Home » Data Protection » Network Security

After Phishing? Pharming!

Security experts are concerned about pharming, a technically sophisticated DNS-based attack

Since pharming is largely a DNS poisoning problem, Boyle says, "the more likely solution would probably be found in antispoofing controls in the Internet's infrastructure." Innovative forms of strong authentication for users may also help. "If you can challenge a user to supply an additional piece of data based upon a user-selected question, which a pharmer would not know about, then you could help a user determine whether a pharming site was real or false," he says.

Pemco outsources DNS management to a large ISP, Boyle says. "I expect them to be proactive about dealing with DNS poisoning and domain spoofing as an infrastructure problem," he says. "The same goes for Internet registries [such as VeriSign and Network Solutions]. More controls are needed to prevent domain hijacking."

Although pharming attacks are still fairly infrequent, experts say security vendors and Internet service providers should take steps now to thwart attacks. Some ISP registrars are pushing for adoption of the DNSSEC standard to make the Internet more secure, says Jevans. He expects browser manufacturers and other developers to look for ways to tell end users more about the sites they're connecting to.

All of which suggests that pharming is everybody's problem to solve. It's clear that guarding against pharming attacks will require more than technology, says Ray. "I'm sure vendors will offer products to protect you from this, but the best thing you can do is put in place practices and procedures to safeguard your DNS servers and implementation. You also must educate users over and over again, since this affects their personal lives as well as potentially exposing sensitive company information," he says. "All of [this] combined with solid technical solutions and good communication between the IT and business departments will help to raise the bar quite a bit in regards to security protection. It may not protect you 100 percentâ¬as nothing willâ¬but it will help everyone in the long run."