IMlogic Threat Center Releases Reports: ''2005 Real-Time Communications Security: The Year in Review'' and ''Top 5 IM Security Risks for 2006''.WALTHAM, Mass. -- 2006 poses significant challenges to organizations trying to protect themselves against next generation IM and real-time communications security See COMSEC. attacks The IMlogic Threat Center, the industry's first global consortium to provide threat detection and protection for instant messaging (IM), peer-to-peer (P2P), and other real-time communication (RTC) applications, today released two new reports entitled, "2005 Real-Time Communications Security: The Year in Review" and "Top 5 Instant Messaging Security Risks for 2006." These reports cite an almost 1,700 percent increase during 2005 of reported incidents compared to all of 2004, including a dramatic increase in the depth and breadth of real-time security attacks that include viruses, worms, spam over IM (SPIM (SPam Instant Messaging) Unsolicited advertising appearing in instant messages. Spim is even more annoying than spam. Unlike e-mail ads, which collect in the user's mailbox, an instant messaging ad pops up on screen whenever it is sent. See spam.)/malware and phishing attacks. The "2005 Real-Time Communications Security: The Year in Review" report provides complete data, analysis and discussion of key trends for 2005. Key data points in the report include: --1,693 percent increase in reported incidents of new real-time security threats; --2,403 unique IM and P2P threats, including IM-specific attacks and blended threats which target IM and P2P applications; --90 percent of IM-related security attacks include worm propagation; nine percent are known to deliver viruses; and one percent of reported incidents utilize known client vulnerabilities or exploits; --57 percent of reported incidents over IM networks targeted the MSN Messenger Client, Windows Messenger The instant messaging (IM) client in Windows XP. It is the XP counterpart to MSN Messenger, which is available for other versions of Windows, PDAs and the Mac. It uses the .NET Messenger Service (formerly MSN Messenger Service) to let users with Windows Messenger or MSN Messenger communicate over the Internet. Organizations can use the instant messaging capabilities in Microsoft Exchange 2000 to set up a private IM system. Client and MSN Network; --34 percent of reported incidents over IM networks targeted the AOL Instant Messenger Client, AOL Instant Messenger Network, ICQ Client and ICQ Network; --Nine percent of reported incidents over IM networks targeted the Yahoo! Messenger An instant messenger service from Yahoo! that alerts you if you have e-mail. It includes a voice chat service, which allows two or more people to converse over the Internet. It also allows for regular chat (text) at the same time. See instant messenger and voice chat. Client and Yahoo! Messenger Network. The report also highlights a dramatic increase in the overall sophistication of real-time communications security threats, with the following highlights from 2005: --The first talking, "intelligent" worm was identified (IM.Myspace04.AIM) in 2005. This worm not only broadcast malicious messages to other users of IM but also interacted with potential victims without the infected user being aware of an attempt to dupe potential victims into activating the worm on their local machine. --2005 saw a dramatic increase in the number of mutating attacks, including significant mutations on all the major consumer IM networks. With 140 total mutations and detection on all the major IM networks, the Kelvir worm was the leader in IM threat mutations, followed by Bropia with 29 mutations and Opanki with 26 mutations. --Rootkit A type of Trojan that keeps itself, other files, registry keys and network connections hidden from detection. It runs at the lowest level of the machine and typically intercepts common API calls. For example, it can intercept requests to a file manager such as Explorer and cause it to keep certain files hidden from display, even reporting false file counts and sizes to the user. technologies became one of the mechanisms attackers leveraged to hide their malicious code and malware on infected machines. These types of attacks not only hide the infection from the user but also disable local antivirus security software, change critical operating system files and gain complete access to potentially sensitive information on the host machine. --2005 also saw attackers using worms that took advantage of multi-stacked clients (for example, Windows Messenger) and worms that included support for multiple languages to enable threats to more easily traverse geographic and regional boundaries, increasing the likelihood of IM-related threats causing significant disruption and damage inside enterprise IT domains. "In 2005 we saw a steady increase in the threat volume and hacker sophistication of real-time communications security attacks," said IMlogic Chief Technology Officer Jon Sakoda. "As we enter 2006, these threats will continue to increase in sophistication and agility and will result in increased intellectual property loss, increased IT support costs and other cyber crimes." IMlogic Threat Center Forecasts Continued Growth in IM-Borne Attacks and Releases Top 5 IM Security Risks for 2006 Trend analysis provided in the "IMlogic Top 5 Instant Messaging Security Risks for 2006" report suggests IM and other real-time communications-borne attacks will continue to increase as attackers capitalize on the growing popularity of these technologies in both consumer and corporate environments. The IMlogic Threat Center encourages organizations to take the appropriate measures to protect their end-users against these attacks by implementing real-time security and management protections, keeping operating system patches and anti-virus software up to date, and educating end-users on the risks associated with communications over IM and related channels. The "IMlogic Top 5 Instant Messaging Security Risks for 2006" report includes: 1. Network interoperability and continued IM adoption will accelerate the volume of IM threats: Forecasted growth of both consumer and enterprise IM combined with the increasingly connected nature of disparate IM systems will lay the groundwork for large-scale IM attacks that reach across disparate networks. 2. Expanded IM functionality will increase the number of attack vectors: The convergence of IM, VoIP, virtual conferencing and other real-time communication capabilities will provide new opportunities for the propagation of sophisticated IM attacks. 3. More sophisticated and even "intelligent" worms will increase infection rates: The increasing complexity and agility of IM threats will result in attacks being less likely to be immediately detected by an end-user making these types of attacks more dangerous and costly. 4. Instant messaging will continue to attract cyber-criminals: Cyber-criminals will increasingly be drawn to IM because of its proven ability to efficiently deliver malicious payloads via social engineering tactics. 5. Intellectual property leaks from internal threats will drive financial loss: Intellectual property loss will come to the forefront as IT and security organizations begin monitoring file transfer usage more closely as part of established corporate IM communications policies. Launched with the support of Internet security leaders Symantec, Sybari, and McAfee, and global instant messaging leaders America Online, Microsoft and Yahoo!, the IMlogic Threat Center is the most comprehensive knowledge base for known IM and P2P vulnerabilities and provides rapid response and guidance for protection against newly detected threats. The "2006 Real-Time Communications Security Threat Report" and the "Top 5 Instant Messaging Security Risks for 2006" are available free of charge by visiting the IMlogic Threat Center at http://www.imlogic.com/im_threat_center/index.asp. About the IMlogic Threat Center The IMlogic Threat Center is the first operation to provide detection, analysis, alert, and protection from harmful IM and P2P threats including IM-borne viruses, worms, SPIM, and malicious code. Launched with the support of Internet security leaders Symantec, Sybari, and McAfee, and global instant messaging leaders America Online, Microsoft and Yahoo!, the IMlogic Threat Center is the comprehensive knowledge base for known IM and P2P vulnerabilities and provides rapid response and guidance for protection against newly detected threats. About IMlogic, Inc. IMlogic, Inc. is the market leader in enterprise software for managing and securing instant messaging; the world's fastest growing communications medium of all time. The largest Fortune 1000 companies across the financial services, energy, healthcare, government, media, telecommunications, technology, and manufacturing industries depend on IMlogic to manage, control and secure corporate IM usage, while satisfying compliance requirements associated with real-time electronic communications. For more information on IMlogic call 877-IMlogic or visit www.imlogic.com. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion