Instant Messaging attacks jump 500 percent in May Postini stopped numerous IM viruses and worms such as Browaf, Tilebot, and Khoobe from infiltrating customers' networks. Postini’s attack statistics were published in the same week that Gartner warned companies to take the threat of Instant Messaging based attacks seriously. In a session at the Gartner IT Security Summit, in Washington D.C, Gartner said that, while enterprises have made improvements in securing their e-mail systems, companies need to implement better strategies to protect themselves from IM attacks. As IM use increases, so do IM threats, typically viruses, as attackers begin to shift focus from better-protected e-mail systems to IM. Gartner analysts said IT administrators who do not manage and protect public IM will experience 80 percent more IM-related security incidents than those that do. "IT organizations must keep this threat in context and balance it against the productivity benefits of IM," said Peter Firstbrook, research director for Gartner's Information Security and Privacy research group. "Employees report benefiting from faster decisions, higher productivity and lower telecommunications costs when they use IM. However, organizations must plan for and build a strategy for IM management and security, much like they have for e-mail." Gartner analysts identified a number of risks of uncontrolled IM including: * Lack of regulatory compliance involving records retention, communications limitations between employees and auditing of communications, among others * Lack of universal encryption or widespread use of encryption can result in confidential or secret data being exposed in IM communications * Lack of records or universal naming conventions can result in disputes over what was communicated and with whom, when business deals are conducted over IM networks. * Lack of visibility into IM usage can result in noncompliance with acceptable usage of enterprise assets, such as transfer of pornography, or salacious messages, and playing multiplayer games. IM viruses are transmitted in two ways — as executable file attachments or as hyperlinks in IM text directing victims to malicious Web servers. In most cases, viruses are not automatically executed. Rather, they exploit social engineering tactics and an unjustified trust in IM buddy lists to convince victims to open unknown files or click on links. "Dedicated IM hygiene products are the best way to protect and manage IM usage — though simply filtering active URL hyperlinks and all file attachments will be effective at eliminating 90 percent of IM viruses, and many of these threats will be detected by desktop antivirus products," said Mr. Firstbrook. "Training end users to be more skeptical of instant messages, even those from their buddy lists, should also be part of an overall strategy. Finally, the usual precautions of rapid patching, antivirus software and personal firewalls remain effective against IM threats."
•Date: 7th June 2006• Region: World • Type: Article •Topic: ISM |
