The messaging environment continues to evolve at an incredibly alarming rate. When Samuel Morse typed the message, "What hath God wrought!" on 24 May 1844, the world of message delivery changed forever. But never has it changed more than in the past 5-to-10 years with the explosion of email and Instant Messaging (IM). Once limited to desktops, IM is now available via handheld devices and cell phones, allowing users to chat from virtually anywhere, even becoming a staple mode of communication in business environments. With recent developments making IM protocols interoperable, users from one network are now about to communicate with users on another network.
However, IM is accompanied by its own share of security risks. Because IM is generally unprotected and unmonitored, it's vulnerable to attacks and can easily expose all users in an IM contact list to the same attacks via IM sent from that machine, creating the potential for rapid proliferation. In such a scenario, it's likely that any malicious code that propagates through one of the protocols will also propagate through the other, potentially impacting more users with minimal effort.
The most prevalent threats to IM include:
* Worms and Trojan Horses
Similar to threats sent by email, worms and Trojan horses via IM can compromise the integrity of IT systems. Too many IT departments focus on solely on email threats because they are not aware of the number of people using IM in their businesses. This is because individual users can load IM programs directly onto local computers, and IM traffic is often undetectable at the network level. According to the IMlogic Threat Center, "90% of IM-related security attacks included worm propagation; 9% delivered viruses; 1% exploited known client vulnerabilities or exploits." Via an IM program, it's possible for a Trojan horse to configure the client to give access to all files on a computer via peer-to-peer file sharing. Ultimately this opens up the entire computer system to attackers.
* Password Stealing and Impersonation
Hackers can use Trojan horses to gain access to an IM password if it's stored on the computer. Using this method, hackers can have access to the user's screen name and the user's entire list of IM contacts. Impersonation is not only harmful to the victim whose password has been stolen, but to anyone who interacts with the hacker and divulges personal information, or executes any files sent by the hacker under the guise of the user.
* Theft of Log Files
Similar to other forms of information theft, IM log files, which may be stored on a user's computer, are vulnerable to hackers. In many cases, these files may contain sensitive or private data from a past IM conversation the user has long since forgotten about. This information is readily available via IM logs, however, and can be devastating to businesses if exposed, causing tainted reputations, legal problems, and in some cases, loss of the business.
*Denial-of-Service (DoS) Attacks
A DOS attack via IM happens when a hacker sends a flood of messages for the purpose of overloading the resources of a computer or network. By the time the victim tries to add the hacker's screen name to the list of parties that the IM program should ignore, the computer may freeze or crash. Though DoS attacks tend to be more of a hassle and less of a threat than other types of hacks, they can be harmful when hackers combine DoS attacks with other security breaches such as shutting out users from their accounts to hijack systems.
* Privacy Intrusion
Outside parties can capture information to use in malicious ways, and employees may not be aware of the ramifications of their IM conversations. Businesses could be legally or financially at risk if employees send confidential information that's subsequently gathered by outside parties. Many IM programs don't offer encryption, making it easy for a third-party to eavesdrop on IM conversations using different types of programs such as packet sniffers. Businesses can deal with these risks by enforcing an IM policy that restricts the type of information that can be exchanged via IM and setting up a system to encrypt IM conversations.
TO BE CONTINUED ON PAGE 2
