The Akamai Blog

Television remotes have gotten little attention as a potential attack vector ? despite being one of the most common household devices you can find.

At Akamai, we talk a lot about DDoS attacks. It's because we're pretty good at handling them. We've stopped many of the world's biggest attacks. And, while less common, they get a lot of attention. But we can also stop the world's smallest attacks. And we stop lots of them. It's these smaller attacks that we're talking about today.

As a region, it's very diverse and dynamic, with a lot to experience. Although I'm based in the Beijing office, I have opportunities to collaborate closely with my colleagues in Japan, India, Singapore and Australia. We find synergies and uniqueness in each market, and constantly share ideas and best practices. It's fun, but it's also an enriching learning experience to live and work in such an exciting region.

People depend on the internet for just about everything: interacting, learning, transacting, traveling, working, and more. At the same time, the wireless evolution to 4G -- and soon 5G and Wi-Fi everywhere -- has given birth to an era of connected cars, smart sensors, and a multitude of other "things" that are growing rapidly and expanding in utility and scope. Leading network providers see new market opportunities with new business models to monetize new services that combine networks and commerce, including:

My heritage is Sri Lankan. But, at the age of 15 I moved to France as a refugee, fleeing a civil war. Starting a new life from scratch in France, without speaking French, was certainly an interesting journey. But I was lucky enough to have support from my parents. They lived by the mantra of "when there's a will, there's a way". And that helped get me into the French education system, where I completed high school and University, before moving to the UK to start my professional career in IT.

If you told me at the beginning of 2020 that I'd be cycling 250 miles in the remote Upper Peninsula of Michigan, fundraising for an organization called "Climate Ride", and wearing a face mask to go grocery shopping - I would not have believed you. Yet, since March 2020, we've all been living the reality of the Covid-19 pandemic. Social distancing, total lock-down for some, living and working from home, and dealing with a narrowed life experience.

The FBI has released a flash warning that thousands of organizations around the world, and across multiple industries, have been threatened with DDoS attacks unless they pay a bitcoin ransom. This ransom DDoS, or RDoS, threat was covered by Akamai's Security Intelligence Response Team (SIRT) in a Security Alert released on August 17, 2020.

As JavaScript-based client-side attacks continue to evolve, we see how attackers are getting more sophisticated and employing more advanced techniques. Unfortunately, it has been proven many times that any website partner can be exploited to carry out an attack. In the past month, we witnessed one of the most popular and trusted vendors being used as a credit card data exfiltration vector -- Google Analytics.

SQL injections were first discovered in 1998, and over 20 years later, they remain an unsolved challenge and an ongoing threat for every web application and API. The Open Web Application Security Project (OWASP) highlighted injection flaws in its Top 10 lists for both web application security risks and API security threats.

It's no secret that security threats continue to expand in volume and variety, making headlines on virtually a daily basis. From nation-state attacks, corporate espionage, and data exfiltration campaigns to all-in-one and sneaker bot campaigns, businesses across the globe find themselves dealing with a deluge of inbound threats. The increased amount and variation of threats, and the proliferation of apps being deployed and managed by teams and individuals across the enterprise, can make securing apps and data feel like trying to keep water out of a submerged sieve.

To attract and retain customers, you must offer an exceptional digital experience. In an increasingly competitive business climate, organizations are fighting to maintain loyalty and keep users engaged online. The cost of switching is low, consumers are transient, and user expectations for how digital experiences should perform have never been higher.

Akamai is thrilled to have been the lead sponsor for the recent Women's Foundation of Boston Empowerment Webinar for Girls and Young Women: Girl Decoded: An Intimate Conversation with Author Rana el Kaliouby about finding your voice, pursuing education and excelling as a woman in STEM.

My parents were first-generation immigrants from India. They worked hard, made Singapore their home and took all and any challenges head on. They have always lived by the simple philosophy, 'to be the change'. It's a philosophy that I try to live too, and in many ways it's what attracted me to Akamai not too long ago.

If you work in the video games industry, it's already obvious that security is a challenge, and criminals are a threat. But how much do you know about how the criminal economy works? What actually motivates them? What specific methods do they use? And how do they interact with one another?

Update 08/24/2020 As mentioned below, the Akamai SIRT has been tracking attacks from the so-called Armada Collective and Fancy Bear actors, who are sending ransom letters to various industry verticals such as finance, travel, and e-commerce. In addition to the...

The year is 2020, and the Coronavirus has affected life around the world in so many ways. For me, a third-year engineering student at R.V. Bangalore , I was looking forward to starting my internship at Akamai when the pandemic took hold, and suddenly everything seemed so uncertain.

How long will you wait for something? That depends on what you're waiting for, of course. But in your daily interactions, think about how many "things" you interact with where you expect the response to be instantaneous -- tapping on mobile apps; logging in and transacting with a retailer or a bank; selecting and viewing content on a streaming media device; interacting with a connected device like a light, doorbell, or even a car; or checking in for a train or flight.

Over a year ago, Akamai?s threat research team published research regarding a widely-used phishing toolkit we referred to as the ?Three Question Quiz?. It?s now time to review the evolution of the toolkit, the associated campaigns that we tracked in the wild, and the potential damage caused by those campaigns in the past year.

While we've highlighted both record PPS and BPS attacks mitigated on the Akamai Prolexic Platform over the past few weeks, these attacks are part of a broader trend of increasingly large and complex DDoS activity. We have seen clear indications across the industry of high-water mark DDoS attacks being publicized by multiple vendors. The sheer number of large attacks has been unprecedented. The attacks are also noteworthy for their increasing complexity, illustrated in the number and combinations of different attack vectors. The tenacity of attackers is also increasing -- one Akamai customer experienced 14 separate 100+ Gbps attacks in just the first half of 2020. "What's new is the concept of campaigns. We go back a couple of years, and 'attack' was the right word to use. There were many attacks every single day, but they weren't, in my opinion, campaign-oriented. Some of our more recent ones are campaign-oriented, where the attacker is working in a coordinated way over an extended period of time." -- Roger Barranco, Vice President, Global Security Operations, Akamai Some likely reasons for the rise in attacks are a combination of: The proliferation of DDoS-for-hire tools Emerging botnets (enterprise DVRs, IoT, etc.) entering the scene Plenty of motivating factors across social, geopolitical, and online unrest Quarantine and boredom -- what's a malicious actor supposed to do? Whatever the unique reason of each attack, the result is the same: a security and IT team needs an effective defense.

I joined Akamai Japan in June 2020. Of course, having worked in technology for my whole career, I already knew of Akamai and our strong reputation. I knew it was an intelligent company, with impressive technology, and - above all - a great story that really inspired me.