The Akamai Blog

We have some excellent highlights this month. We?re excited to announce new videos, useful articles, an event recap, and much more.

The need for businesses to deploy MFA for the protection of employee accounts has never been greater ? according to the latest Verizon Data Breach report, nearly 80% of data breaches involve the use of stolen or compromised employee credentials and brute force logins.

I am incredibly excited to announce that today we have completed the acquisition of Linode. You may have seen our press release announcing the acquisition, or listened to our earnings call during which our executives discussed why this is the right strategic investment for Akamai. But I wanted to use this opportunity to highlight why, as a technologist, this is such an important step forward for both Akamai and Linode, and what you can expect to see from us in the future.

Akamai plans to submit a number of our shared domains to the ?PRIVATE? section of the Public Suffix List (PSL) at some point on or after March 31, 2022. The PSL contains multi-party domain suffixes and is used by a wide range of client software (for example, web browsers) to implement policy decisions, such as to prevent cookies from being set on public or multi-party domains.

A vulnerability in enterprise collaboration suite MiCollab by telecommunications company Mitel has been abused for distributed denial-of-service (DDoS) attacks with record-breaking amplification potential.

We are excited to be named a Leader in The Forrester New Wave?: Microsegmentation, Q1 2022. We were evaluated alongside eight other vendors in the microsegmentation space and ranked in 10 criteria, including product vision, interface and reporting, host agents, agentless aspect, product, and services support.

In May 2021, following a number of high-profile security incidents, U.S. President Biden issued an executive order that set out a high-level agenda to modernize and improve the government?s cyber resilience. This January, the U.S. Office of Management and Budget (OMB) issued a memo to the heads of executive departments and agencies that gave much more detail on how the U.S. government will move toward Zero Trust security principles.

Cybersquatting, also known as domain squatting, is a type of scam that mimics a brand's domain to confuse potential victims and gain their trust. According to Revision Legal, ?Cybersquatting is prohibited in the U.S. by federal law under the Anticybersquatting Consumer Protection Act (ACPA.)? These fake domains can be used in cyberattacks ? especially phishing attacks.

Akamai data shows that in the days leading up to and including Lunar New Year, the activity of malicious bots increased 15% in China over the previous month. While a similar surge occurs during the high-traffic seen at the end-of-year holidays in EMEA and the U.S. ? China and Japan present a particularly enticing opportunity for successful cyberattacks because of the sheer volume in traffic: Retailers and ecommerce here serve some of the largest populations in the world.

I think we can all agree that sustainability is one of the most important topics that we will discuss this year. It's driving consumer habits, business practices, and investment decisions. And it?s a discussion that?s happening at every level of the business; from procurement all the way up to the boardroom.

In 2021, the impact of the Akamai Foundation?s philanthropic activities continued to expand beyond science, technology, engineering, and mathematics (STEM) education, deepening our commitment to digital equity and inclusion around the globe and to making a positive impact in the communities we serve.

A new reflection/amplification distributed denial of service (DDoS) vector with a record-breaking potential amplification ratio of 4,294,967,296:1 has been abused by attackers in the wild to launch multiple high-impact DDoS attacks.

I?ve always loved building things. At Akamai, I get to be part of a team that builds amazing things ? things that power and protect online experiences and make life better for billions of people, billions of times a day. But delivering those online experiences comes with a catch.

Danny Lewin Community Care Days (DLCCDs) are a celebration of our late co-founder Danny Lewin?s generous spirit and his tenacious appetites for collaboration, innovation, and (especially) giving back to our global community. DLCCDs bring to life our values and empower all Akamai employees to volunteer in the communities where we work, operate, and live.

Akamai stands with the people of Ukraine. As the assault on Ukraine continues, we are inspired by the courageous citizens defending their sovereignty.

See how Apple worked with Akamai to launch iCloud Private Relay. Learn about the service and how it can be best leveraged for Akamai customers.

2021, a year of creating a more diverse tech future with The Akamai Foundation.

Over the past week, Akamai Security Researchers have detected and analyzed a series of TCP reflection attacks, peaking at 11 Gbps at 1.5 Mpps, that were leveled against Akamai customers. The attack, amplified with a technique called TCP Middlebox Reflection, abuses vulnerable firewalls and content filtering systems to reflect and amplify TCP traffic to a victim machine, creating a powerful DDoS attack.

With Ukraine moving beyond the brink of war with an official invasion by Russia underway, organizations both near and afar must brace for potential repercussions in the form of crippling cyberattacks and intrusions. Already Ukraine has been bombarded with DDoS assaults aimed at taking down government sites, communication providers, and financial institutions.

A lot has happened since we published our January recap blog. Akamai launched a new documentation site on readme.io, we started a new season of Terraform Tapas, and we saw many amazing contributions from our Developer Champions.