DNS Attacks Expose Key FlawsMarch 8, 2008 – 4:04 PM
The steady rise in phishing attacks in the last year, coupled with increasingly sophisticated scams such as “pharming” attacks, is driving interest in technology to lock down critical components such as e-mail and Domain Name System.
But bigger changes to the underlying Internet infrastructure may be needed, according to interviews with industry experts who will be addressing the issue at the Interop show in Las Vegas this week.
Reports of phishing attacks grew an average of 26 percent each month between July of last year and February of this year, according to the Anti-Phishing Working Group, an industry association.
In recent weeks, APWG and The SANS Institute’s Internet Storm Center warned of new attacks such as “pharming,” or “phishing without a lure,” that attack DNS servers and silently route unsuspecting Web surfers to phishing Web sites, or sites that download malicious code.
The new attacks expose weaknesses in critical Internet infrastructure such as DNS, said Mike Hyatt, president and CEO of BlueCat Networks Inc., which makes secure hardware appliances for DNS and DHCP (Dynamic Host Configuration Protocol).