MSSP Catbird Battles Pharming Menace
Catbird in early July launched its Anti-Pharming Suite, a set of services that employ the Deerfield, Ill.-based MSSP's network of globally distributed sensors to continually monitor customers' networks to identify patterns of behavior that indicate fraudulent activity.
While phishing attacks use social engineering tactics to deceive Web users, pharming targets vulnerabilities in DNS server software, enabling attackers to acquire the domain name for a legitimate Website and redirect its traffic to bogus Website with an identical design.
Pharming is a rapidly emerging identity theft tactic and is difficult to detect because companies need to monitor traffic inside the organization as well the larger Internet to detect it, according to Doug Michels, chief strategy officer at Catbird.
Catbird's Anti-Pharming Suite has addressed this problem by positioning its sensors at major Internet traffic aggregation points, from which the MSSP can triangulate the origin of attacks, Michels said.
"Our sensors constantly check customers' networks for any condition that we would consider anomalous from a security posture," said Michels.
The Anti-Pharming Suite protects companies from DNS hijacking, Website defacement, and "man in the middle" attacks, in which a miscreant monitors traffic between the victim and a Website in order to gain access to confidential data, Michels said.
Sean Pitts, director of security services at GoldLeaf, a Brentwood, Tenn.-based hosting solution provider that works with small banks, says because the Anti-Pharming Shield is automated and easy to deploy, Catbird can respond quickly to attacks. "Response time is slower whenever you have the human element in play as the critical link," Pitts said.
Pitts has seen recent pharming attacks aimed at harvesting customer banking records and other data to facilitate identity theft.
"As a company that does Web hosting for banks, pharming hits close to home for us. But I think everyone needs to be up to speed on this because it's a threat that can impact any industry," said Pitts.