Next Score View the next score


    Akamai staking new ground in Internet security market

    Tom Leighton, chief scientist, Akamai Technology Inc.
    Kayana Szymczak for the Boston Globe
    Tom Leighton, chief scientist, Akamai Technology Inc.

    Akamai Technology Inc. of Cambridge became a billion-dollar Internet giant by delivering massive amounts of online data for the world’s biggest companies. Chief scientist Tom Leighton says the company is now using its technology and expertise to help customers fend off attacks from Internet criminals. Leighton spoke with Globe technology reporter Hiawatha Bray.

    What are the biggest threats facing your clients?

    In the last few years there’s been a surge of activity in three relatively new areas. There’s political hactivism. There’s some kind of cause out there or something somebody’s upset about. Very loosely defined organizations will adopt the cause and call the faithful to attack the website and bring it down.

    You also have the organized crime aspect, where cyber extortion and financial gain are the goals. A lot of this is coming out of Russia, eastern Europe, parts of Asia.


    Finally you have state-sponsored cyber activity, which can be either testing defenses or can be for stealing corporate or state secrets. The rate of attacks among our customer base has grown incredibly in the last two years. There were a little over a dozen in 2009. In 2011, there were over 500.

    You’ve launched a new product, Kona Site Defender, that’s supposed to protect businesses from massive “denial of service’’ attacks that can shut down their sites. How does it work?

    Get Talking Points in your inbox:
    An afternoon recap of the day’s most important business news, delivered weekdays.
    Thank you for signing up! Sign up for more newsletters here

    The hackers have a vast array of resources they can bring to bear against a website. That’s where Akamai also has a vast array of resources with our servers at the edge of the network to block those attacks where they start. There’s no way today that a website can defend themselves. They simply do not have the capacity to withstand a large-scale attack. Really the only way to deal with that is to have the defenses be out at the edge of the Internet.

    How can Akamai compete against the traditional Internet security companies?

    There are a couple of traditional models for protecting a Web infrastructure. One is you buy firewall software and you put it in your data center. If the attack gets there in volume, it’s not going to do you any good. Also there’s a very high rate of false alarms. With Akamai, the architecture’s different. We do it in our platform, away from your data center.

    We’re in a thousand networks. Our servers are in 750 cities. We’re in thousands of locations. There is no other company that does that.

    Akamai’s facing lots of competition in its core data delivery business. Is the move to data security part of a defensive strategy?

    The margins in our media business have come down, but we see a fantastic future there, so we’re continuing to invest there. With our application acceleration business, that’s actually a very strong business. All top 40 e-commerce sites now use Akamai. Twenty of the top 20 global commerce sites use Akamai.


    We’ve built our own virtual Internet. When the end user wants to buy something, they get hooked up to an Akamai server right near them. We use our own Internet to get access to that database and commerce engine really fast.

    The problem now is in mobile, because mobile is not that fast. There’s a new product that we’re now coming out with called Mobile Accelerator and it makes things two to three times faster, and you really notice it.

    Why are mobile data services so slow?

    The cellular infrastructure was not built for data, and certainly not for media. It was built for voice. Voice is 8,000 bits a second. If you’re doing media, that could be hundreds of thousands of bits a second and that’s still low-quality movies. Everybody’s got a device now, and the infrastructure’s just not prepared.