IMlogic Threat Center Reports Record Increases in Targeted Attacks on Instant Messaging Networks for Q3 2005; Q3 IM Security Threat Report Reveals IM and P2P Attacks Have Increased More Than Fourteen Times Through the First Three Quarters of 2005.WALTHAM, Mass. -- The IMlogic Threat Center, the industry's first global consortium to provide threat detection and protection for instant messaging Exchanging text messages in real time between two or more people logged into a particular instant messaging (IM) service. Instant messaging is more interactive than e-mail because messages are sent immediately, whereas e-mail messages can be queued up in a mail server for seconds or (IM) and peer-to-peer (P2P See peer-to-peer and point-to-point. ) applications, today issued its Third Quarter 2005 threat report on the rise of IM security threats. The report highlights a 3295 percent increase in Q3, 2005 over Q3, 2004 bringing the year-to-date increase to 2083 percent over 2005 YTD See Year-to-date. YTD See year to date (YTD). . The report released today by the IMlogic Threat Center provides key metrics on the continued attacks IM networks are experiencing from malicious code and worm writers. Key data points released include: --713 unique IM and P2P threats including IM-specific attacks and blended threats, which target IM and P2P applications; --87 percent of reported incidents include IM worm propagation; 12 percent are known to hijack IM file transfer capability to deliver viruses; one percent of reported incidents utilize known client vulnerabilities or exploits; --62 percent of reported incidents over IM networks targeted the MSN Messenger Microsoft's instant messaging (IM) service, which provides text messaging and voice calling. Part of the MSN Network, MSN Messenger clients are available for non-XP versions of Windows, Mac, Pocket PC and MSN TV. For Windows XP, the IM client is Windows Messenger. Client, Windows Messenger The instant messaging (IM) client in Windows XP. Windows Messenger is the XP counterpart to MSN Messenger, both of which have been upgraded to Windows Live Messenger. Organizations can use the instant messaging capabilities in Microsoft Exchange to set up a private IM system. Client and MSN (1) (MicroSoft Network) A family of Internet-based services from Microsoft, which includes a search engine, e-mail (Hotmail), instant messaging (Windows Live Messaging) and a general-purpose portal with news, information and shopping (MSN Directory). Network; --seven percent of reported incidents over IM networks targeted the Yahoo! Messenger Yahoo!'s instant messaging (IM) service, which includes text messaging, voice calling and file sharing. The IM client includes Internet radio and the regular phone calling at rates as low as one cent per minute. Starting with Version 8. Client and Yahoo! Messenger Network; --31 percent of reported incidents over IM networks targeted the AOL Instant Messenger See AIM. Client, AOL Instant Messenger Network, ICQ ("I Seek You") A conferencing program for the Internet from Mirabilis, Tel Aviv, Israel (www.icq.com). It provides interactive chat, e-mail and file transfer and can alert you when someone on your predefined list has also come online. Client and ICQ Network. The IMlogic Threat Center Forecasts Accelerated IM Threat Growth Through the Remainder of 2005 Trend analysis provided in the IMlogic Threat Center Q3 2005 report suggests that IM-borne attacks will continue to increase as hackers capitalize on Cap´i`tal`ize on` v. t. 1. To turn (an opportunity) to one's advantage; to take advantage of (a situation); to profit from; as, to capitalize on an opponent's mistakes s>. the growing popularity of IM in both consumer and corporate environments. The increasing popularity of consumer IM networks, combined with the emergence of federated Connected and treated as one. See federated database and federated directories. enterprise IM environments, continues to drive IM as a popular medium for attacks. The IMlogic Threat Center encourages consumers to protect themselves by keeping operating system operating system (OS) Software that controls the operation of a computer, directs the input and output of data, keeps track of files, and controls the processing of computer programs. patches and anti-virus software up to date, and to exercise caution when using embedded links or file transfer capabilities over the IM channel. Corporate IT departments can additionally leverage IM management and security technology to protect their networks from the risks associated with unmonitored and uncontrolled IM usage. Best practices are available for both enterprises and consumers online at http://www.imlogic.com/im_threat_center/index.asp. The IMlogic Threat Center Q3 2005 report additionally discusses the following attack and vulnerability trends for IM/P2P: 1. The rate of IM worm mutations is escalating: While the majority of IM threat outbreaks continue to occur on a single network, during the Third Quarter of 2005 IM virus writers and hackers continue to increase the sophistication so·phis·ti·cate v. so·phis·ti·cat·ed, so·phis·ti·cat·ing, so·phis·ti·cates v.tr. 1. To cause to become less natural, especially to make less naive and more worldly. 2. of their attacks. 2. IM attacks using social engineering techniques are increasing in effectiveness: During Q3 of 2005, IM worms require end-user interaction to infect host machines, users activate the IM worm payload by clicking on embedded links or accepting and executing files transferred over the IM networks. 3. IM worm outbreaks are difficult to contain: The distribution patterns of typical IM worms indicate once an IM user is infected containing the outbreak is very difficult. 4. IM threats continue to exhibit hyper growth: During the Third Quarter of 2005 the total year-to-date threats for real-time communications passed 1,000 unique incidents, more than 10 times the total threats reported in all of 2004. "Over the past three months the nature of the IM threat has continued to evolve with increasing levels of sophistication and rates of infection demonstrated by IM worms and viruses," said IMlogic Chief Technology Officer, Jon Sakoda. "With the recent addition of the IMlogic Real-Time Threat Protection System, the IMlogic Threat Center is now leading the industry in the earliest threat detection and protection, thereby serving as a continued resource for our customers, our partners and the IM community." Launched with the support of Internet security leaders Symantec, Sybari, and McAfee, and global instant messaging leaders America Online, Microsoft and Yahoo!, the IMlogic Threat Center is the comprehensive knowledge base for known IM and P2P vulnerabilities and provides rapid response and guidance for protection against newly detected threats. About IMlogic, Inc. IMlogic, Inc. is the market leader in enterprise software for instant messaging, the world's fastest growing communications medium of all time. The largest Fortune 1000 companies across the financial services, energy, healthcare, government, media, telecommunications, technology, and manufacturing industries depend on IMlogic to manage, control and secure corporate IM usage, while satisfying compliance requirements associated with real-time electronic communications. For more information on IMlogic call 877-IMlogic or visit www.imlogic.com. Disclaimer The information in this press release is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. IMlogic, IMlogic products and IMlogic IM Manager are trademarks of IMlogic Corporation and/or affiliated companies Affiliated Companies A situation that occurs when one company owns a minority interest (less than 50%) in another company. Also refers to companies that are related to each other in some way. Notes: An affiliated company is sometimes referred to as a subsidiary. in the United States and other countries. All other registered and unregistered trademarks represented in this document are the sole property of their respective companies/owners. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion