BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

To Cash In On Wave Of Web Attacks, Akamai Launches Standalone Security Business

This article is more than 10 years old.

Akamai's content delivery network, the giant net on top of the Net that acts as an intermediary between millions of users and thousands of websites, has long found itself with a de facto role in Web security. Now, after a year flooded with indiscriminate hacks, the firm wants to spin what was once an accidental perk of its services into a business in its own right.

On Tuesday, Akamai is launching a new service it's calling Kona Site Defender, which acts as a buffer against the "denial of service" attacks that aim to knock Web sites offline, letting its clients filter out the attacks' sources or direct them at non-critical servers. The tools also include a firewall for Web applications, filtering out attacks that use flaws in the applications' code to alter a site or gain access to its data.

For years, Akamai's security features like these have been sold as mere bonus features of the Cambridge-based company's site acceleration services, which bring data to the edges of the Internet to speed up customers' site performance. Now Akamai wants to expand those features  into an independent source of revenue, says John Summers, a vice president of the firm who has just been tasked with leading its security operations. "This is us becoming a security company," Summers says. "We’re taking all the security stuff we sell and putting it into its own package."

Summers isn't shy about the opportunity he sees in Akamai's new business in defending companies against "hacktivist" groups like Anonymous and others, who have spent the last year on a rampage of site takedowns and data theft--the latter often achieved through common Web bugs like SQL injection--that have hit everyone from the CIA to Sony to Newscorp.  "Any company with views antithetical to the political view of the the hacktivists is now a target, and companies' migration of their services to the Web makes them more vulnerable to these attacks," he says. "That's what made this business opportunity arise."

Akamai has been a passive player in the security business for more than a decade, since it was hired in 2002 by then-counter-terrorism czar Richard Clarke to defend the White House from the Code Red virus that was set to launch an attack on its web servers. Just as it distributes demand for popular videos or images to its copies of that content around the world, it can also distribute a flood of fraudulent data requests among many servers to make sure a website stays up, as it did in the White House incident.

Since December of 2009, it's also offered a Web application firewall service, and in May of 2010 launched a tokenization service for e-commerce sites that replaces credit card data with encrypted numbers to avoid breaches. Until now, customers had to sign up for Akamai's core services in site acceleration to get any of those security features. But Summers says the current wave of Web attacks makes Akamai's services too broadly relevant to keep them tied to the company's content delivery network. "With the rise of the hacktivists, everyone is getting hacked," he says. "Customers need this kind of protection."