MANILA, Philippines - US-based Prolexic is plowing back a fifth of its earnings to research and development in order to protect networks across the globe from cybercriminals.
Prolexic Asia Pacific regional accounts manager Jan Yung said the company continues to invest 20 percent of its earnings for R&D to further improve their products, particularly distributed denial-of-service (DDoS) protection and mitigation all over the world.
He added that Prolexic, through cloud service provider IP Converge Data Services Inc. (IPC), would continue to expand its network in the Philippines to counter stronger network attacks from cybercriminals.
For his part IPC marketing director NiÑo Valmonte said DDos attackers target banks as well as e-commerce networks.
He pointed out that popular DDoS targets include sites or services hosted on high-profile web servers such as credit card payment gateways, automated teller machine (ATM) networks, and even root name servers.
“DDoS is an attempt to prevent a machine or network resource to be accessed by its intended users. It is generally comprised of strategies to interrupt services of a host connected to the Internet. Hackers launch DDoS attacks for various reasons, such as extortion, revenge, competition, diversion and politics,†Valmonte said.
IPC is a unit of ePLDT Inc., a wholly-owned subsidiary of dominant carrier Philippine Long Distance Telephone Co. (PLDT).
Prolexic currently has 850 gigabits per second (Gbps) of bandwidth dedicated to DDoS mitigation and supporting its four cloud-based scrubbing centers in London, Hong Kong, San Jose and Ashburn, Virginia.
Aside from the bolder attacks on networks, Yung said cybercriminals are also using Layer 7-type of attacks as part of expanding their coverage sectors.
Layer 7 DDoS attacks being those attacks that are designed to swamp specific elements of an application server infrastructure.
“Layer 7 attacks are complicated, devious and hard to detect because they resemble legitimate website traffic. Even a simple Layer 7 attack can overload important CPUs and databases by targeting login pages with random user IDs and passwords,†he said.
He advised companies that in installing an anti-DDoS system, a company must remember two important things. First, it must have an internal procedure or an IT plan in their system and that it must also thoroughly study their IT plan to ensure there are no loopholes in the system.
According to him, a company must not forget to apply a tier approach using multiple protection layers such as a firewall.