The Akamai Blog

Guardicore Labs, in collaboration with SafeBreach Labs, found a critical vulnerability in Hyper-V’s virtual network switch driver (vmswitch.sys).

Akamai engineering has adopted new technology concepts to enhance and expand routing capabilities at the edge. Previously, Akamai’s traffic-steering capabilities were mainly focused on DNS-based routing. In this article, we would like to give you an in-depth look at how Akamai has embraced new routing technology concepts and merged them into the Akamai edge to enhance routing capabilities, provide faster and better traffic steering, and offer even better performance.

With the transition to remote work, we often hear the term remote access used in unison. Typically, remote work application access is facilitated via a remote access mechanism and, presumably, local work application access is facilitated via a local access mechanism. But I argue that this connection does not really hold true. Sure, remote work does require the use of a remote access mechanism, but the mechanism can and should also be used for local work. There's really no such thing as local access.

If I had a dollar for every time I heard the phrase “digital transformation,” I would have a lot of dollars. I’m sure you would too. We’d have even more if we counted the term “Zero Trust.” (Maybe we should start counting them, now that I think about it!)

Backhauling traffic destroys performance, and backhauling attack traffic can destroy even more. Nevertheless, in a traditional security deployment model, we are faced with the lose-lose options of either backhauling all traffic to the security stack or allowing some accesses to not go through the security stack. Of course, in the modern world where cyberattacks can cause enormous damage, the latter option is not really an option at all. All traffic must route through a robust security stack. So how do we accomplish this goal without backhauling? The answer is Zero Trust security deployed and delivered as an edge service.

Near the end of March 2020, G2A.COM saw its traffic virtually double overnight. The pandemic had just begun, and people were looking for ways to stay entertained and connected under lockdown. Not surprisingly, a lot of people turned to video games, and G2A.COM was one of the first places they went to for affordable game keys and activation codes.

Last week, we gathered a few of the most prominent leaders and experts from every corner of the federal space to talk about all things cybersecurity and digital transformation. Discussions ranged from the move toward Zero Trust Network Access (ZTNA), and effectively managing identities and access with a secure web gateway (SWG) to keep data safe, to what the executive order on cybersecurity means for agencies -- time to implement a multi-factor authentication (MFA) solution.

At 15:45 UTC on July 22, 2021, a software configuration update triggered a bug in our Secure Edge Content Delivery Network impacting that network's domain name service (DNS) system (the system that directs browsers to websites for that specific service). This caused a disruption impacting availability of some customer websites. The disruption lasted up to an hour. Upon rolling back the software configuration update, the services resumed normal operations.

Though Zero Trust is really quite simple and should be viewed as a very strong form of the age-old principle of least privilege, that does not mean that it is the same thing. In fact, one of the most significant differences from what came before is that when it comes to access, Zero Trust is based on application access, not network access. I was surprised, then, when Gartner's new SASE (secure access service edge) model included something called Zero Trust Network Access (ZTNA). This term is an oxymoron, and I make this point because it matters. The distinction between network access and application access is important.

On July 2, 2021, Kaseya disclosed an active attack against customers using its VSA product, and urged all on-premise customers to switch-off Kaseya VSA. Shortly before this alert, users on Reddit started describing ransomware incidents against managed security providers (MSPs), and the common thread among them was on-premise VSA deployments. In the hours to follow, several indicators of compromise (IOCs) were released, and Akamai was able to observe some of that traffic. A patch for the VSA product was released by Kaseya on July 11.

If the term Zero Trust has been popping up in your news feed with astonishing frequency lately, you may be tempted to think that Zero Trust must be a brand-new technology cooked up in a research lab at MIT and powered by the latest artificial intelligence, machine learning, quantum computing, and a 1.21 gigawatt flux capacitor. In this and subsequent blog posts, I want to make the case that, in fact, Zero Trust is all about simplicity, and that at its core, Zero Trust is a strong form of the age-old principle of least privilege.

I've spent my entire career in technology and can still recall the time when a desktop PC was the only way to work. (Truth be told, I'm also old enough to remember dumb terminals.) I also remember my first company laptop -- a beast of a thing with a monochrome display so thick it came with an integrated 2.5" floppy drive and a battery life that made it barely usable. My first mobile phone was a Motorola Timeport, the first tri-band mobile phone that could work in Europe and North America.

The video streaming traffic that Akamai delivered for more than 30 rights-holding customers during the July 11 Italy-England football (soccer) final as part of the delayed-to-2021European soccer tournament peaked at 34.9 Tbps on the Akamai edge platform. The traffic peak during the final match was the highest that Akamai reached for the tournament and was nearly 5x greater than the 7.3 Tbps peak of the 2016 Portugal-France championship match. Traffic during the June 29, 2021, round-of-16 match between Germany and England was the second-highest peak for the tournament, reaching 33.9 Tbps; third-highest was the July 6 Italy-Spain semi-final at 32.6 Tbps.

One year and a half following the start of the COVID-19 pandemic, we're seeing most companies either maintaining their remote work policies or slowly moving to a hybrid model. In fact, an estimated 36.2 million Americans will be working remotely by 2025, which is nearly double pre-pandemic levels.

State and local governments are weathering a digital explosion. The move to "virtual everything" means that greater amounts of information are being produced and transmitted electronically, but the digital infrastructure powering these operations is straining under the weight.

Every year, Q-dance (part of the ID&T group), a Dutch electronic music experience company, delights its die-hard fans (or their "tribe") at the world's largest hardstyle festival, Defqon.1. Helicopters, simulated earthquakes, special moments like Power Hour, and amazing shows make up the unique experience.

I hate passwords. There, I said it. I dread getting an email from Akamai IT telling me it will soon be time to update my password. I procrastinate until the last possible moment instead of immediately doing what is actually a trivial process. I suspect I'm not alone in my dislike for passwords.

In early May 2021, the President of the United States issued an executive order on cybersecurity, and though it will take some time for executive branch agencies to develop formal rules, the order itself includes a lot of what I consider to be best practice in cybersecurity, including the use of multi-factor authentication (MFA) and Zero Trust, mentioned by name.

New details in the Indexsinas SMB worm, also dubbed NSABuffMiner.

What is your recollection of May 2017? Emmanuel Macron won the French election. The Ringling Bros. and Barnum & Bailey Circus gave its final performance after a 146-year run. The U.S. FCC voted to overturn net neutrality rules. And the National Health Service in the United Kingdom was crippled by a massive ransomware attack that ended up costing over $120 million.