities have been chasing them down since then, and this month six teens were arrested for using Lizard Squad's signature Lizard Stresser DDoS attack tool.

Accuracy

There can sometimes be a fine line between suspicion and guilt. Determining malicious or "good" activity can be a challenging task in today's cyber world full of hidden and dark secrets. A system based on accuracy and thorough analysis of all evidence will lead to the true malicious actor.
Consider a popular way to illegally extract money from someone's bank account for example. The malicious actor has created a malicious link to exploit a vulnerability using a Cross Site Forgery Request (CSRF) on a vulnerable banking site. The malicious actor makes sure that the victim clicks on the malicious link while logged onto his online banking account with the vulnerability. He thinks he is transferring $2,000 to pay the rent but this malicious link changes the request to have $20,000 from his account transferred to an anonymous bitcoin account. The money is laundered away before it can be traced.

Akamai Assists ISPs in Providing a Family-Friendly Internet

 

Family and Internet safety advocates have lobbied long and hard to government regulators and Internet service and content providers for stronger measures and controls over the types of content viewable by children when online. And based on recent reports, some ISPs have responded in a favorable way, by implementing services that place automatic blocks on "high risk" websites including those that feature nudity or sexual content or are related to drugs, alcohol or tobacco, among others. Furthermore, users seem to be taking advantage of these services rather than opting out of them, creating safer Internet environments in their homes, while Internet providers reap the benefits of high scores for customer satisfaction and the potential for long-term revenue growth. A true win-win!


It's summertime!  While most people are relaxing at the beach or enjoying a BBQ, here at Akamai we've already shifted sights towards the winter to provide relief for retailers by ensuring they have fast, reliable and secure e-commerce sites in time for the holidays.  The holiday season, after all, is just around the corner.  Here are four key ways we are helping retailers convert more shoppers into buyers while also securing their web experiences:


(1)  Make the experience fast

Last year, for the first time, Akamai saw more than 50% of holiday traffic from mobile devices during certain periods of the day.  This trend will undoubtedly continue as shoppers embrace multi-channel experiences while accessing content from different devices at different times of the day.  Akamai's Real User Monitoring (RUM) provides retailers with a detailed understanding of the actual page load time visitors experience across the myriad of devices and networks.  Akamai Ion provides the fastest acceleration for content accessed on all types of devices and networks including the unique challenges of responsive web design, congested cellular networks and those pesky API calls which slow down the mobile app experience.