Instant messaging called "the undefended medium."
Peter Saalfield, IDG News Service
Tuesday, July 05, 2005
A study released today by instant messaging security vendor IMlogic reported that hackers and virus writers are recognizing and exploiting the opportunities presented by IM-based attacks, the numbers of which have risen sharply over the last two quarters.
The number of IM attacks such as viruses, worms, and phishing scams has increased from 20 for all of 2004 to 571 in the second quarter of 2005 alone, representing an increased threat to both enterprise users and the average consumer, the study said.
The study--performed by the IMlogic Threat Center with the support of IT security companies Symantec, McAfee, and Sybari, as well as IM leaders America Online, Yahoo, and Microsoft--reported that 70 percent of IM-based attacks target public IM networks and 30 percent target enterprises.
"IM usage has reached critical mass, and virus writers have now recognized it as a mostly undefended medium," said IMlogic Chief Executive Officer and cofounder Francis deSouza. "These [viruses and worms] are mutating, high-velocity, and invisible to most companies until they hit. All these factors combine to create a serious risk."
IMlogic sells products that protect against IM-based attacks, as do Akonix Systems and Trend Micro.
How Attacks Happen
IM attacks act much like e-mail worms and viruses, stealing information from the user's computer or turning that computer into a so-called zombie by tricking users into clicking on phony links or into opening malicious attachments. IM-based attacks can be even more threatening because people receive false instant messages from a name on their buddy list rather than a strange e-mail address, DeSouza said.
"Having an army of zombies is the economic equivalent of having an oil well," said analyst Alan Paller of SANS Institute. "The two most important things [for a user] to do are block all attachments on IM and to filter IM traffic so you only get it from trusted sites."
The Kelvir, Opanki, and Gabby worms were the most common in corporate environments, the study said.
Most IM Services Vulnerable
Some attacks are tailored to a specific user and appear to be, for instance, a highly personalized message. The study said that these attacks made up less than one percent of the recorded IM attacks. For the most part IM attackers aren't sophisticated enough to single out any one user, Paller said. However rare "targeted" attacks may be, Paller emphasized that they are the most dangerous.
The vast majority--86 percent--of reported attacks involved viruses or worms that capitalize on real-time protocols. The study showed that all of the most successful IM services--AOL Instant Messenger, MSN Messenger, Windows Messenger, and Yahoo Messenger--were vulnerable to and affected by IM attacks.
================
preuzeto sa: http://www.pcworld.com/news/article/0,aid,121711,00.asp
|