Security Topics at Akamai Edge 2014: A Primer

Each year at Akamai Edge we update customers on some of the more persistent threats we’ve dealt with in the 12 months prior. Slides detailing the 2013 threat picture are available here. For an idea of what we’ll be sharing at Edge 2014 in a couple weeks, I’ve assembled this primer.

The following blog posts capture the main threats that have kept us busy in recent months:

Web Vulnerabilities: Low-Hanging Fruit for DDoSers
About a new Akamai PLXsert whitepaper released last week: “Web Vulnerabilities: The foundation of the most sophisticated DDoS campaigns.”

Akamai Offers Further Guidance to Blunt Linux DDoS Threat

David Fernandez, head of our Prolexic Security Engineering Research Team (PLXsert), offers additional details on the countermeasures regarding the Linus DDoS threat.

Linux Systems Exploited for DDoS Attacks
Linux users have a new threat to worry about. According to Akamai’s Prolexic Security Engineering Research Team (PLXsert), the bad guys have discovered a weakness in Linux systems they can exploit to expand their botnets and launch DDoS attacks.

OpenSSL Vulnerabilities
On Wednesday, 2014-08-06, the OpenSSL Project disclosed nine low- and moderate-severity vulnerabilities, with details published here. These are vulnerabilities that can potentially impact OpenSSL clients and servers worldwide.

Hackers “Join” World Cup 2014 Matches on the Web
George Orwell once said, “International football is the continuation of war by other means” – as we will demonstrate in this post – Mr. Orwell was spot-on, according to statistics on web application layer attacks collected by Akamai’s Cloud Security Intelligence platform, the 2014 world cup soccer matches spurred sophisticated cyber attacks between soccer-fan-hackers of competing sides.

Highlights of Prolexic Attack Report for Q2 2014
As attacks go, the second quarter of 2014 was quieter than the first. But when you compare the numbers to this time last year, that’s of little comfort. According to Prolexic’s newly-released attack report for Q2 2014, the rate of DDoS attacks rose 22 percent over the second quarter of 2013.

Blackshades RAT is a Serious Threat
Akamai’s Prolexic Security Engineering & Research Team (PLXsert) is warning companies of stealth surveillance and computer hijacking attacks by the Blackshades Remote Administration Tool (RAT) crimeware kit.

State of the Internet: Fewer Attacks Than Previous Quarter
The latest Akamai State of the Internet Report is out. Here’s a look at what we saw on the security front in the first quarter of 2014.

Anonymous Continues Targeting World Cup
In which we monitored attempts by Anonymous and others to cause Internet disruptions during the World Cup. Here’s how those attacks are playing out in the media.

World Cup 2014 Attack Targets
Attack targets were under the gun as soon as the World Cup started.

Threat Advisory: High-Risk Zeus Crimeware Kit
Akamai’s PLXSert team has discovered new payloads from the Zeus crimeware kit in the wild, deeming it “high risk” in an advisory.

Fresh Wave of Online Extortion Attacks Underway
Akamai CSIRT has identified a trend in online extortion that has the potential to impact customer websites and their users.

OpenSSL vulnerability (CVE-2014-0224)
The OpenSSL Project disclosed new vulnerabilities in the widely-used OpenSSL library. These are vulnerabilities that can potentially impact OpenSSL clients and servers worldwide.

PLXsert Eyes Spike in SNMP Reflection DDoS Attacks
Akamai’s Prolexic Security Engineering Response Team (PLXsert) has seen a significant resurgence in the use of Simple Network Management Protocol (SNMP) reflection attacks this past month.

The Brittleness of the SSL/TLS Certificate System
Despite the time and inconvenience caused to the industry by Heartbleed, its impact does provide some impetus for examining the underlying certificate hierarchy. (As an historical example, in the wake of CA certificate misissuances, the industry looked at one set of flaws: how any one of the many trusted CAs can issue certificates for any site, even if the owner of that site hasn’t requested them to do so; that link is also a quick primer on the certificate hierarchy.)

Podcast: CSO Andy Ellis on Heartbleed
By now, most of you are aware of the Heartbleed vulnerability that sent shockwaves through the tech industry. Like many of you, Akamai had to work overtime to ensure our customers were protected. We did that, but as is the case with any large security threat, we continue to be vigilant and, while letting everyone know what we did to keep them secure, we’re looking back at the lessons learned and how to turn it into even better security going forward. The details in this episode are not new, as CSO Andy Ellis has blogged at length about it. I’ve included those links below. But with so many of us working overtime to address Heartbleed, this was my first opportunity to sit down with Andy and discuss it.

Via:: Security Topics at Akamai Edge 2014: A Primer