Prolexic Technologies

Last updated

Prolexic Technologies, now part of Akamai
Company type Subsidiary
Industry Information technology and services
Founded2003
Headquarters
Hollywood, Florida
,
USA
Area served
Worldwide
Parent Akamai Technologies
Website www.prolexic.com

Prolexic Technologies was a US-based provider of security solutions for protecting websites, data centers, and enterprise IP applications from Distributed Denial of Service (DDoS) attacks at the network, transport, and application layers. It operated a DDoS mitigation platform and a global network of traffic scrubbing centers. Real-time monitoring and mitigation services were provided by a 24/7 security operations control center (SOCC). Prolexic indicated its DDoS mitigation services make websites, data centers and enterprise IP applications harder to take down via DDoS attacks. [1]

Contents

In February 2014, cybersecurity and cloud services company Akamai Technologies acquired Prolexic Technologies.

History

In 2003 Prolexic Technologies was founded by Barrett Lyon and was the subject of the book Fatal System Error by Joseph Menn. Prolexic protects organizations in the following markets: airlines/hospitality, e-commerce, energy, financial services, gambling, gaming, public sector, and software as a service. Sony is said to be a customer of the company. [1] [2] Prolexic claims some of the largest banks as its clients.

In 2005, the company was named one of the 100 Hottest Private Companies in North America by Red Herring. [3]

In 2011, Prolexic indicated it secured Payment Card Industry Data Security Standard (PCI DSS) level 2 compliance certification from the PCI Security Standards Council, which would speed the deployment of remediation for compliant organizations during encrypted Application Layer 7 DDoS attacks. [4]

In 2011 Prolexic CEO Scott Hammack [5] and President Stuart Scholly [6] both joined the company. [7]

Prolexic was acquired by Internet content delivery network Akamai Technologies in a $370 million deal completed in February 2014. [8]

Financial history

In 2011, Prolexic completed two financing rounds led by Kennet Partners totaling $15.9 million. [9]

In 2012, the company reported that in 2011 it achieved profitability and a compound annual growth rate of 45%. [10]

In 2012 Baltimore private equity firm Camden Partners invested $6 million in the company, and American Trading and Production Corp invested $2 million as part of an $8 million Series B funding round. [9] In the deal, Jason Tagler of Camden Partners joined the board of directors of Prolexic. Prolexic said it would use the Series B money to support staff and augment its network.

In 2013, Prolexic closed a US$30 million Series C funding round led by new investors Trident Capital and Intel Capital. Kennet Partners, Camden Partners and Medina Capital all took part in the funding round. [11]

Partners

The company claims as partners BT Global Services, Datacraft, Grove IS, Internap, IP Converge, Level 3 Communications, Preventia, and Telstra. [12]

Services

Prolexic provides three kinds of DDoS protection services to its clients: Monitoring and attack detection services, mitigation services that intercept attacks, and attack intelligence and post-attack intelligence services. [13] In addition, Prolexic aggregates intelligence information and reports on active botnets and fraud-linked IP addresses.

The company opened its first network traffic scrubbing center in North America in 2003, in Europe in 2005, and in Asia in 2007. [14] In 2012, the company’s traffic scrubbing capability was in excess of 500 Gbit/s of bandwidth and comprised multiple carriers in a distributed global network. [15] The firm was said to be investing in the infrastructure to cope with up to 1.2 Tbit/s peak traffic loads by the end of 2013. [16]

Because many DDoS attacks are concerted efforts by sophisticated live attackers, Prolexic uses a combination of automated tools and human expertise as part of its services. [17] In 2012, the company said it had successfully stopped all DDoS attacks affecting its clients to date, including attacks against application servers, such as Layer 4 (SYN floods) and Layer 7 attacks, [18] as well as HTTP GET flood attacks, [19] zero-day attacks, [20] UDP/ICMP floods, TCP flag abuses, DNS reflection, and DNS attacks. Prolexic is said to have mitigated the largest DDoS attack of 2011, which involved 250,000 computers infected with malware. [21]

The company’s service typically mitigates attacks within 5 to 20 minutes after a client's network traffic starts flowing through a scrubbing center. [15] Prolexic mitigated more than 30,000 DDoS attacks from 2003–2011. [15] In 2011, Prolexic mitigated 10 to 80 attacks daily. [15]

DDoS mitigation

In 2012, hacktivism and vandalism were cited as the main inspiration for DDoS attacks, rather than extortion as in the past. This type of motivation is said to make any company a victim, not just high-profile organizations. [22] Organizations of all sizes are said to be at risk of DDoS attacks, because the newer application-level attacks are more targeted than classic DDoS botnet attacks and don’t need as many resources to deploy. [23] The cloud-based DDoS mitigation approach used by Prolexic employs technology to redirect traffic to the company’s DDoS mitigation service, scrub the traffic, and send only legitimate traffic to the client site. This attack mitigation approach is said to be lower-cost than the traditional approach of a company maintaining its own network firewall, making DDoS attack prevention an option for most firms doing business on the web. [23]

See also

Related Research Articles

<span class="mw-page-title-main">Denial-of-service attack</span> Type of cyber-attack

In computing, a denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. The range of attacks varies widely, spanning from inundating a server with millions of requests to slow its performance, overwhelming a server with a substantial amount of invalid data, to submitting requests with an illegitimate IP address.

<span class="mw-page-title-main">Akamai Technologies</span> American computer networking company

Akamai Technologies, Inc. is an American company that provides content delivery network (CDN), cybersecurity, DDoS mitigation, and cloud services. Akamai is headquartered in Cambridge, Massachusetts. The company operates a network of servers worldwide, renting the capacity of the servers to customers running websites or other web services, in order to provide greater speed or availability to the end user by using an Akamai owned server that is located closer to the user.

<span class="mw-page-title-main">Botnet</span> Collection of compromised internet-connected devices controlled by a third party

A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its connection. The owner can control the botnet using command and control (C&C) software. The word "botnet" is a portmanteau of the words "robot" and "network". The term is usually used with a negative or malicious connotation.

Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms.

<span class="mw-page-title-main">The Spamhaus Project</span> Organization targetting email spammers

The Spamhaus Project is an international organisation based in the Principality of Andorra, founded in 1998 by Steve Linford to track email spammers and spam-related activity. The name spamhaus, a pseudo-German expression, was coined by Linford to refer to an internet service provider, or other firm, which spams or knowingly provides service to spammers.

Rizon is a large Internet Relay Chat (IRC) network with an average of around 20,000 users. The IRC network itself ranks number 5 among the largest IRC networks. Rizon is popular with many anime fansubbing groups who work online, many of whom provide their content through XDCC via IRC bots in their distribution channels. It is also used by many users of eRepublik as a means of communication. File sharing of other copyrighted material such as Warez is also common in some channels on the network.

<span class="mw-page-title-main">F5, Inc.</span> U.S. information technology company

F5, Inc. is an American technology company specializing in application security, multi-cloud management, online fraud prevention, application delivery networking (ADN), application availability & performance, network security, and access & authorization.

<span class="mw-page-title-main">Storm botnet</span> Computer botnet

The Storm botnet or Storm worm botnet was a remotely controlled network of "zombie" computers that had been linked by the Storm Worm, a Trojan horse spread through e-mail spam. At its height in September 2007, the Storm botnet was running on anywhere from 1 million to 50 million computer systems, and accounted for 8% of all malware on Microsoft Windows computers. It was first identified around January 2007, having been distributed by email with subjects such as "230 dead as storm batters Europe," giving it its well-known name. The botnet began to decline in late 2007, and by mid-2008 had been reduced to infecting about 85,000 computers, far less than it had infected a year earlier.

<span class="mw-page-title-main">Fast flux</span> DNS evasion technique against origin server fingerprinting.

Fast flux is a domain name system (DNS) based evasion technique used by cyber criminals to hide phishing and malware delivery websites behind an ever-changing network of compromised hosts acting as reverse proxies to the backend botnet master—a bulletproof autonomous system. It can also refer to the combination of peer-to-peer networking, distributed command and control, web-based load balancing and proxy redirection used to make malware networks more resistant to discovery and counter-measures.

<span class="mw-page-title-main">Barrett Lyon</span> American businessman (born 1978)

Barrett Gibson Lyon is an American Internet entrepreneur, security researcher, and a former hacker.

Linode, LLC is an American cloud hosting provider that focuses on providing Linux-based virtual machines, cloud infrastructure, and managed services.

In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet.

<span class="mw-page-title-main">Cloudflare</span> American technology company

Cloudflare, Inc. is an American company that provides content delivery network services, cloud cybersecurity, DDoS mitigation, and ICANN-accredited domain registration services. Cloudflare's headquarters are in San Francisco, California. According to The Hill, Cloudflare is used by more than 20 percent of the Internet for its web security services, as of 2022.

Imperva Incapsula is an American cloud-based application delivery platform. It uses a global content delivery network to provide web application security, DDoS mitigation, content caching, application delivery, load balancing and failover services.

DDoS mitigation is a set of network management techniques and/or tools, for resisting or mitigating the impact of distributed denial-of-service (DDoS) attacks on networks attached to the Internet, by protecting the target, and relay networks. DDoS attacks are a constant threat to businesses and organizations, by delaying service performance, or by shutting down a website entirely. It's also important to remember that mitigation won't work on code based softwares.

Defense.Net is a privately held American information technology and services company. The company's business is to protect Internet-facing infrastructures – such as e-commerce web sites – against all forms of Distributed Denial of Service (DDoS) attacks at the network. Defense.Net operates a constellation of DDoS mitigation sites around the Internet which are capable of filtering and removing DDoS attacks real-time.

XOR DDoS is a Linux Trojan malware with rootkit capabilities that was used to launch large-scale DDoS attacks. Its name stems from the heavy usage of XOR encryption in both malware and network communication to the C&Cs. It is built for multiple Linux architectures like ARM, x86 and x64. Noteworthy about XOR DDoS is the ability to hide itself with an embedded rootkit component which is obtained by multiple installation steps. It was discovered in September 2014 by MalwareMustDie, a white hat malware research group. From November 2014 it was involved in massive brute force campaign that lasted at least for three months.

Mirai is malware that turns networked devices running Linux into remotely controlled bots that can be used as part of a botnet in large-scale network attacks. It primarily targets online consumer devices such as IP cameras and home routers. The Mirai botnet was first found in August 2016 by MalwareMustDie, a white hat malware research group, and has been used in some of the largest and most disruptive distributed denial of service (DDoS) attacks, including an attack on 20 September 2016 on computer security journalist Brian Krebs' website, an attack on French web host OVH, and the October 2016 Dyn cyberattack. According to a chat log between Anna-senpai and Robert Coelho, Mirai was named after the 2011 TV anime series Mirai Nikki.

<span class="mw-page-title-main">DDoS attacks on Dyn</span> 2016 cyberattack in Europe and North America

On October 21, 2016, three consecutive distributed denial-of-service attacks were launched against the Domain Name System (DNS) provider Dyn. The attack caused major Internet platforms and services to be unavailable to large swathes of users in Europe and North America. The groups Anonymous and New World Hackers claimed responsibility for the attack, but scant evidence was provided.

Alexander Heid is an American computer security consultant, white hat hacker, and business executive.

References

  1. 1 2 "Source: Anonymous attacks on Sony annoying, not much more". Ars Technica. April 9, 2011.
  2. "LulzSec's Parting Trojan is a False Positive". CIO Magazine. June 28, 2011.
  3. "Top 100 Private Companies in North America" (PDF). RedHerring (Print issue). May 23, 2005.
  4. "Prolexic Becomes First DDoS Mitigation Provider to Gain PCI DSS Certification". Prolexic. August 11, 2011.
  5. "Prolexic Announces New CEO Scott Hammack". Prolexic. April 20, 2011.
  6. "Prolexic Announces Management Team, Names New President Stuart Scholly". Prolexic. May 13, 2011.
  7. "Management Team". Prolexic. Retrieved November 30, 2013.
  8. "February 18, 2014 - Akamai Completes Acquisition of Prolexic". www.akamai.com. Archived from the original on February 28, 2014.
  9. 1 2 "Camden Partners leads $8M funding round of Prolexic Technologies". Baltimore Business Journal. February 8, 2012.
  10. "Prolexic Revenues Increase 45 Percent in 2011- Significant investments in staffing, R&D and network capacity to accommodate growth". Prolexic. January 12, 2012.
  11. "Venture Capital Dispatch: The Daily Startup". Wall Street Journal. July 26, 2013.
  12. "Partners". Prolexic. Retrieved March 23, 2012.
  13. "Prolexic services". Prolexic. Retrieved November 30, 2013.
  14. "Milestones". Prolexic. Retrieved April 9, 2012.
  15. 1 2 3 4 "Letter from the president". Prolexic. Retrieved April 9, 2012.
  16. "Largest ever DDoS attack directed at financial firm, Prolexic reports". Techworld. May 30, 2013.
  17. "Prolexic Scores Points with Content Rating Organization" (PDF). Prolexic. March 13, 2012.
  18. "Prolexic Shines in Mitigating Layer 7 DDoS Attack for Leading American Jewelry Designer" (PDF). Prolexic. March 13, 2012.
  19. "Prolexic Answers Late Night Weekend Call to Mitigate DDoS Attack for Foundation Source" (PDF). Prolexic. March 13, 2012.
  20. "Botnet-driven attacks at 'tipping point'". V3.co.uk. February 10, 2010.
  21. "Largest DDoS Attack So Far This Year Peaked At 45 Gbps, Says Company". CSO Online. November 24, 2011.
  22. "Más DDoS: More Powerful, Complex, And Widespread". Dark Reading. February 7, 2012.
  23. 1 2 "New Denial of Service Attacks Now Targeting All Size Businesses". CIO: IT Security Hack. December 8, 2011. Archived from the original on May 14, 2013. Retrieved March 25, 2012.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.