Worms that exploit holes in instant messaging systems are now a real threat to corporate systems, security software...
company Symantec has warned. Highlighting the risk to IM users, Symantec said such worms could infect hundreds of thousands of computers in seconds. The rapid adoption of IM by companies, allied with the growing number of security holes in the technology, mean infection and information theft are now a significant risk to business, Symantec said. There are 60 published IM vulnerabilities, ranging from security holes that could crash IM clients in denial of service attacks to those that allow hackers to install malicious code remotely. These are already being used to compromise machines, said Eric Chien, chief researcher at Symantec Security Response. The vulnerabilities could become particularly dangerous, he said, if they were combined with hacking applications to create IM worms that could capture a remote user's list of IM "buddies". Earlier this year, in a survey of 50 IT departments in UK investment banks, about half of companies said that IM networks were widely used in their organisations and important transactions were being made via free IM networks such as AOL, MSN and Yahoo. These applications are designed to be fast and support hundreds of thousands of users rather than be secure, said Neal Hindocha, researcher at Symantec Security Response. Users' passwords are not encrypted and can be obtained easily from Windows systems or IM traffic, he warned. Vanson Bourne Research, which conducted the survey of investment banks, said companies need to address the dangers of IM use themselves, because regulatory bodies such as the Financial Services Authority have largely ignored the technology. "Monitoring of e-mail is now corporate policy for most institutions, but regulatory pressure has yet to be extended to IM conversations that happen on free, public networks," said Kevin Withnal, director at Vanson Bourne. Last October, information services company Reuters launched its own IM service in an attempt to regulate the use of the technology in its business.
How to safeguard against IM worms
Assess the business need for instant messaging, which is often used for personal communication
Invest in enterprise-class instant messaging products that use encryption
Block communication ports used by common instant messaging software
For software that communicates using essential ports, such as those used for web traffic, implement full inspection firewalls.
Source: Symantec Security Response