The Akamai Blog

Over the past week, Akamai Security Researchers have detected and analyzed a series of TCP reflection attacks, peaking at 11 Gbps at 1.5 Mpps, that were leveled against Akamai customers. The attack, amplified with a technique called TCP Middlebox Reflection, abuses vulnerable firewalls and content filtering systems to reflect and amplify TCP traffic to a victim machine, creating a powerful DDoS attack.

With Ukraine moving beyond the brink of war with an official invasion by Russia underway, organizations both near and afar must brace for potential repercussions in the form of crippling cyberattacks and intrusions. Already Ukraine has been bombarded with DDoS assaults aimed at taking down government sites, communication providers, and financial institutions.

A lot has happened since we published our January recap blog. Akamai launched a new documentation site on readme.io, we started a new season of Terraform Tapas, and we saw many amazing contributions from our Developer Champions.

Akamai?s security and network teams use our vast view of internet activity to closely monitor and act upon potential cyber threats, and we are taking appropriate measures to review our defensive posture and ensure the integrity of Akamai systems and the Akamai network.

The Technical Enablement and Education team, part of Akamai?s Global Services organization, has won a coveted Brandon Hall Group silver medal for ?Excellence in Technology,? for their automatic hands-on Lab Validation System (LVS). The automatic LVS is used throughout Global Service training courses, as well as in Channel Partner product certification, to provide real-time evaluations quickly and accurately for hands-on lab training associated with learning how to implement Akamai products.

The year 2021 was definitely challenging for security practitioners. The number of data breaches continued to rise; a report issued by the Identity Theft Resource Center stated that the total number of breaches in the first three quarters of 2021 exceeded the total number of events in all of 2020 by 17%.

Our longest-standing Developer Advocate, Mike Elissen, noticed an opportunity to make Akamai?s developer relations even stronger. He co-created Developer Champions, an advocacy program that helps Akamai employees better meet customer needs.

Akamai announced our intent to acquire Linode. The acquisition is intended to create the world?s most distributed compute platform. This new cloud to edge platform will make it easier for developers and businesses to build, run, and secure applications, especially given the complexities of Web3.

1&1 Versatel is a B2B provider for fibre gigabit connections and network-related services in Germany. The company is part of the United Internet AG and as such a sister company of 1&1 AG. 1&1 Versatel operates one of the biggest and most powerful fibre networks in Germany - providing its own network in more than 250 German cities and has implemented over 50,000 business customer solutions. We?re delighted that such an innovative company has chosen to partner with Akamai to increase the reach of its customer base to include smaller enterprises and to make its operations secure.

Akamai is compliant with applicable data privacy regulations in countries where we and our customers conduct business. This is a fundamental tenet of our company?s core values. After all, when you make life better for billions of people, billions of times a day, there?s an expectation that you will also protect their lives online. And that is exactly what we do.

What if you could see how a real cyberattack might unfold in your network? Imagine the insights you would gain into your security posture if you could safely and easily simulate the behavior of malicious actors before they hit your defenses. That?s what the Infection Monkey does.

Super Bowl LVI is almost here, and with that comes one of my favorite pastimes: watching the commercials! And you know I?m not alone ? 30% of viewers tune in to the big game primarily to see the commercials, upping the pressure on CMOs to ?get it right.? But winning the hearts and minds of the more than 100 million anticipated viewers goes far beyond creating a captivating 30- or 60-second spot. In fact, the production, supporting digital assets, celebrity endorsements, talking animals, etc. just scratch the surface when it comes to delivering an exceptional brand experience.

Locking tokens to the client IP address might seem like a good way to prevent content theft, such as sharing of authenticated URLs that include tokens. It might even appear to work in small-scale test environments. However, the internet has evolved to a point where it?s quite common for clients to use multiple source IP addresses. This is especially true when a token is created by a server on one hostname (such as a CMS) but then validated by a server on another hostname, such as an Akamai edge server, when serving content.

We're pleased to announce the launch of Akamai?s brand-new documentation site: techdocs.akamai.com. Powered by ReadMe, our new site offers intuitive and interactive content designed to help you get the most out of your Akamai products.

All Americans, regardless of background or location, deserve a fast, safe, and reliable digital experience. Whether in Silicon Valley, rural Montana, or an underserved area in Chicago, entrepreneurs, businesses, and consumers should be on an equal footing online. Unfortunately, that is not the current reality, and the pandemic only amplified and exacerbated the existing digital divides we know so well.

FritzFrog is a peer-to-peer botnet, which means its command and control server is not limited to a single, centralized machine, but rather can be done from every machine in its distributed network. In other words, every host running the malware process becomes part of the network, and is capable of sending, receiving, and executing the commands to control machines in the network.

Hello, and welcome to our very first Developer Community update of 2022. In this new monthly series, we?ll share highlights of what is happening across the Akamai Developer Community. Since this is the first blog we?re posting, we will also catch up on news from October 2021 through today.

Universal Plug and Play (UPnP) is a widely used protocol with a decade-long history of flawed implementations across a wide range of consumer devices. In this paper, we will cover how these aws are still present on devices, how these vulnerabilities are actively being abused, and how a feature/vulnerability set that seems to be mostly forgotten could lead to continued problems in the future with DDoS, account takeover, and malware distribution.