Akamai Applies for Mobile Security and Sensitive Data Handling Patents

Akamai Applies for Mobile Security and Sensitive Data Handling Patents

In July 2015, the CEO of Akamai, Tom Leighton, applied for a patent titled “Method and system for handling sensitive data in a content delivery network.” This publication outlines a process by which a CDN such as Akamai could process transactions involving customer’s credit card numbers and payment information.

Currently, a customer shops on a website that is delivered to them via a CDN like Akamai, but when a customer goes to “check out” from their online shopping cart, the CDN is not involved in the actual processing of the sensitive information such as credit card information. When this data transfer occurs, the web page is actually delivered from the origin server, not from the CDN. This patent aims to change that dynamic by patenting the use of SSL and other secure links to handle this phase of the data transfer as well as all other aspects previously handled by the CDN.

The “sensitive data” that Akamai is referring to in this patent is not only credit card information for online shopping, though this is a huge and rapidly growing industry. The patent also broadens the scope of this information to include “information (such as personally identifiable information (PII)), health care information (such as HIPAA-related data), finance information (such as GLBA-related data), other confidential information.” As electronic medical records and the Internet of Things becomes the norm, Akamai does want to be left out of these opportunities for content delivery.

Akamai second patent filed in November 2015 seems to be in a similar vein to the “sensitive information” patent, but addresses mobile content delivery and security. The “Distributed computing service platform for mobile network traffic” patent outlines added platform resources such as deep packet inspection, transcoding, etc. which can be used to create an encrypted channel between a mobile device “through the mobile network, e.g., using content provider key and certificate information available to the platform.”

This patent also utilizes the SSL/TSL links mentioned in the previous patent. Akamai, a leader in content delivery, aims to secure its importance in every aspect of content delivery, whether it is transaction data information transfer or mobile content delivery and mobile secure data transfer. As mobile devices become the preferred devices on which users connect throughout the world and the mobile market grows exponentially, Akamai is trying to keep ahead of and be a leader in the evolving market.

Google Releases Details on the Borg and What It Has Learned From 10 Years of Operation

Google has released a paper detailing the operations and structure of its orchestration cluster manager software, Borg, which has controlled its data centers and applications for more than ten years. Borg has remained a well-kept secret and is believed to have played a large role in Google’s rapid expansion throughout the last decade.

Because Borg does not require different clusters for different applications, but instead managed clusters to operate any software at any time, sending tasks wherever computing power was available, some believe that Borg’s cluster management has saved Google the building of an entire other data center. This paper illuminates many of the details on Borg as well as what Google has learned during its operation. It also hints at its next big player in the orchestration game, Omega.

Borg was created to be highly reliable and available while performing resource management behind the scenes and running workloads across tens of thousands of machines so that users could focus intently on high-level application development. Since Borg’s inception, there have been many other developers that have created Borg-like cluster managers (Apache Mesos, Facebook Tupperware), and Google has added components such as Kubernetes, which automatically adds or deletes resources in a container. Google’s Omega aims to improve upon and alter several aspects of Borg while incorporating new technological advances.

As seen in their Kubernetes software, “jobs” will not be the only grouping mechanism for tasks in Omega, but label queries can be used to provide flexibility in naming and structuring. Additionally, Omega will no longer assign one IP address per machine, and a port will simply be requested, eliminating some infrastructure complexity. Finally, Omega will aim to optimize all users and applications, instead of focusing primarily on high power users.

Borg did teach Google the importance of allocs (allocations, or pods in Kubernetes), which groups containers that are always scheduled together onto the same machine to share resources. From the successes of Borg, Omega will be sure to focus on cluster management over task management when load-balancing, will continue to allow users to “self-help” when debugging is needed and will maintain an API server at the core of a Google’s distributed system to process requests and manipulate underlying state objects.

Interview with Tim Timrawi, CEO of Sharktech

Sharktech, one of the earliest providers of DDoS mitigation services continues to forge ahead into enterprise space, providing security solutions to its customers around the world, including to numerous state agencies. We recently got the chance to talk to CEO Tim Timrawi about his business and some of the latest trends impacting the security space. A big thanks to Tim and his executive staff for the interview.

Akamai Releases Q4 2015 Earnings Report

Akamai has released its Q4 2015 earnings report, highlighting its year over year performance and security solutions revenue growth of 16% and 17% in 2015 year over year. Similarly, their fastest growing sector, cloud security solutions revenue, was up 46% in Q4 and 50% in 2015 year over year. Service and support solutions revenue also increased 18% year over year in Q4 and 16% in 2015 over 2014. However, they did see a drop in media delivery solutions revenue in Q4 of 2% year over year but an overall increase in 2015 of 7% year over year.

Though this 2% Q4 drop in media delivery may initially be overshadowed by the overall yearly increase in revenue, executives reported during their earnings conference call that their top two media companies are investing in do-it-yourself (DIY) content delivery and Akamai’s revenue from these companies will decrease from 13% of total revenue to 6% by mid-2016. Though they emphasized their overall increase of 7% in this sector, this 7% drop in revenue is sure to take a toll on their bottom line.

Furthermore, Akamai reported that it has yet to make a return on investment for the building out of its network in 2015 in anticipation for one of these large companies’ launch of a media network that would be carried over Akamai’s network.

Java Zero-Day Attacked Again

Semiweekly Technical Updates

Java Zero-Day Attacked Again

The popular software companies WebSphere, WebLogic, JBoss, Jenkins, and OpenNMS were exposed as highly vulnerable to zero-day exploits and potentially Remote Code Execution attacks on application servers, according to FoxGlove security in November 2015. This attack allows for the control of the servers, and the exploit has been around for more than two years. As the “Apache Commons Collections library fails to sanitize user-provided input thoroughly,” malicious code can be appended to the input and remote code execution can be performed. This vulnerability was dubbed CVE-2015-4852, and the number of web applications vulnerable to this attack have disturbingly increased, not decreased, since the vulnerability has surfaced.

The Growing Popularity of Crypto-Ransomware

Use of crypto-ransomware increased in November of 2015 and Chimera, Cryptowall, and CryptoLocker Service were the primary culprits in the attacks. These attacks are highly detrimental to organizations and users, as recovery options are severely limited. Chimera encrypts files and networks drives and directs individuals to a Dropbox file where the information is supposedly stored. Those that click on this Dropbox link are demanded to pay nearly $700 to obtain their data. If the sum is not paid, Chimera threatens to publish all documents and photos from the user (primarily businesses), though no compromised data has yet been detected.

Cryptowall, which first appeared in 2013, has been updated to Cryptowall 4.0, and encrypts not only files, but file names, making file recovery extremely difficult. One of the original versions of crypto-ransomware, CryptoLocker has also been updated to Cryptolocker Service, and is run from the Darknet by Fabken, who charges $50, plus ten percent. All three take advantage of vulnerabilities in Flash and Java.

Though it did not affect end users, admin Linux servers have also recently been breached by an attack that had administrative access and encrypted key files. A survey of security professional by Bromium indicated that 90 percent of them believe that “their organization would be more secure if it disabled Flash.” Detection and reaction to crypto-ransomware have proved ineffective, and Bromium reports that the only protection against these attacks are threat isolation security platforms, such as Bromium vSentry.

CloudFlare Recommends Mandatory Entropy in CA Serial Numbers

The cryptographic hash function SHA-1 is no longer considered secure and will soon be replaced with SHA-2. SHA-1 was designed to be collision resistant up to 280 bits and replaced MD5 encryption in 1995. MD5 was replaced when it was demonstrated that a collision could be generated in only a few days of computing and a chosen prefix hash collision could be easily generated. Using these collisions, hackers could then use known prefixes in the collision to append the bytes to determine the hash functions, and generate certificates from trusted browsers with the same hash.

Akamai Issues Q3 2015 State of Internet Report, Partners with Google and Microsoft

Top Weekly Updates

Akamai Issues Q3 2015 State of Internet Report, Partners with Google and Microsoft

Akamai, the global content delivery network (CDN) leader, has released its State of the Internet Report for the third quarter of 2015. Average global connection speeds have increased by 14% year over year and 0.2% from the second quarter of 2015 to 5.1 Mbps. Global peak connection speeds increased by 30% year-over-year to 32.2 Mbps, though this was a 12% drop from the second quarter.

Singapore and Macao achieved the highest average peak connection speed of 135.4 Mbps and 73.7 Mbps, respectively. Unique IP addresses that connected to Akamai that met the 4 Mbps broadband speed threshold increased by 9.8% year-over-year to 65%. Additionally, global IP addresses that averaged the “4K-ready” 15 Mbps increased 21% year-over-year to 15%.

Google has partnered with Akamai to launch its CDN platform, Alphabet Inc. Alphabet is currently in its “alpha” testing phase and is expected to reduce costs to customers by up to 66% by improving performance. Alphabet is Google’s contribution to the CDN marketplace, which is expected to grow at a compound annual growth rate of 26% to $15.73 billion by 2020.

Meanwhile, Microsoft’s Azure, which ranks second in infrastructure-as-a-service (IaaS) behind Amazon, is considering acquiring Akamai. The two are already partners is Microsoft’s Azure, but acquisition would allow Microsoft to compete with Amazon, which recently launched its own CDN.

Wowza Launches New Website and Adds 4K Streaming, Android Wear and Apple Watch Support

Wowza Media Systems launched a sleek, new website with an improved interface and user-friendly design. The new website is reportedly still undergoing improvements and has also been redesigned for the mobile user. The redesign will be critical for its mobile customers that are using the newly released Wowza GoCoder 2.0. This application will offer support for users of Android Wear and Apple Watch. It will also allow 4K streaming and will be integrated more seamlessly into wearable and mobile devices.

CloudFlare Warns of Massive HTTPS Access Problems

The U.S. based CDN CloudFlare has warned Facebook and other content providers that tens of millions of users will lose access to their websites when SHA1 (a crypotgaphic hashing function) is retired on January 1, 2016. SHA1 is highly vulnerable to forgery attacks and is being replaced with SHA256. SHA256 will be the minimum function required for access to websites using HTTPS such as Facebook.

However, many browsers in developing nations such as China, Yemen, and Ghana do not support SHA256. The potential outage is expected to affect about 7% of the world’s browsers, prohibiting 4-5% of website visitors in the developing world from access. Facebook and CloudFlare have announced a fallback mechanism that they hope will prevent this outage to its users and have advised other companies to do the same.

Imperva Reports Humans Generated More Traffic Than Bots in 2015

Cyber and data security company Imperva released its Bot Traffic Report and found that the amount of human traffic has surpassed the amount of bot traffic in 2015 at 51.5%. Bot traffic can be generated by “good bots” such as engine spiders, or “bad bots” such a spam engines and DDoS traffic. Bat bot traffic accounted for 29% of the traffic. Internet users have increased from 2.7 million to 3.1 million since 2013, and good bot traffic has decreased. Good bots are typically loaded once when a page loads, but bad bots often launch new attacks while the user is viewing the page and may lead to Internet attacks and outages.