IM threats rising sharply, reports confirm

Instant-messaging attacks increased 250 percent in the first quarter compared with the same period last year, new research finds.

Matt Hines Staff Writer, CNET News.com
Matt Hines
covers business software, with a particular focus on enterprise applications.
Matt Hines
3 min read
New research has found that IM-borne security threats have increased dramatically in volume since the start of 2005.

According to a report issued Tuesday by the IMlogic Threat Center--an industry consortium led by security software maker IMlogic--the quantity of instant messaging threats increased 250 percent in the first quarter of 2005, compared with the same period last year. The research, which tracks viruses, worms, spam and phishing attacks sent over public IM networks, also contends that reported incidents of newly discovered IM threats have grown by a whopping 271 percent this year.

In addition, the study found that more than 50 percent of the incidents reported to the Threat Center during the first quarter of 2005 involved attacks at workplaces where freely available IM software such as AOL Instant Messenger, MSN Messenger, Windows Messenger, and Yahoo Messenger is used. Based on that data, the consortium advises that companies take a closer look at managing IM security issues.

Among the other findings of the Threat Center report is that more than 75 new threats on public IM and peer-to-peer computing networks were discovered in the first three months of this year. The group said that 82 percent of the incidents reported to it involved IM virus or worm propagation, while 14 percent dealt with IM file transfer hijacking.

Only 11 percent of the incidents tracked by the Threat Center involved attacks on known vulnerabilities on IM applications.

Of all the IM-borne threats followed by the Threat Center, the Bropia, Kelvir and Serflog worms were found to be the three most frequently detected IM infections at workplaces, the group said. Multiple incidents of IM phishing and identity theft were also reported on IM networks.

At least one IT professional interviewed by the consortium said that the rise of IM attacks has changed the way that businesses are looking to secure their computing networks.

"The steady rise in attacks has put companies like us on the defensive," Ben Palacio, an IT manager at Priority Computer Parts, said in a statement.

A second piece of research published Tuesday by security specialist Akonix Systems backed up the conclusions of the Threat Center report. According to Akonix's research, more than 100 new security threats targeting instant-messaging and peer-to-peer systems surfaced during the first quarter of 2005--a more than 400 percent increase compared with the same period last year.

Akonix attributed the dramatic rise in IM threats to several different factors, including an increase in the number of virus writers focused on the sector and companies' improving success at fending off other forms of online attacks.

"Since the start of 2005, IM networks have been on the receiving end of an unprecedented barrage of security attacks," Francis Costello, chief marketing officer at Akonix, said in a statement. "Unmanaged and unauthorized use of IM within enterprise networks presents an increasingly serious threat to corporate security."

According to at least one industry analyst, the rapid increase in IM threats will likely continue and mirror the development of earlier forms of IT security hazards, such as e-mail-based virus attacks.

"IM has made its way into companies, but it's still not as pervasive as e-mail. So the overall threat to the enterprise isn't yet as severe, but people are certainly sitting up and taking note," said Earl Perkins, analyst with Meta Group. "With the rise of these threats, it's almost like the analogy of the kid with his fingers in the dike, every time you fill one hole there appears to be another one, and the (IM) attacks are a hot spot for activity these days."