The sorry state of IM security

A few weeks back I told you about a “friend” of mine who got hit with an IM bug. It was quick, painful, and pretty much fit the definition of “as much fun as a sharp stick in the eye.”

Apparently my friend is not alone. The IMlogic Threat Center, a global consortium that provides threat detection and protection for IM and peer-to-peer (p-to-p) applications, recently issued its second quarter 2005 report on the rise of IM security threats.

Launched with the support of the Internet security vendors Symantec, Sybari Software, and McAfee and the IM providers America Online, Microsoft, and Yahoo, the IMlogic Threat Center is a knowledge base for known IM and p-to-p vulnerabilities and provides rapid response and guidance for protection against newly detected threats.

So how much have IM threats increased over the past year? How does 2,747 percent grab you? Love to see that number next to your 401K, I’d bet.

The report says there has been a “sharp” (there’s an underwhelming adjective) 2,747 percent increase in new IM threats — including viruses, worms, SPIM (spam over IM), malware, and phishing attacks — in second quarter 2005, compared with the same period a year ago. IMlogic also issued more than 15 priority alerts to enterprises and IMlogic Threat Center subscribers in second quarter 2005 in response to the increasing frequency of reported IM threats. Sounds like a busy quarter at the Threat Center.

More than 70 percent of externally reported incidents to the IMlogic Threat Center in second quarter 2005 were attributed to enterprises and small businesses utilizing popular IM applications such as AOL Instant Messenger, MSN Messenger, Windows Messenger, and Yahoo Messenger.

The report also makes note of several attack and vulnerability trends for IM/p-to-p:

IM worms mutate across network boundaries: Second quarter 2005 saw an increase in the number of IM worms that simultaneously propagated across both public and private IM networks, infecting organizations with both standardized IM clients as well as heterogeneous IM usage.

IM worms undermine end-user security through effective social engineering: IM threats utilize “social engineering” techniques to capitalize on successful infection vectors, using casual “chat” techniques, trusted “buddy lists,” and end-user vulnerabilities as targets. In other words, they know what you’re doing with your IM service.

IM worms infect transparently and are difficult to quarantine: IM worms infect organizations rapidly and transparently, spreading to a large percentage of vulnerable users in less than one hour. IM worms capitalize on real-time protocols which make detection, quarantine, and response a challenge for corporate environments. I think that speaks for itself. These are not slow-moving zombies; these are fast moving little buggers, like the monster in Alien.

IM threats hit critical growth levels: There was an exponential increase in the volume of reported incidents of IM and p-to-p threats in second quarter 2005, as hackers and virus writers zero in on these programs and their increasingly wide use. And, unfortunately, it’s likely these numbers will just keep growing.

With all this data now available on the threats to IM, it’s hardly surprising to see more companies offering additional security products to counter this trend. For instance, Trend Micro this week added new IM Security for Microsoft Office Live Communications Server and InterScan Messaging Security Suite. IM Security for Microsoft Office Live Communications Server is designed to prevent recent worms such as Bropia, Kelvir, and Fatso from using IM to propagate themselves.

Expect to see more: With a 2,747 percent year-over-year growth rate in IM threats, I’m sure security vendors see a huge opportunity.

The IMlogic Threat Center’s second quarter 2005 IM Security Threat Report is available on this site.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now