These days, it’s very possible that if you are being blocked while trying to access a specific website, it’s because you are on Akamai Technologies naughty list. With Akamai controlling nearly 30% of all Internet traffic, they are the hidden gatekeeper behind many of the world’s largest web properties. If you are being blocked, chances are it’s not without reason though. Depending on the number and severity of IP attacks Akamai detects, they assign a number a rating based on the likelihood of future attacks. It’s all very Minority Report and if you do find your IP address has been dropped into a “bad neighborhood”, note that it’s not just Akamai that blocks you, but the site’s owners as well. The ratings are devised in the Client Reputation Module that is sold to Akamai Kona Site Defender Customers. There are many other similar companies out there, with Akamai being just one option out of several large global companies that provide such services. But within the Fortune 100, Akamai is the clear market share leader.
If you do find your IP address being blocked its possible your computer may be compromised by a virus. It’s possible to have your IP number cleaned by Akamai if you contact then, but while there are some whose intentions are to get a clean slate, there are others who want to be white listed just so they can continue their malicious attacks. This is a common social engineering tactic. It’s a reminder that despite the efforts of security and software companies to protect themselves from cyber attacks, some of the easiest methods for causing disruption are through the person. It doesn’t always take millions to protect billions. Individual mistakes are the easiest ones to exploit.
Akamai’s threat operation team investigates all requests thoroughly before determining if an IP has been mistakenly placed on a “no fly” list. Once they are satisfied that the client is clean they can remove their reputation score from the database. In most cases, all IP addresses (even if white listed) will still have to go through the customers own Web Application Firewall, assuming they are using one. If you’re on an ecommerce site or basically any major global web property, chances are you will need to be cleared by their WAF as well after getting the go ahead from Akamai’s reputation scoring.
Investigating malicious IP addresses can be exhausting due to the sheer amount of global traffic running through a finite number of IP addresses that are often shared by many people. In most cases, a blacklisting can be reversed if it really is a false positive or even a case of an IP being hijacked by a malicious 3rd party. But Akamai has one clear rule, and that is if they see IP addresses repeatedly attacking a government or financial institution, then they will simply block that IP address for good.
So the next time you find yourself unable to access your favorite website is sure to reach out to the company directly, but you may also want to contact Akamai and confirm you are not on their IP reputation blacklist. If you are, chances are there are MANY other sites and applications around the world you will be restricted from using as well. And until you get your IP cleared, that will remain the case.