The PRWIRE Press Releases https:// 2016-09-15T01:23:48Z Q2 report spotlights a 129 percent YoY increase in total DDoS attacks and a record 276 percent increase in NTP reflection attacks 2016-09-15T01:23:48Z q2-report-spotlights-a-129-percent-yoy-increase-in-total-ddos-attacks-and-a-record-276-percent-increase-in-ntp-reflection-attacks-1 Sydney, Australia – September 15, 2016 – Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, today released its Second Quarter, 2016 State of the Internet / Security Report. The report, using data gathered from the Akamai Intelligent Platform™, highlights the cloud security landscape, specifically trends with DDoS and web application attacks, as well as malicious traffic from bots.   Download the latest State of the Internet / Security Report for data, analysis, and graphics at akamai.com/stateoftheinternet-security.   “While attack sizes are decreasing, we continue to see an uptick in the number of attacks as launch tools grow increasingly pervasive and easy to use and monetize,” said Martin McKeay, Editor-in-Chief, State of the Internet / Security Report. “This commoditization renders businesses vulnerable to a higher frequency of attacks they can’t defend against on their own. As we look toward Cybersecurity Awareness Month in October, it is important for organizations to understand what they are up against, specifically as adversaries increasingly threaten DDoS attacks for ransom.”   Highlights from Akamai’s Second Quarter, 2016 State of the Internet / Security Report include:  DDoS Attacks   Total DDoS attacks increased 129 percent in Q2 2016 from Q2 2015. During the second quarter, Akamai mitigated a total of 4,919 DDoS attacks. Akamai observed its largest DDoS to date at 363 Gbps on June 20th against a European media customer.  At the same time, the median attack size fell by 36% to 3.85 Gbps. Twelve attacks observed during Q2 exceeded 100 Gbps and two that reached 300 Gbps targeted the media and entertainment industry.  Web Application Attacks   Q2 2016 showed a 14 percent increase in total web application attacks from Q1 2016. Brazil experienced a 197 percent increase in attacks sourced from the region – the top country of origin for all web application attacks. The United States, ranked second among countries for total web application attacks, saw a 13 percent decrease in attacks compared to Q1 2016. SQL Injection (44 percent) and Local File Inclusion (45 percent) were the two most common attack vectors in Q2.  Bot Traffic Analysis During one 24-hour period in Q2, bots accounted for 43 percent of all web traffic across the Akamai Intelligent Platform. Detected automation tools and scraping campaigns represented 63 percent of all bot traffic, a 10 percent increase from Q1 2016. These bots scrape specific websites or industry segments and do not identify their intentions and origin.   A complimentary copy of the Q2 2016 State of the Internet / Security Report is available for download at akamai.com/stateoftheinternet-security. Download individual figures, including associated captions, at http://akamai.me/2cxMcJb.  About Akamai As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionizing how businesses optimize consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.   Global Average Connection Speed Up 23% According to Akamai’s ‘Fourth Quarter, 2015 State of the Internet Report’ 2016-03-22T22:52:29Z global-average-connection-speed-up-23-according-to-akamai-s-fourth-quarter-2015-state-of-the-internet-report SYDNEY, Australia, (March 23, 2016) – Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, today released its Fourth Quarter, 2015 State of the Internet Report. Based on data gathered from the Akamai Intelligent Platform™, the report provides insight into key global statistics such as connection speeds, broadband adoption metrics, notable Internet disruptions, IPv4 exhaustion and IPv6 implementation. Data and graphics from the Fourth Quarter, 2015 State of the Internet Report can be found on the Akamai State of the Internet site and through the Akamai State of the Internet app for iOS and Android devices. State of the Internet Report-related discussions are also taking place on the Akamai Community. “This quarter’s report shows great year-over-year growth in average connection speeds and overall broadband adoption,” noted David Belson, editor of the State of the Internet Report. “This is particularly important as consumer expectations rise and many high-profile events, like the summer games in Rio, will be streamed this year. The progress we’re seeing across our key metrics shows that, while there’s still work to be done, more parts of the world are increasingly able to support the delivery of broadcast-quality video content online.” Highlights from Akamai’s Fourth Quarter, 2015 State of the Internet Report: Global Average Connection Speeds and Global Broadband Connectivity  - Global average connection speed increased 8.6% to 5.6 Mbps from the third quarter, a 23% increase year-over-year. - South Korea had the top average connection speed at 26.7 Mbps, posting a 20% increase over the fourth quarter of 2014. - After a slight decline in the third quarter, the global average peak connection speed bounced back with a 1% increase to 32.5 Mbps in the fourth quarter. This led to 21% year-over-year growth. - South Korea (95.3 Mbps) and Macao (83.1 Mbps) were the only country/regions to post double-digit quarterly gains in average peak connection speed at 10% and 13%, respectively. - Globally, 7.1% of unique IP addresses connected to Akamai at average speeds of at least 25 Mbps, a dramatic 37% increase over the previous quarter. Year-over-year, global 25 Mbps adoption increased by 74%, in contrast to the 15% yearly decrease seen in the third quarter. - Each of the top 10 countries/regions saw double-digit growth in 25 Mbps broadband adoption except for Hong Kong (15%), which posted a 9.8% change quarter-over-quarter. Norway (21%) and Denmark (15%) saw the greatest yearly gains at 165% and 188%, respectively. - In the U.S., 10 states had 14% or more of unique IP addresses connected to Akamai at average speeds of at least 25 Mbps, with the District of Columbia holding the top spot at 25% adoption, a 15% quarter-over-quarter growth. - The global percentage of unique IP addresses connecting to Akamai that met the 4 Mbps broadband speed threshold increased 5.8% to 69%. Year-over-year growth was 17%. - In the fourth quarter of 2015, 32% of unique IP addresses across the world connected to Akamai at average speeds above 10 Mbps, an increase of 15% over the previous quarter. Year-over-year, this was a 34% increase. - 19% percent of unique global IP addresses connected to Akamai at average “4K-ready” connection speeds of 15 Mbps or above, up from 15% in the third quarter. Year-over-year, the global 15 Mbps adoption rate grew 54% with nine of the top 10 countries/regions seeing gains ranging from 3.3% in South Korea (63% adoption) to 102% in Norway (45% adoption). IPv4 and IPv6 - The number of unique, worldwide IPv4 addresses connecting to Akamai had a slight increase of 0.2% to just over 810 million addresses. - On a global basis, close to 70% of the countries/regions saw a quarter-over-quarter increase in unique IPv4 address counts in the fourth quarter, up 10% from the third quarter. - 43 countries/regions saw IPv4 address counts grow 10% or more, while 13 saw counts decline 10% or more as compared with the previous quarter. - Belgium again maintained a clear lead, with 37% of content requests being made over IPv6, up from 35% in the third quarter. France (11%) posted the largest quarter-over-quarter gain with 113%. - Verizon Wireless (67%) and Belgium’s Telenet (53%) continued to lead as the two network providers with more than half of their requests to Akamai made over IPv6. - Similar to last quarter, nine of the top 20 providers had at least one in four content requests to Akamai via IPv6. However, 18 of the top 20 – down from 20 in the previous quarter – had at least 10% of their requests to Akamai occur over IPv6. Mobile Connectivity - United Kingdom had the fastest average mobile connection speed at 26.8 Mbps, with Spain in second place at 14.0 Mbps. - Iran had the lowest average connection speed, at 1.3 Mbps, followed by Vietnam with an average connection speed of 1.8 Mbps. - In the fourth quarter, Finland and Australia led the world with 99% 4 Mbps adoption rates, followed closely by Sweden with 98% adoption. Ask the Expert State of the Internet Report editor David Belson will respond to “Ask the Expert” questions submitted via the Akamai Community Tuesday, March 22nd, through Thursday, March 24th. About the Akamai State of the Internet Report Each quarter, Akamai publishes a “State of the Internet” report. This report includes data gathered from across the Akamai Intelligent Platform about attack traffic, broadband adoption, mobile connectivity and other relevant topics concerning the Internet and its usage, as well as trends seen in this data over time. For additional information on the metrics in the report and how they are analysed, please visit http://akamai.me/sotimetrics. To learn more and to access the archive of past reports, please visit http://www.stateoftheinternet.com/soti-reports. To download the figures from the Fourth Quarter, 2015 State of the Internet Report, please visit: http://wwwns.akamai.com/soti/soti_q415_figures.zip About Akamai As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionising how businesses optimise consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.  Akamai Releases Q3 2015 State of the Internet - Security Report 2015-12-08T23:10:57Z akamai-releases-q3-2015-state-of-the-internet-security-report ·     Akamai mitigated a record 1,510 DDoS attacks, a 180% increase over Q3 a year ago; and 23% more than last quarter ·    The use of reflection-based DDoS methods by DDoS-for-hire sites resulted in  smaller attacks on average than we have observed from infection-based botnets ·    Retail suffered the vast majority of web application attacks—55%; online gaming hit by the most DDoS attacks; media and entertainment faced more of the biggest DDoS attacks SYDNEY – December 9, 2015 – Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, today announced the availability of the Q3 2015 State of the Internet – Security Report. The Q3 2015 report, which provides analysis and insight into the global cloud security threat landscape, can be downloaded at www.stateoftheinternet.com/security-report.    “Akamai has been seeing greater numbers of denial of service attacks every quarter, and the upward trend continued in the most recent quarter. Although recent DDoS attacks were on average smaller and shorter, they still posed a significant cloud security risk,” said John Summers, vice president, Cloud Security Business Unit, Akamai. “Attacks are being fueled by the easy availability of DDoS-for-hire sites that identify and abuse exposed Internet services, such as SSDP, NTP, DNS, CHARGEN, and even Quote of the Day.” DDoS attack activity at a glance DDoS attack activity across the Akamai routed network jumped 23% this quarter from already record levels to 1,510 attacks, an increase of 180% over Q3 2014. Although there were substantially more attacks, on average the attacks were shorter with lower average peak bandwidth and volume. Mega attacks (greater than 100 Gbps) were fewer: eight were recorded in Q3 compared to 12 in Q2 and 17 in Q3 a year ago. The largest bandwidth DDoS attack in Q3 – leveraging the XOR DDoS botnet – measured 149 Gbps. This was down from the peak 250 Gbps DDoS attack last quarter. Of the eight mega attacks, the media and entertainment sector was targeted most frequently, with three attacks.   While attack bandwidth was down, Q3 hit a record by a different measure of attack size. A firm in the media and entertainment industry was hit by a record-breaking 222 million packets per second (Mpps) DDoS attack, a small increase over a record-breaking attack of 214 Mpps in Q2. This large attack can be compared to an average peak volume of 1.57 Mpps for all DDoS attacks observed by Akamai in Q3. An attack of this size could bring down a tier 1 router, such as those used by Internet service providers (ISPs).   The online gaming sector was hit particularly hard by DDoS attacks in Q3 2015, accounting for 50% of the recorded DDoS attacks. Gaming was followed by software and technology, which suffered 25% of all attacks. Online gaming has been the most targeted industry for more than a year.   Reflection-based DDoS attacks are proving more popular than infection-based DDoS. Instead of spending time and effort to build and maintain DDoS botnets as they did in the past, more DDoS attackers have been exploiting the existing landscape of exposed network devices and unsecured service protocols. Whereas reflection DDoS attacks accounted for only 5.9% of all DDoS traffic in Q3 2014, these attack vectors accounted for 33.19% of DDoS traffic in Q3 2015.    Akamai Edge Firewall, a new source for DDoS attack data For the first time, the security report also includes attack activity observed across the Akamai Edge Firewall, our global platform perimeter. Edge Firewall data sets provide a broad look at attack activity at the global platform perimeter—with information on attack traffic coming from more than 200,000 servers outfitted with Akamai technology. We identified that the top 10 source ASNs of attack traffic originated primarily from China and other Asian countries, while reflectors in the US and Europe were more commonly leveraged in a distributed manner.   DDoS metrics Compared with Q3 2014 ·       179.66% increase in total DDoS attacks ·       25.74% increase in application layer (Layer 7) DDoS attacks ·       198.1% increase in infrastructure layer (Layer 3 & 4) DDoS attacks ·       15.65% decrease in average attack duration: 18.86 vs. 22.36 hours ·       65.58% decrease in average peak attack bandwidth ·       88.72% decrease in average peak attack volume ·       462.44% increase in reflection attacks ·       52.94% decrease in attacks > 100 Gbps: 8 vs. 17   Compared with Q2 2015 ·       22.79% increase in total DDoS attacks ·       42.27% decrease in application layer (Layer 7) DDoS attacks ·       30.21% increase in infrastructure layer (Layer 3 & 4) DDoS attacks ·       8.87% decrease in average attack duration: 18.86 vs. 20.64 hours ·       25.13% decrease in average peak attack bandwidth ·       42.67% decrease in average peak attack volume ·       40.14% increase in reflection attacks ·       33.33% decrease in attacks > 100 Gbps: 8 vs. 12   Web application attack activity In Q2 2015, the Shellshock vulnerability dominated web application attacks utilising HTTPS, but this was not the case in Q3. As a result, the percentage of web application attacks sent over HTTP vs. HTTPS returned to a more typical level (88% via HTTP, 12% via HTTPS). The use of web application attacks over HTTPS is likely to rise as more sites adopt TLS-enabled traffic as a standard security layer. Attackers may also use HTTPS in an attempt to penetrate back-end databases, which are typically accessed from applications served via HTTPS.   As in previous quarters, local file inclusion (LFI) and SQL injection (SQLi) attacks were by far the most prevalent web application attack vectors of those ranked. The retail industry was hit hardest, receiving 55% of web application attacks, with the financial services industry a distant second, receiving 15% of attacks. Web application attacks relied heavily on botnets that take advantage of unsecured home-based routers and devices.    The third quarter was also notable for an increase in WordPress plugin attack attempts, not only for popular plugins but also for less-known vulnerable plugins.   In Q3 2015, the US was the main source of web application attacks, accounting for 59% of attack origin traffic, and was also the target of 75% of these attacks. The top three attacking Autonomous System Number (ASNs) were associated with virtual private systems (VPS) owned by well-known cloud providers in the US. Many of the cloud-based virtual servers that are launched each day lack sufficient security and are compromised and used in a botnet or other attack platform.    A look at website scrapers A scraper is a specific type of bot whose purpose is to acquire data from targeted websites, store and analyse it, and then sell or use the data. One example of a benign scraper is a search engine bot. Other examples are rate aggregators, resellers and SEO analytics services. A section of the security report discusses scrapers and provides an easy way to identify them.   Web application attack metrics Compared with Q2 2015 ·       96.36% increase in HTTP web application attacks ·       79.02% decrease in HTTPS web application attacks ·       21.64% increase in SQLi attacks ·       204.73% increase in LFI attacks ·       57.55% increase in RFI attacks ·       238.98% increase in PHPi attacks Download the report A complimentary copy of the Q3 2015 State of the Internet - Security Report is available as a free PDF download at www.stateoftheinternet.com/security-report.   About stateoftheinternet.com Akamai’s stateoftheinternet.comshares content and information intended to provide an informed view into online connectivity and cybersecurity trends as well as related metrics, including Internet connection speeds, broadband adoption, mobile usage, outages, and cyber-attacks and threats. Visitors to stateoftheinternet.com can find current and archived versions of Akamai’s State of the Internet (Connectivity and Security) reports, the company’s data visualisations and other resources designed to help put context around the ever changing Internet landscape.     About Akamai As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionising how businesses optimise consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.   Akamai and Google Collaborate to Establish Direct Interconnects Between Akamai Intelligent Platform and Google Cloud Platform 2015-11-23T06:07:17Z akamai-and-google-collaborate-to-establish-direct-interconnects-between-akamai-intelligent-platform-and-google-cloud-platform SYDNEY,  November 23, 2015 – Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, today announced the company is collaborating with Google Cloud Platform as part of the Google Interconnect Program. Akamai’s participation is designed to reduce hosting and egress costs and improve performance for Akamai customers taking advantage of Google Cloud Platform.      Akamai’s participation as a Google Cloud Platform CDN Interconnect Provider is intended to ensure that the Google Cloud Platform serves all in region traffic destined for the Akamai Intelligent Platform™ via Akamai regions. Customers are expected to benefit from performance improvements and save up to 66 percent on Google Cloud Platform egress costs.   “As more and more enterprises come to rely on cloud-based computing and storage resources to drive their businesses, it’s critically important that performance is maximized and cost effectiveness is maintained,” explained Bill Wheaton, executive vice president and general manager, Media Products Division, Akamai. “As the operator of the world’s largest distributed CDN platform, we’re collaborating with Google Cloud Platform to ensure that our joint customers can pass traffic directly from Google Cloud Platform to the Akamai CDN, empowering them to take full advantage of their cloud investments.”   About Akamai As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionizing how businesses optimize consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter. Akamai Statement Under the Private Securities Litigation Reform Act This release contains information about future expectations, plans and prospects of Akamai's management that constitute forward-looking statements for purposes of the safe harbor provisions under The Private Securities Litigation Reform Act of 1995, including statements about future business plans and opportunities. Actual results may differ materially from those indicated by these forward-looking statements as a result of various important factors including, but not limited to, a failure of Akamai's offerings or functionalities to operate as expected, a lack of market acceptance of such service offerings and functionalities, and other factors that are discussed in the Company's Annual Report on Form 10-K, quarterly reports on Form 10- Q, and other documents periodically filed with the SEC.   Akamai Helps Drive Adoption of Faster and more Secure Web Protocol 2015-11-20T00:45:57Z akamai-helps-drive-adoption-of-faster-and-more-secure-web-protocol SYDNEY, 20 November 2015  – Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, today announced that since showcasing a production demonstration of HTTP/2 at Velocity in 2014, the Company is now actively working with more than 150 customers to deliver HTTP/2-enabled websites and is expanding its HTTP/2 program to all customers using qualifying products to deliver TLS encrypted web content. HTTP/2 represents the first major update to the HTTP network protocol in nearly 20 years. Although websites have dramatically evolved during this time, HTTP, the underlying protocol of the Web, has not. Through features and capabilities such as multiplexing and concurrency, header compression, server push, support for the latest cipher suites, and an overall reduction in development complexity, HTTP/2 is intended to significantly improve the performance and security/privacy of today’s Web. "For the past 17 years, customers have relied on Akamai to transform the unpredictable Internet into a fast, reliable, and secure platform for transacting e-commerce, distributing rich media, and delivering enterprise applications,” explained Ash Kulkarni, senior vice president and general manager, Web Experience, Akamai. “HTTP/2 is a critical piece in the puzzle of how to deliver near-instant web experiences, especially for mobile users on constrained cellular networks. Akamai is proud to be at the forefront of driving the adoption of this new web standard.” With Akamai engineers deeply involved in the IETF HTTP Working Group, Akamai has been instrumental in working with other Internet industry leaders to define the new HTTP/2 protocol. The company’s activities in this area were grounded in its commitment to benefit users, content providers, service providers, developers, and the Internet community at large. “In addition to the great performance benefits, we believe HTTP/2 will drive greater adoption of TLS. We believe the combination of Akamai’s industry-leading TLS offerings with the HTTP/2 protocol will provide a faster and more secure Internet for everyone," continued Kulkarni. More than 70 percent of requests on Akamai’s CDN currently come from HTTP/2 compliant browsers; however, some older browser versions will continue to be used for the foreseeable future. Therefore, Akamai’s implementation of HTTP/2 has been designed to use real-time network and end-user intelligence to dynamically apply the appropriate performance optimisations to ensure the best performance for each user. In addition, we believe Akamai is well positioned to offer the tools and intelligence required to take full advantage of the move to HTTP/2. For example, easy‑to‑use, self-service and highly granular configurability allows customers to control the deployment of HTTP/2, while built-in monitoring and reporting helps measure the impact. One organisation taking advantage of Akamai’s HTTP/2 support is Concur, the world’s leading provider of integrated travel and expense management solutions and services. “Concur’s users rely on us for the perfect trip and they interact with our applications from all over the world, often in ‘network-hostile’ conditions. Advances in network capabilities, such as HTTP/2, that can improve end-user performance are important to us,” stated Drew Garner, senior director, Cloud Architecture, Concur. “Akamai was able to begin serving our traffic over HTTP/2 almost immediately after the new protocol was ratified. It took us approximately 30 seconds to turn on HTTP/2. So far, we have seen significant performance improvement, up to 68 percent faster page load times for mobile cellular users for certain pages.”   To learn more about Akamai and HTTP/2 please visit http2.akamai.com.   About Akamai As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionising how businesses optimise consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter. ### Akamai Statement Under the Private Securities Litigation Reform Act This release contains information about future expectations, plans and prospects of Akamai's management that constitute forward-looking statements for purposes of the safe harbor provisions under The Private Securities Litigation Reform Act of 1995, including statements about future business plans and opportunities. Actual results may differ materially from those indicated by these forward-looking statements as a result of various important factors including, but not limited to, a failure of Akamai's offerings or functionalities to operate as expected, a lack of market acceptance of such service offerings and functionalities, and other factors that are discussed in the Company's Annual Report on Form 10-K, quarterly reports on Form 10- Q, and other documents periodically filed with the SEC.     Akamai Launches Cloud Networking to Accelerate and Secure Cloud-based Applications for Enterprise Branch Offices 2015-11-11T01:08:11Z akamai-launches-cloud-networking-to-accelerate-and-secure-cloud-based-applications-for-enterprise-branch-offices SYDNEY- 11 November, 2015 – Recognising that many of today’s forward‑thinking enterprises are leveraging the Internet to evolve their traditional Wide Area Network (WAN) architectures, Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, today introduced Akamai Cloud Networking. A globally available, integrated system of services, Akamai Cloud Networking is designed to ensure end-to-end reliability and performance for IP-VPNs as well as cloud and SaaS applications, while maintaining enterprise security and compliance.   The increasing dependence on using the Internet to access enterprise applications, including mission critical Software-as-a-Service (SaaS) and cloud-based applications, is creating new challenges for branch office connectivity, performance, and security. Enterprises incorporating Direct Internet Access (DIA) breakouts and hybrid WANs to increase available bandwidth need fast, reliable and secure connectivity to address the requirements related to the growing diversity of business applications.   Designed for Communication Service Providers (CSPs), Network Service Providers (NSPs) and branch infrastructure vendors, Akamai Cloud Networking offers modular “building blocks” intended to complement existing WAN offerings, easing the deployment of hybrid network architectures and DIA for enterprise customers. Through strategic relationships with Cisco and Riverbed, Akamai has previously demonstrated the ability to bring its caching and Internet transport optimisation technology inside the enterprise network. With the launch of Akamai Cloud Networking, the company is expanding its portfolio to offer Internet Transport Optimisation, SaaS and Cloud Acceleration, and Secure Web Gateway functionality.   “Fundamentally, the goal of Akamai Cloud Networking is to help our partners drive enterprise network transformation by providing branch offices and other remote locations with fast,  reliable, and secure direct Internet connectivity,” explained Willie Tejada, senior vice president and general manager, Cloud Networking at Akamai. “We believe that giving our CSP, NSP and branch infrastructure partners the technologies they need to help their enterprise customers  directly leverage the Internet to accelerate applications, maintain enterprise security, lower costs and seamlessly connect to the cloud is an incredible value proposition.”   Akamai’s Cloud Networking services include:                                                                                                   ·       Internet Transport Optimisation:SLA-backed route optimisation and forward error correction as well as TCP Optimisations where applicable are intended to provide reliable, high-throughput packet delivery over the Internet, leveraging the Akamai Intelligent Platform™.   ·       SaaS & Cloud Acceleration: Caching, data deduplication, Quality-of-Service (QoS) and Internet transport optimisation over the Akamai Intelligent Platform is designed to provide acceleration for any SaaS or Cloud application.   ·       Secure Web Gateway: Cloud-based outbound web filtering and inbound malware protection with full identity integration is intended to help to maintain enterprise security and compliance without impacting performance. These capabilities are being bolstered via the recent acquisition of Bloxx, a provider of Secure Web Gateway (SWG) technology.   “With the steep growth in global network traffic, driven by digital transformation programs, enterprises are having to rethink their network architectures,” said Pierre-Louis Biaggi, vice president, Connectivity Solutions, Orange Business Services. “A hybrid network segments enterprise traffic onto several transport links to balance cost and performance objectives. We believe faster, more reliable and secure Internet links, provided by the Akamai platform, will be an essential part of enterprises’ new connectivity mix to complement the unmatched speed and reliability of private WANs and low cost bare Internet links. We are proud to offer this new service to our multinational customers.”    About Akamai As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionising how businesses optimise consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.   ###   Akamai Statement Under the Private Securities Litigation Reform Act This release contains information about future expectations, plans and prospects of Akamai's management that constitute forward-looking statements for purposes of the safe harbor provisions under The Private Securities Litigation Reform Act of 1995, including statements about future business plans and opportunities. Actual results may differ materially from those indicated by these forward-looking statements as a result of various important factors including, but not limited to, a failure of Akamai's offerings or functionalities to operate as expected, a lack of market acceptance of such service offerings and functionalities, and other factors that are discussed in the Company's Annual Report on Form 10-K, quarterly reports on Form 10- Q, and other documents periodically filed with the SEC.   Akamai Launches the Akamai One Program for Startups in Asia Pacific and Japan 2015-11-04T02:48:12Z akamai-launches-the-akamai-one-program-for-startups-in-asia-pacific-and-japan SYDNEY– November 04, 2015 – Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, has launched the Akamai One Startup Program in Asia Pacific and Japan. The Akamai One program is designed to empower start-ups to focus on growing their businesses without worrying about the complexity of delivering fast, reliable and secure online experiences for their users.   The program makes available Akamai’s industry-leading Web and Mobile Performance solutions to startups in sectors such as travel, eCommerce, high tech and digital media. Under the program, independent startups and accelerators can leverage Akamai’s services and technologies for a year with no integration or recurring costs. The expanding startup landscape in Asia Pacific and Japan has captured US$9.4 billion in venture capital funding across a total of 436 investments in in the first quarter of 2015[1] – signaling a need for a secure, reliable and productive cloud environment to do business to compete and stand apart from the competition.   “Startups need to focus on innovating and bringing their product to market as quickly as possible in order to succeed and continue to secure funding to expand and grow. With Akamai’s solutions built into our globally-distributed platform, startups can scale their Internet operations rapidly without having to invest in infrastructure,” said Sanjay Singh, Senior Vice President and General Manager, Asia Pacific & Japan, Akamai Technologies. “Akamai One helps startups reduce the complexity of delivering high-performing web and mobile experiences with Akamai's proven CDN technologies, thus setting them up for success.” Under Akamai One, participating startups have access to one year’s worth of Akamai’s Web and Mobile Performance solutions that are designed to: ·       Reduce IT costs and extend web infrastructure by leveraging the Akamai Intelligent Platform™ ·       Deliver responsive user experiences with Akamai's Front End Optimisations (FEO) ·       Optimise for both cellular and Wi-Fi connections with Enhanced Mobile Protocol technology ·       Gain key audience insight in real time with Real User Monitoring (RUM) Akamai has partnered with incubators such as BlueChilli in Australia, SparkLabs in Korea, and TLabs in India to help startups succeed by providing products and resources that allow the startups to focus on their core business goals. These partnerships celebrate the alignment of Akamai and the incubators’ pursuit of entrepreneurship and innovation while navigating the challenges and opportunities through a fast, reliable and secure Internet. For more information on this program and eligibility criteria, please email akamaione@akamai.com   About Akamai As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionising how businesses optimise consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.   ###     [1]Startintx Index: APAC Venture Capital Microsoft customers to receive access to Akamai’s market-leading CDN as part of Microsoft Azure cloud platform 2015-10-21T01:14:49Z microsoft-customers-to-receive-access-to-akamai-s-market-leading-cdn-as-part-of-microsoft-azure-cloud-platform SYDNEY -  Oct 21, 2015  – Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, and Microsoft Corp. have announced a partnership in which access to the Akamai CDN will be fully integrated into Microsoft Azure. The forthcoming Azure CDN offering is designed to optimise performance of content and applications deployed and delivered on Azure.   As part of the companies’ expanded relationship, Microsoft is also bringing to market a series of first-party services that include Akamai’s market-leading CDN, acceleration and security solutions. Microsoft enterprise customers will be able to purchase any Akamai offering as “self-select” options through the Azure portal or as part of their organisation’s Microsoft enterprise agreement. In addition, customers will receive integrated, one-stop service and support from Microsoft and Akamai. “Through this strategic partnership, Microsoft and Akamai are helping usher in the next generation of content delivery tailored for cloud platform customers of all sizes,” said Bill Staples, Corporate Vice President, App Platform, Microsoft Azure. “The Azure CDN combines the intelligent cloud services of the Azure platform with the delivery advantages of Akamai’s world-class and massively-distributed CDN. Further, Azure customers can leverage Akamai’s unique CDN, acceleration and security product portfolio that can be managed and purchased through a single enterprise agreement.”  The relationship between Microsoft and Akamai is long-standing. Microsoft is one of the largest content delivery consumers on the planet, with decades of experience in delivering large software packages to big, globally dispersed audiences.  Akamai and Microsoft have also collaborated on major software downloads as well as some of the world’s largest, highest-profile online events.  “We believe the power of the Azure platform combined with the reach and scale of Akamai’s CDN opens a wealth of new possibilities for building and delivering highly-effective, cloud-based solutions for a host of applications,” said Tom Leighton, CEO of Akamai. “From start-ups to established enterprises, businesses need the assurance of scale, performance, and security as more and more applications and workloads move to the cloud.  We look forward to collaborating with Microsoft Azure and being a part of their open and flexible cloud strategy.”  -more- Microsoft customers are expected to be able to purchase an Azure CDN offering and deploy onto the Akamai Network architecture via the Azure portal in early 2016. In addition, a managed roll-out of Microsoft first-party services for CDN, acceleration and security based on Akamai will be available to targeted enterprises next month.  About Microsoft Microsoft (Nasdaq “MSFT” @microsoft) is the leading platform and productivity company for the mobile-first, cloud-first world, and its mission is to empower every person and every organisation on the planet to achieve more. About Akamai As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionising how businesses optimise consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter. # # # Akamai Statement Under the Private Securities Litigation Reform Act This release contains information about future expectations, plans and prospects of Akamai's management that constitute forward-looking statements for purposes of the safe harbor provisions under The Private Securities Litigation Reform Act of 1995. Actual results may differ materially from those indicated by these forward-looking statements as a result of various important factors including, but not limited to, the effects of any attempts to intentionally disrupt Akamai's services or network or Microsoft's platform by hackers or others, the inability of Akamai’s CDN and the Azure platform to operate together as expected or to continue to be interoperable, inability of customers to realise the expected benefits of the combined solutions, a failure of Akamai's network infrastructure, unexpected delays in the timing of releases of solutions and other factors that are discussed in Akamai's Annual Report on Form 10-K, quarterly reports on Form 10-Q, and other documents periodically filed with the SEC. Akamai Releases Findings of Increased Attacks and More Aggressive Tactics from DD4BC Extortionist Group 2015-09-10T23:18:57Z akamai-releases-findings-of-increased-attacks-and-more-aggressive-tactics-from-dd4bc-extortionist-group SYDNEY – September 10, 2015 – Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, published today, through the company’s Prolexic Security Engineering & Research Team (PLXsert), a new cybersecurity case study. Akamai shared details of an increase in distributed denial of service (DDoS) attacks from the Bitcoin extortionist group DD4BC, based on PLXsert’s observation of attack traffic targeted at customers from September 2014 through August 2015. Since April 2015, the team identified 114 DD4BC attacks, including more aggressive measures that target brand reputation through social media. The full report is available for download here:   www.stateoftheinternet.com/dd4bc-case.  “DD4BC has been using the threat of DDoS attacks to secure Bitcoin payments from its victims for protection against future attacks,” said Stuart Scholly, Senior Vice President & General Manager, Security Division at Akamai. “The latest attacks – focused primarily on the financial service industry – involved new strategies and tactics intended to harass, extort and ultimately embarrass the victim publically.”   What is the DD4BC Group, and How Does it Operate? The DD4BC group has been responsible for a large number of Bitcoin extortion campaigns dating back to 2014. In the past year, the group expanded its extortion and DDoS campaigns to target a wider array of business sectors – including financial services, media and entertainment, online gaming and retailers. The group has used e-mail to inform its target that a low-level DDoS attack will be launched against the victim’s website. From June through July 2015, the attacks increased from low-level to more than 20 Gbps in some cases. The group would then demand a Bitcoin ransom to protect the company from a larger DDoS attack designed to make its website inaccessible.   PLXsert released a history of the group’s activities that can be found in Akamai’s Security Bulletin: DD4BC Operation Profile, published in April 2015.   DD4BC Using Social Media to Exploit Organisations According to research from PLXsert, DD4BC recently threatened to expose targeted organisations via social media, adding to the damage caused by the DDoS attack itself. The goal apparently is to garner more attention for the group’s ability to create service disruptions by publicly embarrassing the target and tarnishing the company's reputation through these wide-reaching channels.   The group’s methodology typically includes use of multi-vector DDoS attack campaigns, revisiting former targets and also incorporating Layer 7 DDoS in multi-vector attacks, specifically concentrating on the WordPress pingback vulnerability. This vulnerability is exploited to repeatedly send reflected GET requests to the target to overload the website. Akamai researchers have seen this attack method incorporated into DDoS booter suite frameworks.   Threat Mitigation Since September 2014, the Akamai PLXsert has observed a total of 141 confirmed DD4BC attacks against Akamai customers. Of those attacks, the average bandwidth was 13.34 Gbps, with the largest DDoS attack reported at 56.2 Gbps.   To help protect against extortionist group DD4BC, and subsequent DDoS attacks, Akamai recommends the following defensive measures: -Deploy anomaly- and signature-based DDoS detection methods to identify attacks before a website becomes unavailable to users. - Distribute resources to increase resiliency and avoid single points of failure due to an attack. - Implement Layer 7 DDoS mitigation appliances on the network in strategic locations to reduce the threat for critical application servers.   Akamai and PLXsert will continue to monitor ongoing threats, campaigns and methodologies used by DD4BC. To learn more about the group and its specific threats and mitigation techniques, please download a complimentary copy of the threat advisory at www.stateoftheinternet.com.   About Akamai As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionising how businesses optimise consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.   Note: All product and company names are trademarks of their respective organisations. Akamai Releases Q2 2015 State of the Internet - Security Report 2015-08-18T22:39:09Z akamai-releases-q2-2015-state-of-the-internet-security-report -  Number of DDoS attacks more than doubled compared to Q2 2014; mega-attacks on the rise - An aggressive, multi-week Shellshock application attack, targeting a single customer, was responsible for 49% of web application attack alerts in Q2 2015  - Akamai researchers uncover 49 new WordPress plug-in and theme vulnerabilities SYDNEY – August 19, 2015 – Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, today announced the availability of the Q2 2015 State of the Internet – Security Report. This quarter’s report, which provides analysis and insight into the global cloud security threat landscape, can be downloaded at www.stateoftheinternet.com/security-report.   “The threat posed by distributed denial of service (DDoS) and web application attacks continues to grow each quarter,” said John Summers, vice president, Cloud Security Business Unit, Akamai. “Malicious actors are continually changing the game by switching tactics, seeking out new vulnerabilities and even bringing back old techniques that were considered outdated. By analysing the attacks observed over our networks, we’re able to identify emerging threats and trends and provide the public with the information to harden their networks, websites and application and improve their cloud security profiles.   “For example, for this report, we not only added two web application attack vectors to our analysis, we also examined the perceived threat posed by the onion router (Tor) traffic and even uncovered some new vulnerabilities in third-party WordPress plugins which are being published as CVEs,” he said. “The more you know about cyber security threats, the better you can defend your enterprise.”   DDoS attack activity at a glance For the past three quarters, there has been a doubling in the number of DDoS attacks year over year. And while attackers favoured less powerful but longer duration attacks this quarter, the number of dangerous mega attacks continues to increase. In Q2 2015, there were 12 attacks peaking at more than 100 Gigabits per second (Gbps) and five attacks peaking at more than 50 Million packets per second (Mpps). Very few organisations have the capacity to withstand such attacks on their own.   The largest DDoS attack of Q2 2015 measured more than 240 gigabits per second (Gbps) and persisted for more than 13 hours. Peak bandwidth is typically constrained to a one to two hour window. Q2 2015 also saw one of the highest packet rate attacks ever recorded across the Prolexic Routed network, which peaked at 214 Mpps. That attack volume is capable of taking out tier 1 routers, such as those used by Internet service providers (ISPs).   DDoS attack activity set a new record in Q2 2015, increasing 132% compared to Q2 2014 and increasing 7% compared to Q1 2015. Average peak attack bandwidth and volume increased slightly in Q2 2015 compared to Q1 2015, but remained significantly lower than the peak averages observed in Q2 2014.   SYN and Simple Service Discovery Protocol (SSDP) were the most common DDoS attack vectors this quarter – each accounting for approximately 16% of DDoS attack traffic. The proliferation of unsecured home-based, Internet-connected devices using the Universal Plug and Play (UPnP) Protocol continues to make them attractive for use as SSDP reflectors. Practically unseen a year ago, SSDP attacks have been one of the top attack vectors for the past three quarters. SYN floods have continued to be one of the most common vectors in all volumetric attacks, dating back to the first edition of the security reports in Q3 2011.   Online gaming has remained the most targeted industry since Q2 2014, consistently being targeted in about 35 percent of DDoS attacks. China has remained the top source of non-spoofed attack traffic for the past two quarters, and has been among the top three source countries since the very first report was issued in Q3 2011.   At a glance Compared to Q2 2014 •       132.43% increase in total DDoS attacks •       122.22% increase in application layer (Layer 7) DDoS attacks •       133.66% increase in infrastructure layer (Layer 3 & 4) attacks •       18.99% increase in the average attack duration: 20.64 vs. 17.35 hours •       11.47% decrease in average peak bandwidth •       77.26% decrease in average peak volume •       100% increase in attacks > 100 Gbps: 12 vs. 6 Compared to Q1 2015 •       7.13% increase in total DDoS attacks •       17.65% increase in application layer (Layer 7) DDoS attacks •       6.04% increase in Infrastructure layer (Layer 3 & 4) attacks •       16.85% decrease in the average attack duration: 20.64 vs. 24.82 hours •       15.46 increase in average peak bandwidth •       23.98% increase in average peak volume •       50% increase in attacks > 100 Gbps: 12 vs. 8 •       As in Q1 2015, China is the quarter's top country producing DDoS attacks   Web application attack activity Akamai first began reporting web application attack statistics in Q1 2015. This quarter, two additional attacks vectors were analysed:  Shellshock and cross-site scripting (XSS).   Shellshock, a Bash bug vulnerability first tracked in September 2014, was leveraged in 49% of the web application attacks this quarter. However, 95% of the Shellshock attacks targeted a single customer in the financial services industry, in an aggressive, persistent attack campaign that endured for the first several weeks of the quarter. Since Shellshock attacks typically occur over HTTPS, this campaign shifted the balance of attacks over HTTPS vs. HTTP. In Q1 2015, only 9% of attacks were over HTTPS; this quarter 56% were over HTTPS channels.   Looking beyond Shellshock, SSQL injection (SQLi) attacks accounted for 26% of all attacks. This represents a greater than 75% increase in SQLi alerts in the second quarter alone. In contrast, local file inclusion (LFI) attacks dropped significantly this quarter. While it was the top web application attack vector in Q1 2015, LFI only accounted for 18% of alerts in Q2 2015. Remote file inclusion (RFI), PHP injection (PHPi), command injection (CMDi), OGNL injection using OGNL Java Expressing Language (JAVAi), and malicious file upload (MFU) attacks combined accounted for 7% of web application attacks.   As in Q1 2015, the financial services and retail industries were attacked most frequently.   The threat of third-party WordPress plugins and themes WordPress, the world’s most popular website and blogging platform, is an attractive target for attackers who aim to exploit hundreds of known vulnerabilities to build botnets, spread malware and launch DDoS campaigns.   Third-party plugins go through very little, if any, code vetting. To better understand the threatscape, Akamai tested more than 1,300 of the most popular plugins and themes. As a result, 25 individual plugins and themes that had at least one new vulnerability were identified. In some cases, the plugin or theme had multiple vulnerabilities – totaling 49 potential exploits. A full listing of the newly discovered vulnerabilities is included in the report, along with recommendations to harden WordPress installs.   The pros and cons of Tor The Onion Router (TOR) project ensures the entry node to a network does not match the exit node, providing a cloak of anonymity for its users. While Tor has many legitimate uses, its anonymity makes it an attractive option for malicious actors. In order to assess the risks involved with allowing Tor traffic to websites, Akamai analysed web traffic across the Kona security customer base during a seven-day period. The analysis showed that 99% of the attacks were sourced from non-Tor IPs. However, 1 out of 380 requests out of Tor exit nodes were malicious. In contrast, only 1 out 11,500 requests out of non-Tor IPs was malicious. That said, blocking Tor traffic could have a negative business affect. However, legitimate HTTP requests to e-commerce related pages showed that Tor exit nodes had conversion rates on par with non-Tor IPs. Download the report A complimentary copy of the Q2 2015 State of the Internet - Security Report is available as a free PDF download at www.stateoftheinternet.com/security-report.   About stateoftheinternet.com Akamai’s stateoftheinternet.comshares content and information intended to provide an informed view into online connectivity and cybersecurity trends as well as related metrics, including Internet connection speeds, broadband adoption, mobile usage, outages, and cyber-attacks and threats. Visitors to stateoftheinternet.com can find current and archived versions of Akamai’s State of the Internet (Connectivity and Security) reports, the company’s data visualizations and other resources designed to help put context around the ever changing Internet landscape.     About Akamai As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionising how businesses optimise consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and  its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter Akamai Identified as a Leader in DDoS Services by Independent Research Firm 2015-07-23T23:23:54Z akamai-identified-as-a-leader-in-ddos-services-by-independent-research-firm-2  Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, today announced the company has been identified by Forrester Research, Inc. as a Leader in The Forrester Wave™: DDoS Services Providers, Q3 20151. Akamai received the highest score in Market Presence and tied for the highest score in Strategy. Akamai’s Distributed Denial-of-Service (DDoS) mitigation solutions received the highest score possible for alert notification process (DDoS monitoring service), response tactics (after the attack is detected), attack types defended, defended network protocols, and the second highest score for defense tactics (prior to an attack) and standard mitigation times. “There is no longer a clear distinction between doing business online and simply doing business. If you’re not online, you’re not doing business,” explained Stuart Scholly, senior vice president and general manager, Security Business Unit, Akamai. “Unfortunately, bad actors are all too aware of this phenomenon and have become adept at using DDoS as a means of hindering access to this important business channel. We believe Akamai’s position as a leader in the Forrester Wave™: DDoS Services helps instill in our customers confidence that our DDoS mitigation capabilities can help keep them online and highly available even in the face of the most daunting attacks.” Akamai’s DDoS mitigation solutions are designed to offer advanced protection against the largest and most sophisticated attacks and safeguard websites and other Internet-facing applications from the risks of downtime. Built on the Akamai Intelligent Platform™, Akamai DDoS mitigation solutions are intended to provide the scale necessary to stop the largest DDoS attacks without reducing performance, as well as offer intelligence into the latest threats and the expertise to adapt to shifting tactics and attack vectors. Further, as one of the only vendors in the space to offer a Time to Mitigate Service Level Agreement (TTM SLA), Akamai stands behind the experience and expertise of its Security Operations Centers’ ability to mitigate an attack within a specified timeframe. The Forrester Wave¹: DDoS Services Providers, Q3 2015 is available for download at: www.akamai.com/forrester-ddos-wave.About Akamai As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionizing how businesses optimize consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter. Akamai Warns of an Uptick in DDoS Reflection Attacks Using Abandoned Routing Protocol 2015-07-02T01:26:27Z akamai-warns-of-an-uptick-in-ddos-reflection-attacks-using-abandoned-routing-protocol Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, published today, through the company’s Prolexic Security Engineering & Research Team (PLXsert), a new cybersecurity threat advisory. The threat is related to the increasing use of outdated Routing Information Protocol version one (RIPv1) for reflection and amplification attacks. The advisory detailing this threat in full is available for download here: http://www.stateoftheinternet.com/ripv1-reflection-ddos  What is RIPv1? RIPv1 is a fast, easy way to dynamically share route information using a small, multi-router network. A typical request is sent by a router running RIP when it is first configured or powered on. From there, any device listening for the requests will respond with a list of routes and updates that are sent as broadcasts.   “This version of the RIP protocol was first introduced in 1988 – more than 25 years ago under RFC1058,” said Stuart Scholly, senior vice president and general manager, Security Business Unit, Akamai. “While the resurgence of RIPv1 after more than a year of dormancy is puzzling, it’s clear that attackers are exploiting their familiarity with this thought-to-be-abandoned DDoS reflection vector. Leveraging the behavior of RIPv1 to launch a DDoS reflection attack is quite simple for an attacker – by using a normal broadcast query, the malicious query can be sent as a unicast request directly to the reflector. The attacker can then spoof the IP address source to match the intended attack target – causing damage to the network.”  Using RIPv1 to launch a DDoS reflection attack   The PLXsert team’s research shows that attackers prefer routers with a large amount of routes in the RIPv1 database. Based on this research, most of the attacks recognized had queries that resulted in multiple 504 byte response payloads sent to a target with a single request. A typical RIPv1 request contains only a 24 byte payload, which proves that the attackers are getting a large amount of unsolicited traffic flooding their intended target with a small request.   The team studied an actual attack against an Akamai customer that took place on May 16, 2015. Research and non-intrusive scanning of the attack revealed that the devices being leveraged for the RIP reflection attack were likely not using enterprise-grade routing hardware. The team warns that RIPv1 is working as designed and malicious actors will continue to exploit this method as an easy way to launch reflection and amplification attacks.  Threat mitigation To avoid a DDoS reflection attack using RIPv1, consider one of the following techniques: ·         Switch to RIPv2, or later, to enable authentication ·         Use an access control list (ACL) to restrict User Datagram Protocol (UDP) source port 520 from the Internet   Akamai continues to monitor ongoing campaigns using RIPv1 to launch DDoS reflection attacks. To learn more about the threat, and mitigation techniques, please download a complimentary copy of the threat advisory at www.stateoftheinternet.com.  About Akamai As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionizing how businesses optimize consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter. Akamai Releases First Quarter 2015 ‘State of the Internet’ Report 2015-06-24T21:58:58Z akamai-releases-first-quarter-2015-state-of-the-internet-report Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, today released its First Quarter, 2015 State of the Internet Report. Based on data gathered from the Akamai Intelligent Platform™, the report provides insight into key global statistics such as connection speeds, broadband adoption across fixed and mobile networks, and IPv4 exhaustion and IPv6 implementation.   Beginning this quarter, security-related content that was previously included in the State of the Internet Report, including data on attack traffic seen across the Akamai platform and insights into high-profile security vulnerabilities and attacks, is now published in a separate State of the Internet / Security Report.   Data and graphics from the First Quarter, 2015 State of the Internet Report can be found on the Akamai State of the Internet site and through the Akamai State of the Internet app for iOS and Android devices. State of the Internet Report-related discussions are also taking place on the Akamai Community.   “We saw generally positive results across all of the key metrics during the first quarter of 2015,” said David Belson, editor of the report. “The increase in global broadband speeds demonstrates an ongoing commitment to higher standards. While connectivity will continue to differ across many regions, we see the highest broadband speeds in countries/regions with high population densities and strong government backing or support, as well as those that foster competition among Internet providers.”   Highlights from Akamai’s First Quarter, 2015 State of the Internet Report:  Global Average Connection Speeds and Global Broadband Connectivity In the first quarter of 2015, the global average connection speed for the first time reached 5 Mbps, a 10% increase over the previous quarter. Quarterly global average connection speeds among the top 10 countries all remained well above 10 Mbps, and six of the 10 had average speeds above 15 Mbps, as Ireland (17.4 Mbps), Sweden (15.8 Mbps) and the Netherlands (15.3 Mbps) joined South Korea (23.6 Mbps), Hong Kong (16.7 Mbps) and Japan (15.2 Mbps) in exceeding this benchmark in the first quarter. Globally, a total of 131 qualifying countries/regions saw average connection speeds increase in the first quarter, with growth rates ranging from 128% in Fiji (6.2 Mbps) to a modest 0.4% in Japan (15.2 Mbps). Year-over-year changes were consistently positive among the top 10, with Ireland (17.4 Mbps), Norway (14.1 Mbps) and Sweden (15.8 Mbps) all posting yearly increases of more than 30%.   In the first quarter, global average peak connection speeds increased 8.2% to 29.1 Mbps. Speeds increased across the board among countries/regions in the top 10, led by Kuwait (76.5 Mbps) and Mongolia (68.9 Mbps) with impressive gains of 126% and 72%, respectively. Singapore (98.5 Mbps) rose 17% to overtake Hong Kong as the country/region with the highest average peak connection speed. All of the top 10 countries/regions saw average peak speeds greater than 65 Mbps. On a global basis, 124 out of 144 qualifying countries/regions experienced average peak connection speed increases from the fourth quarter, with growth ranging from 0.2% in Puerto Rico (41.2 Mbps) to 126% in Kuwait (76.5 Mbps). Average peak connection speeds in 136 countries/regions increased from the first quarter of 2014.   For the first time, the State of the Internet is reporting on the percentage of IP addresses connecting to Akamai at average speeds of above 25 Mbps, the new benchmark broadband speed adopted by the U.S. Federal Communications Commission in January 2015. Globally, 4.6% of unique IP addresses connected to Akamai at average connection speeds of at least 25 Mbps, a 12% increase over the previous quarter. Similar to the 10 Mbps and 15 Mbps metrics, South Korea led the world in 25 Mbps broadband adoption, with a 31% adoption rate. Its rate was nearly double that of second-place Hong Kong (17% adoption). Year-over-year, the global 25 Mbps adoption rate grew 20%, and all of the top 10 countries/regions posted gains except South Korea, which saw a 5.9% decline compared with the first quarter of 2014. In the United States, five states had 10% or more of unique IP addresses connect to Akamai at average speeds of at least 25 Mbps.   The global percentage of unique IP addresses connecting to Akamai that met the 4 Mbps broadband speed threshold increased 6.6% to 63%, revealing strength across the board in contrast to the previous quarter’s slight decline in this metric. Globally, 107 countries/regions qualified for inclusion for this metric, and 100 of them saw quarterly growth in 4 Mbps broadband adoption rates, up from 76 in the previous quarter. Year-over-year growth rates ranged from 0.1% in Jamaica (43% adoption) to 1,402% in Algeria (3.3% adoption).   In the first quarter of 2015, 26% of unique IP addresses globally connected to Akamai at average speeds above 10 Mbps, an 11% quarterly increase that is significantly greater than the previous quarter’s modest 2.9% gain. Seven of the top 10 countries/regions saw quarter-over-quarter increases, ranging from 3.9% in Switzerland (59% adoption) to 21% in Bulgaria (55% adoption). Among the 68 qualifying countries/regions, 60 saw quarter-over-quarter increases. In terms of year-over-year changes, there was a 27% increase globally in the percentage of unique IP addresses connecting to Akamai at average speeds above 10 Mbps.   Fourteen percent of unique IP addresses globally connected to Akamai at average connection speeds of 15 Mbps or above, up from 12% in the fourth quarter. Despite declining for the second quarter in a row, South Korea remained the clear leader in 15 Mbps broadband adoption with a 58% adoption rate after a 4.9% quarterly decrease. Overall, quarterly gains were seen in 46 qualifying regions/countries, compared with only 35 in the previous quarter. Year-over-year, the global 15 Mbps adoption rate grew 29% with strong gains among all of the top 10, except in South Korea, which had a 4.2% decline compared with the first quarter of 2014.  IPv4 and IPv6 Continuing with the trend seen in the fourth quarter of 2014, the number of unique IPv4 addresses worldwide connecting to Akamai grew by nearly 10 million in the first quarter. Among the top 10 countries in the first quarter, the United Kingdom and Japan showed the largest quarterly gains at 5.7% and 5.1%, respectively. Brazil saw the largest year-over-year increase at 17%. Six other countries on the list saw yearly increases, ranging from Japan’s 11% to Russia’s 2.5%. On a global basis, two-thirds of countries/regions around the world had higher unique IPv4 address counts year-over-year.   European countries continued to dominate the 10 countries/regions with the largest percentage of content requests made to Akamai over IPv6 in the first quarter of 2015. Similar to last quarter, Belgium maintained its clear lead, with one-third of content requests being made over IPv6, more than double the percentage of second-place Germany. As with the previous quarter, the only two non-European countries among the top 10 were the U.S. and Peru, both of which saw double-digit quarterly improvements and ended the quarter with 14% and 13% adoption rates, respectively. Verizon Wireless and Brutele saw more than half of their requests to Akamai made over IPv6, and both showed increases from the previous quarter.  Mobile Connectivity In the First Quarter, 2015 State of the Internet Report, 62 countries/regions qualified for inclusion in the mobile section. The United Kingdom had the fastest average connection speed at 20.4 Mbps, a 28% increase from the previous quarter. Denmark was again in second place, at 10 Mbps. Vietnam had the lowest average connection speed, at 1.3 Mbps.   Average peak mobile connection speeds again spanned an extremely broad range in the first quarter, from 149.3 Mbps in Australia down to 8.2 Mbps in Indonesia. A total of four countries – Australia (149.3 Mbps), Japan (126 Mbps), Singapore (116.4 Mbps) and Thailand (105.4 Mbps) – posted average peak speeds above 100 Mbps, up from two countries in the fourth quarter. Perhaps due in part to rollouts of higher speed mobile technologies like LTE-A, the successor of 4G LTE, a total of 15 countries had average peak speeds above 50 Mbps, a large increase from just four in the previous quarter.   Denmark led the way in the percentage of unique IP addresses connecting to Akamai from mobile network providers within the qualifying countries/regions at average speeds of over 4 Mbps with a 98% adoption rate. It was followed closely by Sweden (97% adoption), Venezuela (97% adoption), Australia (96% adoption) and the United Kingdom (95% adoption). Vietnam, Iran, Kazakhstan, and Bolivia all had rates below 1%.  State of the Internet Report Editor David Belson will respond to “Ask the Expert” questions submitted via the Akamai Community Wednesday, June 24, through Friday, June 26.    About the Akamai State of the Internet Report Each quarter, Akamai publishes a “State of the Internet” report. This report includes data gathered from across the Akamai Intelligent Platform about attack traffic, broadband adoption, mobile connectivity and other relevant topics concerning the Internet and its usage, as well as trends seen in this data over time. For additional information on the metrics in the report and how they are analyzed, please visit http://akamai.me/sotimetrics. To learn more and to access the archive of past reports, please visit http://www.stateoftheinternet.com/soti-reports. To download the figures from the First Quarter, 2015 State of the Internet Report, please visit: http://wwwns.akamai.com/soti/soti_q115_figures.zip.   About Akamai As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionizing how businesses optimize consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.   ###   Akamai and Trustwave Form Strategic Alliance to Protect Businesses from Online Threats 2015-06-03T02:43:38Z akamai-and-trustwave-form-strategic-alliance-to-protect-businesses-from-online-threats Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, and industry-leading managed security services firm Trustwave, today announced a new strategic alliance designed to help businesses more effectively fight a wide range of malicious online activities through vulnerability assessment, denial of service prevention and incident response.   Through this partnership, Akamai and Trustwave plan to make available to their respective customers select technology solutions and security services from each company’s portfolio. The strategic relationship is intended to allow both companies to provide a broader set of cyber security protections to meet a wide range of customer requirements in a constantly changing cyber security threat landscape. “Through this new alliance, Trustwave and Akamai will deliver more advanced threat and vulnerability management solutions to help businesses fight cybercrime, protect data and reduce risk,” said Robert J. McCullen, Chairman and Chief Executive Officer at Trustwave. “We believe that augmenting the broad portfolio of security services we provide to businesses by adding distributed denial-of-service (DDoS) attack protection and cloud-based web application firewall services provided by an industry innovator like Akamai will greatly benefit our customers.”   Services and products included in the first phase of the strategic alliance include: ·       Security scanning and testing: Akamai will offer Trustwave Managed Security Testing to better help businesses find and fix vulnerabilities across their database, network and application assets through the cloud-based Trustwave TrustKeeper® platform.   ·       Distributed denial-of-service (DDoS) attack protection: Trustwave will offer Akamai’s managed DDoS protection services as part of the Trustwave portfolio of managed security services. Akamai’s industry-proven DDoS protection and mitigation capabilities are intended to keep web sites and applications available, even in the midst of today’s modern web attacks.   ·       Incident response and readiness: Akamai will offer Trustwave Incident Response and Readiness services delivered by Trustwave SpiderLabs®, a team of more than 150 ethical hackers, forensic investigators and researchers who conduct hundreds of data breach investigations per year. The service includes on-call responders and results in an actionable, tested plan to detect, triage and contain a breach.   ·       Web application security: Trustwave will augment its existing web application firewall (WAF) portfolio, which currently includes both a managed WAF service and on-premises product, by offering Akamai’s cloud-based Kona Site Defender for businesses that prefer a cloud deployment option. Akamai and Trustwave intend to co-develop Trustwave managed service offerings for the Akamai Kona Site Defender and WAF products.   “Akamai has significant respect for the people, services and technology behind Trustwave,” explained Stuart Scholly, senior vice president and general manager, Security Business Unit, Akamai. “By working together, our customers can augment their security posture with proven solutions and expertise, providing an even greater level of preparation and protection backed by the global, industry-leading managed security services from Trustwave. We believe adding Trustwave solutions to our portfolio will be of great benefit to our customers.” The collaboration between the two companies highlights the constantly evolving threat landscape illustrated by a number of security statistics: ·       96 percent of applications harbored one or more serious security vulnerabilities, according to the 2014 Trustwave Global Security Report. The finding demonstrates the need for more application security testing during the development, production and active phases, as well as deployments of web application firewalls for additional protection.   ·       According to Akamai’s Q1 2015 State of the Internet: Security Report, the first quarter of 2015 set a record for the number of DDoS attacks recorded on Akamai’s Prolexic network – more than double what was reported in Q1 2014. Malicious actors perform DDoS attacks to make computer systems and applications stop working for legitimate users, which can cause dramatic business disruption.   ·       At least 60 percent of enterprises will discover a breach of sensitive data in 2015, predicts Forrester Research in a recent report[1] – underscoring the need for businesses to be running a mature incident response program.   About Akamai As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionizing how businesses optimize consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.   About Trustwave Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than three million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.   # # # Akamai Releases Q1 2015 State of the Internet - Security Report 2015-05-19T23:31:07Z akamai-releases-q1-2015-state-of-the-internet-security-report Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, today announced the availability of the Q1 2015 State of the Internet – Security Report. This quarter’s report, which provides analysis and insight into the global cloud security threat landscape, can be downloaded at www.stateoftheinternet.com/security-report.   “In the Q1 2015 report, we’ve analyzed thousands of distributed denial of service (DDoS) attacks observed across the PLXrouted network as well as nearly millions of web application attack triggers across the Akamai Edge network. By bringing in the web application attack data, along with in-depth reports from all of our security research teams, we’re able to provide a more holistic view of the Internet and the attacks that occur on a daily basis,” said John Summers, vice president, Cloud Security Business Unit, Akamai. “This is our biggest and best security report yet. This report provides an in-depth look at DDoS attacks, and sets a baseline for web application attack triggers, so we will be able to report on attack trends for both the network and application layers in our future reports.”   DDoS attack activity soars Q1 2015 set a record for the number of DDoS attacks observed across the PLXrouted network – more than double the number recorded in Q1 2014 – and a jump of more than 35 percent compared to last quarter. However, the attack profile has changed. Last year, high bandwidth and short duration attacks were the norm. But in Q1 2015, the typical DDoS attack was less than 10 gigabits per second (Gbps) and endured for more than 24 hours. There were eight mega-attacks in Q1, each exceeding 100 Gbps. While that was one fewer mega-attack than in Q4 2014, such large attacks were rarely seen a year ago. The largest DDoS attack observed in Q1 2015 peaked at 170 Gbps.   During the past year, DDoS attack vectors have also shifted. This quarter, Simple Service Discovery Protocol (SSDP) attacks accounted for more than 20 percent of the attack vectors, while SSDP attacks were not observed at all in Q1 or Q2 2014. SSDP comes enabled by default on millions of home and office devices—including routers, media servers, web cams, smart TVs and printers—to allow them to discover each other on a network, establish communication and coordinate activities. If left unsecured and/or misconfigured, these home-based, Internet-connected devices can be harnessed for use as reflectors.   During Q1 2015, the gaming sector was once again hit with more DDoS attacks than any other industry. Gaming has remained the most targeted industry since Q2 2014, consistently being targeted in 35 percent of DDoS attacks. The software and technology sector was the second most targeted industry in Q1 2015, with 25 percent of the attacks.   Compared to Q1 2014 •       116.5 percent increase in total DDoS attacks •       59.83 percent increase in application layer (Layer 7) DDoS attacks •       124.69 percent increase in infrastructure layer (Layer 3 & 4) DDoS attacks •       42.8 percent increase in the average attack duration: 24.82 vs. 17.38 hours   Compared to Q4 2014 •       35.24 percent increase in total DDoS attacks •       22.22 percent increase in application layer (Layer 7) DDoS attacks •       36.74 percent increase in infrastructure layer (Layer 3 & 4) DDoS attacks •       15.37 percent decrease in average attack Duration: 24.82 vs. 29.33 hours   A look at seven common web application attack vectors For the Q1 2015 report, Akamai concentrated its analysis on seven common web application attack vectors, which accounted for 178.85 million web application attacks observed on the Akamai Edge network. These vectors included SQL injection (SQLi), local file inclusion (LFI), remote file inclusion (RFI), PHP injection (PHPi), command injection (CMDi), OGNL Java injection (JAVAi) and malicious file upload (MFU).1 During Q1 2015, more than 66 percent of the web application attacks were attributed to LFI attacks. This was fueled by a massive campaign against two large retailers in March, targeting the WordPress RevSlider plugin.   SQLi attacks were also quite common, making up more than 29 percent of web application attacks. A substantial portion of the SQLi attacks was related to attack campaigns against two companies in the travel and hospitality industry. The other five attack vectors collectively made up the remaining five percent of attacks.   Accordingly, the retail sector was the hardest hit by web application attacks, followed by the media and entertainment and hotel and travel sectors.   The growing threat of booter/stresser sites The menu of easy-to-use attack vectors found in the DDoS-for-hire market can make it easy to dismiss the effectiveness of attackers who use them. A year ago, peak attack traffic using these tactics from booter/stresser sites typically measured 10-20 Gbps per second. Now these attack sites have become more dangerous, capable of launching attacks in excess of 100 Gbps. With new reflection attack methods being added continually, such as SSDP, the potential damage from these is expected to continue increasing over time.   IPv6 adoption brings new security risks IPv6 DDoS is not yet a common occurrence, but there are indications that malicious actors have started testing and researching IPv6 DDoS attack methods. A new set of risks and challenges associated with the transition to IPv6 are already affecting cloud providers as well as home and corporate network owners. Many IPv4 DDoS attacks can be replicated using IPv6 protocols, while some new attack vectors are directly related to the IPv6 architecture. Many of the features of IPv6 could enable attackers to bypass IPv4-based protections, creating a larger and possibly more effective DDoS attack surface. The Q1 security report outlines some of the risks and challenges that are ahead of us.   SQL injection attacks move beyond data theft While SQL injection attacks have been documented since 1998, their uses have grown. The effects of these malicious queries can extend well beyond simple data exfiltration, potentially causing more damage than a data breach would have. These attacks can be used to elevate privileges, execute commands, infect or corrupt data, deny service, and more. Akamai researchers analyzed more than 8 million SQL injection attacks from Q1 2015 to uncover the most frequent methods and goals.   Website defacements and domain hijacking Hundreds of web hosting companies provide web hosting for as little as a few dollars a month. In those cases, the hosting company may host multiple accounts on the same server. This can result in hundreds of domains and sites running under the same server IP address, potentially allowing malicious actors to hijack multiple web sites at once. Once one site has been compromised, a malicious actor can potentially traverse the server's directories, potentially reading username and password lists, to access files from other customer accounts. This could include web site database credentials. With this information, attackers could gain the ability to change files on every site on the server. The Q1 security report includes an explanation of the vulnerability and recommended defensive measures.   Download the report A complimentary copy of the Q1 2015 State of the Internet - Security Report is available as a free PDF download at www.stateoftheinternet.com/security-report.   About stateoftheinternet.com Akamai’s stateoftheinternet.com shares content and information intended to provide an informed view into online connectivity and cybersecurity trends as well as related metrics, including Internet connection speeds, broadband adoption, mobile usage, outages, and cyber-attacks and threats. Visitors to stateoftheinternet.com can find current and archived versions of Akamai’s State of the Internet (Connectivity and Security) reports, the company’s data visualizations and other resources designed to help put context around the ever changing Internet landscape.       About Akamai As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionizing how businesses optimize consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.   1Data on cross-site scripting (XSS) and other high profile attack vectors was not collected for the Q1 report, but may be included in future editions.