By Susan B. Shor TechNewsWorld
07/06/05 9:53 AM PT
"The level of threat is nowhere as great as its going to be in the future," David Ferris, president, Ferris Research, said. "Organizations should be coming up with a strategy and defenses now. They need multi-level antivirus control, firewall control and they should team up with value-added vendors to provide greater security on IM."
Tech Industry Paper - Finding Strength Through Customer Service Poised to capitalize on an upturn in the economy, technology companies are focused on retention & service. This paper, from Convergys, provides the latest research on customer experience for B2B & B2C technology customers. Learn more.
As the use of instant messaging for business and consumer purposes grows, so does the allure of writing malware targeting IM. A study released yesterday by IMlogic, which sells IM security products, reported that the number of attacks on IM systems jumped dramatically during the second quarter.
The IMlogic Threat Center study found that more than 70 percent of reported malware attacks were aimed at free messaging services such as AOL Instant Messenger, MSN Messenger, Windows Messenger, and Yahoo (Nasdaq: YHOO) Messenger; 30 percent targeted enterprise IM.
Threat Will Worsen
IM analysts agree that malware is becoming a greater problem and will continue to do so.
"The level of threat is nowhere as great as its going to be in the future," David Ferris, president, Ferris Research, which focuses on messaging and collaborative software, told TechNewsWorld.
"There has been in the past year, a noticeable increase in viruses, especially America Online's AIM client. They're No. 1 in terms of user base, so they're the primary target," said Su Li Walker, analyst, Yankee Group. "On enterprise side, IM clients are outside the boundary of enterprise protection. You're subject to an increase in the possibility of attack."
Many attacks rely on social engineering, which creates a double-edged sword for IM.
"One interesting thing on the consumer side is that IM clients are about building social networks," Walker said. "You can build a list exclusively and say I only want to talk to these people [to avoid the potential for malware], but I'm out there because I want to build a social network."
Tricky Bugs
IM malware can be difficult to prevent and remove, IMlogic said. "IM worms infect organizations rapidly and transparently, spreading to a large percentage of vulnerable users in less than one hour. IM worms capitalize on real-time protocols which make detection, quarantine and response a challenge for corporate environments," the report stated.
Walker, who focuses on consumer IM, said she had been the victim of IM malware.
"The way they're crafted they're difficult to get rid of," she said.
"Organizations should be coming up with a strategy and defenses now," Ferris said. "They need multi-level antivirus control, firewall control and they should team up with value-added vendors to provide greater security on IM."
Antivirus vendors Symantec (Nasdaq: SYMC), Sybari, and McAfee, and America Online, Microsoft (Nasdaq: MSFT) and Yahoo all support the IMlogic Threat Center.
China Joins International Anti-Spam Pact July 05, 2005
"Spammers have been not only sending their spam from Chinese computers, but also using Chinese servers to host the Web sites which spam directs people to," Sophos senior technology consultant Graham Cluley said. "Anything which turns the heat up on spamming activities in China is good news for everyone who uses the Internet for legitimate purposes."
Related Stories
Managing IM and E-Mail Threats in the Workplace May 28, 2005
Unmanaged instant messaging is becoming a major problem in the workplace, security experts warn. According to Francis Costello, chief marketing officer for Akonix Systems, a provider of software to manage instant messaging and e-mail, 80 to 90 percent of all companies have some instant messaging in use by employees.
Instant Messaging Creates Headaches for IT Professionals January 06, 2005
All major IM applications are designed to be left active, always running in the background and ready to pop up a window with a message from a friend. Because IM resides on users' computers and communicates outside the corporate network over the Internet, it is difficult to differentiate IM messages from normal Web traffic.
IMlogic Leads Force into IM Malware Battle December 08, 2004
Most e-mail users are aware that opening an executable file (.exe) from an unknown source is a danger, but many don't know what an IM threat looks like. It can be carried in a URL from somebody in your buddy list, IMlogic's Francis deSouza said.
Omnipod CEO Gideon Stein Speaks on IM Networks November 22, 2004
By implementing a private IM network, corporations and government agencies actually can boost productivity, cut telephone costs and improve customer service, self-described "serial entrepreneur" Gideon Stein, CEO and a director of Omnipod, said. The Manhattan-based company already has proven this to clients.
AOL, MSN and Yahoo Join for IM Network July 16, 2004
"Our enterprise customers' No. 1 request has been to enable connectivity with major public IM networks. The ability of Live Communications Server 2005 to connect with these three consumer IM networks -- AOL, MSN and Yahoo -- delivers on that request," Microsoft Corporate Vice President Anoop Gupta said in the statement.
Related News Alerts
More by Susan B. Shor
Salesnet President Jonathan Tang Ready to Take On Salesforce.com February 07, 2006
"We think it's Salesnet's time now. We've been around since the beginning, we've been lying low, but you're going to start to see more of us. We've done it through organic growth and happy customers. We continue to focus on customers."
Comcast Follows Time Warner in Offering 'Family' Programming Tier December 23, 2005
"The demand for this type of tier is coming from the FCC and Christian conservatives. It has nothing to do with legitimate consumer demand," Todd Chanko, senior analyst at Jupiter Media, told the E-Commerce Times.
High-Risk Flaw Found in Symantec's Software December 22, 2005
"Part of the significance of this vulnerability announcement is that your machine can be exploited without you needing to do anything at all. You don't even have to open an e-mail or attachment, and this happens with the default configuration of the product," said Forrester Research senior analyst Michael Gavin.
Headline Feeds
Talkback: 
