Akamai Diversity
Home > Web Security

Recently in Web Security Category

Ransomware cyberattacks in healthcare? Sadly, yes.

It's been widely reported that Hollywood Presbyterian Medical Center experienced a ransomware attack on February 5 that encrypted their data and disabled their network.  The hospital was forced to revert to paper and faxes to relay patient information, and hospital operations were so strained that they succumbed to the cyberattack and paid the hackers 40 bitcoins, or about $17,000, to get the decryption key.

Bot Manager: Why It Matters

Earlier today, Akamai announced the launch of a completely new product, Bot Manager. You can read more about the details in the press release and on Akamai.com. I won't bore you by repeating them, but I did want to add some color on why it matters.

DNSSEC Targeted in DNS Reflection, Amplification DDoS Attacks

By Bill Brenner, Akamai SIRT Senior Tech Writer

During the past few quarters, Akamai has observed and successfully mitigated a large number of DNS reflection and amplification DDoS attacks abusing Domain Name System Security Extension (DNSSEC) configured domains.

As with other DNS reflection attacks, malicious actors continue to use open DNS resolvers for their own purpose -- effectively using these resolvers as a shared botnet. This technique has also been linked to the DDoS-for-hire underground market.

The attacks are outlined in a new Security Bulletin written by Akamai SIRT, the full report can be downloaded at the following link: http://www.stateoftheinternet.com/dnssec-attacks.

(All We Are Saying Is) Give Bots a Chance

Lately, it seems, bots have been taking a beating in the security press.  They are blamed for DDoS attacks, for Web Attacks, for price scraping, for Grey Marketeering, and even, according to some, for Ted Cruz's recent win in Iowa.  Bot are ALL bots bad ALL the time?  We say NO!  Why not? Let me count the ways:

I recently spoke with Insurance CIO Outlook Magazine in response to an award Akamai received as a top 10 security provider for insurers. As part of the discussion, I shared the importance of security for insurance digital transformation.

Changing the Rules of the Game

A common defensive rule of information security is that once you detect an attack against your organization's Web applications, you must mitigate the attack by stopping it. In other words: "stop it once you can."

But what if the rules of the defenders vs. attackers "game" have changed and the teams are not playing in the same league anymore? For example, here are some of the "game" changers from recent years:

OpenSSL Security Updates

On Jan. 28, 2016, OpenSSL released a new version of OpenSSL software. This release contains (among others) two potentially important security fixes to which we would like to draw your attention:

  • SSLv2 does not block disabled ciphers (CVE-2015-3197) and
  • DH small subgroups (CVE-2016-0701)

Akamai would like to inform you that our customers are not vulnerable to these issues on our delivery platform, however, customers should confirm that their origin servers are not exposed to these two issues. Here are some additional details about these two fixes.

The discussions among the insurance industry participants at Akamai's Edge conference this past October were fascinating. It was abundantly clear, that there are major shifts ahead that will set the course for where the industry is headed in the long-term. Although the insurance industry as a whole has been less agile, heavily burdened by legacy systems and is really one of the last data-driven businesses to realize a full digital disruption, the tides are definitely changing.

Applications for the Request Control Cloudlet

Your web application by default is accessible to the entire planet. This exposure can open your site up to unnecessary risk. Akamai's Request Control Cloudlet can quickly allow or deny access to website content based on the IP or Geography associated with an inbound request. For example, you may deny access to users in embargoed countries or allow it only to a specific region where your users live.  Manage the cloudlet via easy-to-manage whitelist and blacklists based on the IP address or geographic location associated with the inbound request. Activate the cloudlet policies in seconds by using the dedicated user interface.

Health IT Security recently published the results of Akamai's latest State of the Internet report, emphasizing that "Distributed denial of services (DDoS) attacks are up during the third quarter of 2015, reinforcing the healthcare industry's growing concern for healthcare data security."  They have hit on a very salient point here, because while many may think that healthcare providers are not likely targets of DDoS attacks, there are definite reasons why DDoS attacks should be of particular focus in the healthcare industry: