Akamai Diversity
Home > Web Security

Recently in Web Security Category

Akamai Response To "Forwarding-Loop" Issue

Akamai is aware of the research paper titled "Forwarding-Loop Attacks in Content Delivery Networks" published by Jianjun Chen et. al on Feb. 29.  We have reviewed the researchers' findings, and are confident that we already have adequate counter-measures in place to thwart any attempt to use Akamai as an attack vector in the manner described by the paper.

The paper describes four types of forwarding-loop attacks against CDNs: self-loop, intra-CDN loop, inter-CDN loop and dam flooding. The paper acknowledges that Akamai is not vulnerable to the first two. The third attack (the "inter-CDN loop attack") is described as a looping between multiple CDNs.  Finally, the fourth -- "dam flooding" -- is described as coupling "forwarding-loop attacks with timely controlled HTTP responses to significantly increase damage."

While Akamai does not publically disclose or discuss our security countermeasures, we would like to reiterate that we have sufficient countermeasures in place to detect and defend against all these attacks, as well as substantial capacity to absorb traffic spikes. If you have any additional questions/concerns, please reach out to your Akamai representative.

Monday, Akamai released the Q4 2015 State of the Internet Security (SOTI Security) Report (download here). I've been writing posts throughout the week focusing on specific parts of the report. For this installment, let's take a look at Web application attacks by industry.


This quarter, the retail sector suffered the vast majority of web application attacks: 59%. Media and entertainment suffered 10% of attacks, as did the hotel and travel industry. Financial services suffered 7% of attacks, followed by high technology (4%), consumer goods (3%), manufacturing (2%), the public sector (1%), and gaming (1%).

Join me over the next few posts as I talk about how to provide fast, reliable, and secure applications in the branch while protecting end-users and promoting a transparent and open Internet. Let's start with the basics.

So what is SSL/TLS & how does it work?

Yesterday, Akamai released the Q4 2015 State of the Internet Security (SOTI Security) Report (download here). I'll write posts throughout the week focusing on specific parts of the report. For this installment, let's take a look at mega-DDoS attacks from last quarter.


In Q4, five DDoS attacks registered more than 100 Gbps. This number was down from the eight we saw in Q3 2015, and still more of a drop from the record-setting 17 mega attacks of Q3 2014.

If you're headed to the RSA Conference 2016, be sure to stop by the Akamai booth #4000, in Moscone North Hall. We're very excited about the recent launch of our Bot Manager web security technology and we'll show you firsthand how it works in a live demo. You'll see how Bot Manager provides, for the first time, the capability to categorize bot types and manage bot activity on your website. This is a significant advance over the simple detection and blocking techniques commonly available today. The result? You'll be in control of both the business and technological impact of bot traffic - without blindly mitigating everything and potentially escalating the bot problem.

Akamai's State of the Internet Security Report with Andy Ellis

The State of the Internet Security report by Akamai is issued four times a year with information on the types of online attacks that Akamai Technologies protects its customers from every day. In this free report, you can read about changes in Distributed Denial of Service (DDoS) attacks with multiple different metrics. In addition, we look at the various types of web attacks against our customers and a spotlight on a specific technique or attack group. 

In this video, Akamai CSO Andy Ellis gives a breakdown:

Today Akamai released the Q4 2015 State of the Internet Security (SOTI Security) Report (download here). I'll write posts throughout the week focusing on specific parts of the report, but let's begin with an overview in the form of an infographic.

#RSAC 2016 State of Internet Security Presentations

Today, as RSA Conference 2016 opens, Akamai is releasing its Q4 2015 State of the Internet Security Report.

At the Akamai Booth in Moscone Center's North Exhibit Hall, I'll give overviews of the report and we'll hand out printed copies. If you want to check out a presntation, here's the schedule:

  • Tuesday - 10 -6, noon and 3 p.m. PT
  • Wednesday - 10-6, noon and 4 p.m. PT
  • Thursday - 10-3, noon and 2 p.m. ET

Hope to see you there! 

You can also check this blog throughout the week for further alalysis. To download the full report, click here.

IKE/IKEv2 Ripe for DDoS Abuse

By Bill Brenner, Akamai SIRT senior tech writer

Akamai's Security Intelligence Research Team (SIRT) is conducting research into the security posture of the Internet Key Exchange (IKE & IKEv2) protocol. The paper outlines the findings thus far, including configurations in the protocol itself that attackers could potentially leverage to launch reflected DDoS campaigns.

Akamai continues to investigate the Glibc vulnerability outlined in CVE-2015-7547 to see how its technology may be affected.

As part of the DNS query process, Glibc is used by many systems across the Internet -- and at Akamai -- and all versions of Glibc's getaddrinfo () library functions since version 2.9 are potentially vulnerable to a range of attacks based on a stack buffer overflow.