Akamai Diversity
Home > Web Security

Recently in Web Security Category

Are bots muddying your marketing analytics?

In short, most likely.

Bots have become a hot topic with many retailers lately as security has become a higher priority. Malicious bots can be part of a Distributed Denial of Service (DDoS) attack or efforts to extract valuable customer data, or both.

How real can fiction become?

It is interesting to see how fiction can affect our judgement or, at least, our opinions. Below, what you have is an excerpt (the first chapter) of a draft of a novel that I have come across and made me think a lot. Bear with me: read this entire article and then come back to this post. If nothing else, you may enjoy 4 minutes of literature.

I was on a flight to Brazil last night to kick off a week of meetings with partners and customers in Latin America. During the eight-and-a-half-hour flight from Atlanta, I got an opportunity to watch a few movies I've been meaning to catch up on, and on the top of the list was Steve Jobs. There's a scene near the end of the movie where Steve is trying to recruit John Sculley, the CEO of Pepsi, to join Apple as their new CEO. Steve Jobs' winning pitch was that his vision for the Macintosh will be the equivalent of a bicycle for our minds.

I am scheduled to give a security talk next week at the Gartner Security Summit entitled: Web Application Defender's Field Report.  In the talk, I will be covering statistics and technical details of web application attacks from our just released State of the Internet (SOTI) Report for Q1 2016.  One of the more interesting details of the report centers around the analysis of massive Account Takeover (ATO) attack campaigns that targeted two of our customers.

How to Better Understand the Bot Ecosystem

Jason Miller, our chief strategist of Commerce, was recently published in Retail TouchPoints magazine.  In his article, How to Better Understand the Bot Ecosystem, Jason talks about the different ways to distinguish between good bots and bad bots and how the distinctions change across applications and environments.

By Akamai SIRT

Two quarters ago, we introduced Sankey diagrams to the State of the Internet: Security Report. Sankey graphs help visualize energy, material, or cost transfers between processes.

The Sankey graph below shows how DDoS reflection attacks have trended during the past five quarters. We tracked ten infrastructure-layer DDoS-reflection vectors. The most used vectors seem to correlate with the number of Internet devices that use these specific service protocols for legitimate purposes.

 

New DDoS Reflection/Amplification Method Exploits TFTP

 

Akamai SIRT is investigating a new DDoS reflection and amplification method that abuses TFTP. This is yet another UDP-based protocol that has been added to the list of DDoS amplification scripts available for malicious use.  

A new advisory authored by Jose Arteaga outlining the threat and suggested defenses can be downloaded here.

Recently, Dan Shugrue, one of our product marketing directors at Akamai was published in InfoSecurity magazine. His article, Barbarians at the Gate - Shoring Up Web Application Defenses with Client Reputation takes an incisive look at how client reputation monitoring can help bolster web security efforts. Dan argues that as attacks evolve, companies doing business on the web (and who isn't these days)must evolve their strategies for identifying and defending against attacks to be most successful. And a strategy that involves the use of client reputation capabilities to identify bad actors, before they act, is one important strategy to consider.

Machine Learning in Security

I recently started studying for the GMAT and ran into an interesting passage while taking a diagnostic test - a reading comprehension argument by the philosopher John Searle, who was one of the first philosophers to challenge the idea of artificial intelligence. Searle argued that the human brain is not like a computer processor, and that computers are syntactic (rule based), rather than semantic (meaning based) creatures. The diagnostic test question is referring to Searle's thought experiment called the Chinese Room. The idea of the Chinese Room suggests that if you lock a person in a room with rules translating English to Chinese characters, the individual will be able to respond in Chinese to questions written in Chinese. The experiment suggests that no matter how intelligent a computer (person locked in a room) can respond, a program (rules) can not give a computer "understanding", and therefore a computer can not "think" (i.e. "strong AI" does not exist).

Bot Management Strategy

It was March 13th, 2:30 AM at night and the customer called everyone on the Akamai account team announcing they were being attacked.  The attacker was locking inventory on their site for hours causing a significant burst in traffic and preventing customers from making transactions. The Akamai Security Operations Center was involved right away and quickly discovered that a bot was behind this attack.  This was a "good bot" just scraping the inventory for pricing data, but it caused havoc for both the infrastructure and the business.