Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

9/6/2007
06:27 PM
50%
50%

Time to Guard Your Instant Messaging Traffic

One downside with popular IT technologies is they attract unsavory elements. Akonix Systems Inc. , a vendor specializing in instant messaging security products, reported that the number of instant messaging specific viruses doubled from July to August. The change could mean a shift in hacker priorities, so therefore small and medium enterprises need to take a closer look at protecting their IM traffic.

One downside with popular IT technologies is they attract unsavory elements. Akonix Systems Inc. , a vendor specializing in instant messaging security products, reported that the number of instant messaging specific viruses doubled from July to August. The change could mean a shift in hacker priorities, so therefore small and medium enterprises need to take a closer look at protecting their IM traffic.Instant messaging has evolved from an interesting amenity to a vital business communications tool. The market research firm The Radicati Group expects worldwide Instant Messaging revenue to grow from $203 million in 2007 to $530 million in 20011. Many medium and small businesses are using it to streamline communication and improve productivity.

Unfortunately, such high growth rates attract hackers, who notice a couple of enticing features when attacking instant messaging. With most applications, including email, users open the client software for only a few minutes, complete their work, and then close them. IM does not fit that profile. Because users are never sure when an Instant Message may arrive, this client is often open all day long. This feature provides more opportunities for hackers to try and finagle their way into enterprise networks.

Instant messaging also offers hackers an easy way to spread their malware. Hackers can embed hyperlinks in IM spam that may provide doorways through which other malware may enter corporate networks. Upon seeing a message from a friend or colleague, a user may click on a spam link and not notice that a rootkit was being installed onto his or her system. A rootkit is a tool designed to go undetected by the security software used to lock down control of a computer after an initial hack. The malicious attacker then gains control of the persons computer. The hacker can then distribute malware spam messages to that users IM contact list.

Another problem for users is that many IM systems keep a record of all their conversations. Once a hacker gains access to a computer, he could take this file and send it to everyone on a persons Buddy List. This transgression could create problems, ranging from embarrassment to lawsuits.

Enterprises can take a few steps to lessen the likelihood of IM malware damaging their companies. First they can conduct an inventory and determine how many of their employees now use Instant Messaging and determine whether or not that use is appropriate. They can also turn off the software unless a user is in communicating mode. Last, they can check with their antivirus software supplier; many vendors now have products designed to thwart IM malware. Instant Messaging can be a productivity boom, but companies need to make sure that these conversations are safeguarded so they do not become an operating base for hackers.

How much use does IM have in your company? What steps have you taken to ensure that these transmissions are secure? What would like vendors to do to make Instant Messaging a more secure communications option?

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
'BootHole' Vulnerability Exposes Secure Boot Devices to Attack
Kelly Sheridan, Staff Editor, Dark Reading,  7/29/2020
Out-of-Date and Unsupported Cloud Workloads Continue as a Common Weakness
Robert Lemos, Contributing Writer,  7/28/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-16271
PUBLISHED: 2020-08-03
The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 generates insufficiently random numbers, which allows remote attackers to read and modify data in the KeePass database via a WebSocket connection.
CVE-2020-16272
PUBLISHED: 2020-08-03
The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 is missing validation for a client-provided parameter, which allows remote attackers to read and modify data in the KeePass database via an A=0 WebSocket connection.
CVE-2020-8574
PUBLISHED: 2020-08-03
Active IQ Unified Manager for Linux versions prior to 9.6 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service enabled allowing unauthorized code execution to local users.
CVE-2020-8575
PUBLISHED: 2020-08-03
Active IQ Unified Manager for VMware vSphere and Windows versions prior to 9.5 are susceptible to a vulnerability which allows administrative users to cause Denial of Service (DoS).
CVE-2020-12739
PUBLISHED: 2020-08-03
A vulnerability in the Fanuc i Series CNC (0i-MD and 0i Mate-MD) could allow an unauthenticated, remote attacker to cause an affected CNC to become inaccessible to other devices. The vulnerability is due to improper design or implementation of the Ethernet communication modules of the CNC. An attack...