Instant messaging threats become more sophisticated

Instant messaging (IM) is fast becoming the target of choice for hackers as more enterprises deploy and use IM company-wide.

In a recent report from FaceTime Communications, a security provider for greynet applications, security incidents targeting public IM and P2P channels increased by 6% since the fourth quarter of 2006, with the complexity of attacks increasing -- especially in the form of globalized malware. Researchers also found that these attacks have reached an average of five per day during the first quarter of 2007.

@34945

"The cyclical pattern indicates that the market has matured, with high penetration of IM in the enterprise and a steady cadre of attackers aiming at it," said Frank Cabri, vice president of marketing for FaceTime Communications. "The maturity can also be seen in the increasing complexity and globalization of threats."

Previous studies have found that attacks typically increase in the spring and fall, while they lull in the winter and summer. Researchers said they expect to see an increase in incidents during the next two months, based on previous averages, with a slight dip in the rate of incidents in the summer.

Chris Boyd, director of malware research at FaceTime Communications, noted that IM use now encompasses thousands of global users who utilize it for work-related reasons. Enterprises should create and implement acceptable-use policies dictating use after deployment.

FaceTime Communications' Q1 2007 IMPact Report also found that mainstream public IM networks, including AOL, MSN and Yahoo, continue to have the majority of IM-based attack incidents. But as more enterprises -- such as Reuters or semi-private Jabber-based networks -- deploy IM or IM networks, industry-specific networks are receiving an increasing share of attacks.

Boyd said that the last six months to a year have seen more inventiveness in the style of attacks -- evidence of Western marketing skills, increased sophistication and social engineering is apparent. Conversely, he said, as people become more aware of the threats they and their companies can face from IM, the more prepared they are to deal with the issues.

"It's been a real eye-opener to see how traditional companies are adapting and changing with the technology and because of the security threats that result from it," Boyd said.

FaceTime's report indicated that the frequency and complexity of threats will continue to increase. As enterprises step up their use of IM, IT departments should increase their level of monitoring on these channels.

"In the last three to four months, there has been a steady increase in Chinese malware. It has gone beyond the odd file every now and then to finding something new almost every day," Boyd said. "This is evidence that clever hackers across the globe are realizing the potential to make money from unauthorized installations."