Group formed to track IM threats

A group of internet security and instant messaging (IM) providers have teamed up to detect and thwart the growing threat of IM...

A group of internet security and instant messaging (IM) providers have teamed up to detect and thwart the growing threat of IM and P2P viruses and worms.

The consortium, led by corporate IM software suppliers IMlogic, is setting up a threat centre to analyse and warn against the vulnerabilities. It is offering free alerts and e-mail notifications of risk assessments and threat management for subscribers.

The group also includes security companies McAfee and Sybari Software, and leading IM providers Yahoo, America Online and Microsoft.

IMlogic said they will be working together, along with other industry partners and security experts, to monitor and detect security risks to IM networks, as well as unwanted content such as spam over IM.

The group's formation follows evidence that security threats against IM and P2P networks are growing.

Internet security firm Symantec estimated that viruses and worms spread on IM and P2P networks grew 400% from 2002 to 2003. This year it has seen continued threats, including some targeted against the MSN Messenger and ICQ instant messaging systems.

Furthermore, a list of the top security vulnerabilities recently released by the SANS Institute put both file sharing and IM vulnerabilities in the top 10 for Windows users, as researchers labelled them new categories of risk.

"IM and P2P viruses and worms aren't as widespread as those in e-mail but they are definitely a threat to a lot of people," said Carole Theriault, a security consultant at Sophos.

Smaller companies are particularly at risk because they often focus on using antivirus software to protect their e-mail but overlook using firewalls to guard their servers and desktops, Theriault said.

In addition to viruses targeted at IM, malicious code is also often spread through messaging, allowing it to be easily obtained and tweaked by amateur virus writers to produce myriad and hard-to-track variants of threats, according to Theriault.

IMlogic's consortium is hoping to get a better idea of the kinds of security vulnerabilities lurking on IM networks through global monitoring and broad industry feedback.

The effort is being co-ordinated at the IMlogic Threat Center at Internet users can also sign up for threat alerts at the site.

Three high-risk and three medium-risk virus alerts had already been posted at the threat centre.

Scarlet Pruitt writes for IDG News Service

Read more on IT risk management