IM -- a Threat to Network Security

Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Employees using instant messaging could be opening up gaping holes intheir companies' network security.

Viruses aimed directly at instant messaging (IM) software, along with alack of security for IM freeware, are creating big problems, accordingto Eric Chien, chief researcher for Symantec Security Response.

And to make matters worse, many, if not most, IT administrators don'thave policies regarding instant messaging, and many don't even know howmany end users have it installed on their desktops and laptops. Thatmeans there are potential problems and security lapses thatadministrators aren't even aware of.

''At conferences, when we ask if people are using instant messaging,everyone raises their hands,'' says Chien. ''But when we ask who has apolicy about it, maybe 50 percent raise their hands... It's a problem.''

Not so long ago, email surpassed the telephone as the key form ofcommunication in the workplace. People could send and receive emailswithout interrupting their work flow. They could contact severalcolleagues with one message. They could open a message and read it whenthey had an opening instead of when the phone was ringing.

But today, instant messaging is nipping at the heels of email for thetop rung on the communication ladder. Messages can travel back and forthin real time, enabling colleagues or business partners to communicate inreal time. Buddy lists enable coworkers to see when you're online andavailable. Away messages keep bothersome interruptions at bay.

All of that has made instant messaging popular. And that popularity hasmade it dangerous.

''Instant messaging has become so popular that we're getting the classicissues that we've had with email,'' says Chien. ''IM can attach andtransfer files, so viruses and worms can attach themselves. There areworms that will send themselves to everyone on your buddy list.''

Actually, between 2002 and 2003 there was a 400 percent increase in IMmalware, according to Symantec's figures. Since 2002, 25 instantmessaging worms have been released into the wild, with about 20 of themcoming out last year alone. At least five or six have hit the wild sofar this year, reports Chien.

''It's a continuing threat,'' says Steve Sundermeier, a vice presidentfor Medina, Ohio-based Central Command. ''Virus writers are alwayslooking for a new vector for infection... As companies secure theiremail gateways, virus writers will be looking for alternative oradditional ways to get their viruses inside.''

However, with relatively so few viruses and worms targeting instantmessaging software, Chien and Sundermeier agree that the biggestsecurity threat comes through unencrypted messages traveling acrossfree, public software.

''What people should be the most worried about is that the IM trafficwith the popular free clients is unencrypted today,'' says Chien. ''Ifyou use free messaging, people can sniff the traffic and read yourmessages. It's something hackers do all the time.''

Chien explains that if an employee is using IM to send a message to acoworker down the hall or even in the next cubicle, the message travelsoutside the building and through outside servers where it easily couldbe picked up.

''Even if you're talking to the guy in the cube next to you, yourmessage may go halfway around the world before it gets to the guy in thecube next door,'' says Chien. ''Sensitive business matters are exposedto the general Internet for people to potentially sniff and view.''

Central Command's Sundermeier says the best thing for IT administratorsto do is to create a corporate policy regarding IM usage. He suggeststhat users not be allowed to use any freeware. The company should buyinstant messaging software designed for internal communications somessages don't needlessly travel across a remote server. They shouldalso make sure the IM software they're using has encryptioncapabilities.

Chien also recommends that IM shouldn't be used for sensitiveinformation. And users should be reminded that they need to follow safecomputing practices when using instant messaging. That means they shouldnever open an executable and they should be careful around anyattachments.

Submit a Comment

Loading Comments...