A few weeks a friend of mine got hit with an IM bug. It was quick, painful, and pretty much fitted the definition of "as much fun as a sharp stick in the eye."
Apparently my friend is not alone. The IMlogic Threat Centre, a global consortium that provides threat detection and protection for IM and peer-to-peer (P2P) applications, recently issued its second quarter 2005 report on the rise of IM security threats.
Launched with the support of the Internet security vendors Symantec, Sybari Software and McAfee, and the IM providers America Online, Microsoft and Yahoo, the IMlogic Threat Centre is a knowledge base for known IM and P2P vulnerabilities and provides rapid response and guidance for protection against newly detected threats.
So how much have IM threats increased over the past year? How does 2,747 percent grab you? You'd love to see that number next to your pension fund, I'd bet.
The report says there has been a "sharp" (there's an underwhelming adjective) 2,747 percent increase in new IM threats - including viruses, worms, SPIM (spam over IM), malware, and phishing attacks - in the second quarter of 2005 compared with the same period a year ago. IMlogic also issued more than 15 priority alerts to enterprises and IMlogic Threat Centre subscribers in second quarter 2005 in response to the increasing frequency of reported IM threats. Sounds like a busy quarter at the Threat Centre.
More than 70 percent of externally reported incidents to the IMlogic Threat Centre in the second quarter of 2005 were attributed to enterprises and small businesses utilising popular IM applications such as AOL Instant Messenger, MSN Messenger, Windows Messenger and Yahoo Messenger.
The report also makes note of several attack and vulnerability trends for IM/P2P:
IM worms mutate across network boundaries: Second quarter 2005 saw an increase in the number of IM worms that simultaneously propagated across both public and private IM networks, infecting organisations with both standardised IM clients as well as heterogeneous IM usage.
IM worms undermine end-user security through effective social engineering: IM threats utilise "social engineering" techniques to capitalise on successful infection vectors, using casual chat techniques, trusted buddy lists and end-user vulnerabilities as targets. In other words, they know what you're doing with your IM service.
IM worms infect transparently and are difficult to quarantine: IM worms infect organisations rapidly and transparently, spreading to a large percentage of vulnerable users in less than one hour. IM worms capitalise on real-time protocols which make detection, quarantine, and response a challenge for corporate environments. I think that speaks for itself. These are not slow-moving zombies; these are fast moving little buggers, like the monster in Alien.
IM threats hit critical growth levels: There was an exponential increase in the volume of reported incidents of IM and P2P threats in second quarter 2005, as hackers and virus writers zero in on these programs and their increasingly wide use. And, unfortunately, it's likely these numbers will just keep growing.
With all this data now available on the threats to IM, it's hardly surprising to see more companies offering additional security products to counter this trend. For instance, Trend Micro last week added IM Security for Microsoft Office Live Communications Server, and InterScan Messaging Security Suite. IM Security for Microsoft Office Live Communications Server is designed to prevent recent worms such as Bropia, Kelvir and Fatso from using IM to propagate themselves.
Expect to see more: With a 2,747 percent year-over-year growth rate in IM threats, I'm sure security vendors see a huge opportunity.