In-Depth

Security: Batten Down the (IM) Hatches

IM attacks are on the rise, in part because organizations are deploying unified communications platforms without first hardening them against attacks

Just because you’ve deployed an enterprise-grade instant messaging (IM) solution from a well-known vendor doesn’t mean you’ve mitigated -- let alone completely licked -- the threat posed by rogue, unsanctioned, or illicit IM use in your enterprise environment.

Consider recent research from policy and risk management specialist Akonix Systems Inc., which tracked more than 20 new IM attacks last month -- a sharp rise (more than 160 percent) from March.

Akonix is interested in such statistics because it markets a line of products (including several appliances) that are designed to specifically counteract IM-based attacks. As the increase shows, it’s has been a busy month where IM attacks are concerned. As late as April 30, for example, security researchers identified three new IM threats -- including a Trojan attack (dubbed Flocker.A) that affects Symbian mobile phones.

The Symbian attack highlights the increasing sophistication and complexity of IM attackers: they’re no longer targeting specifically Win32 platforms. With a growing number of IMers using non-traditional platforms (e.g., mobile phones, iPod Touches), IT organizations must work overtime to cover all their bases.

Aknonix also tracked an uptick in attacks against peer-to-peer (P2P networks), a category that includes popular sharing services such as Kazaa and eDonkey; P2P attacks were up 13 percent in April compared to March, according to Akonix.

Akonix researchers say the rise is due, in part, to enterprise IM use, particularly because unified communications (UC) efforts are also on the rise. Organizations are increasingly deploying next-gen instant messaging and unified communications platforms, in some cases without adequately testing -- let alone hardening -- these systems against attack from without.

The result, Akonix officials claim, is a feeding frenzy for attackers.

“With this month's spike in IM attacks, hackers are continuing to penetrate companies as they roll out instant messaging and unified communications platforms for the new year," said Don Montgomery, VP of marketing at Akonix, in a statement. "Enterprises need to realize that implementing new communication and collaboration tools increases the risk of attack as each new application becomes a new vector for infection."

Last month’s increase in IM-related attacks is part of a larger trend. Aknonix also flagged an escalation in IM attacks in February, for example, as well as a sharp year-over-year rise for all of 2007 (see (http://www.esj.com/security/article.aspx?EditorialsID=2945). Last year, for example, researchers discovered 346 new IM-related attacks -- nearly one per day. To put it into perspective, that’s more than the number of reported vulnerabilities for major operating systems platforms such as Windows XP, Windows Server 2003, or even Mac OS.

It isn’t as if the stakes aren’t already high enough, either. Last year, for example, a security consultant was sentenced to nearly 60 years in prison and fined $1.75 million for using IM botnets to hijack PayPal accounts.

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.

Must Read Articles