Friday, October 22, 2021

Growing IM Attacks Threaten the Enterprise

More and more companies are embracing the benefits of instant messaging as a corporate

application. But many are leaving such applications uncontrolled and vulnerable, and the

potential for attack is sending shivers down the spines of network administrators.

Email still takes priority over instant messaging (IM) when it comes to corporate security,

according to a recent poll of 100 organizations conducted by Akonix Systems, Inc., a San

Diego-based provider of IM security software. The survey shows that only 11 percent have IM

hygiene solutions in place, compared to 73 percent that take care of email. Additionally,

almost 50 percent of respondents say deploying an IM hygiene solution never crossed their

minds.

Industry observers say this gap between the security applied to email and that applied to IM

is particularly alarming since 47 percent of respondents indicate that the people in charge

of email also are responsible for securing instant messaging.

Globally, IM use is on the rise with nearly 12 billion instant messages being sent every

day, according to IDC, an industry analyst firm based in Framingham, Mass. IM use isn’t the

only thing on the rise, however. Attacks on instant messaging are going up, as well.

Akonix tracked 62 IM-based attacks last November, and saw a 226 percent increase over the

previous month, according to Don Montgomery, vice president of marketing for Akonix.

The primary reason organizations are not focused on IM security, despite the increase in

attacks, is that there hasn’t been a major IM virus outbreak yet, according to Osterman.

While email systems have been pounded by malware attacks, the viruses and worms hitting

instant messaging haven’t made as much of a splash yet since the damage has been low, so

far.

And many network administrators think the protections they already have in place will

safeguard IM, as well.

”There’s a perception that a lot of investments made in firewalls and perimeter security

will protect [networks] from viruses,” Osterman says. ”They would be wrong, though,

because instant messaging uses unique protocols and a firewall won’t be able to scan instant

messaging for content or for malicious URLs or for the file transfer for viruses.”

Osterman adds that firewalls work by shutting down ports. But public IM clients, like Yahoo,

AOL and MSN, which many employees use in lieu of a corporate standard, are port seeking.

”You can shut down one port and the public IM clients will find another,” he explains.

IT administrators at Kforce Professional Staffing, based in Tampa, Fla., aren’t going to let

that happen. The professional staffing firm has taken prescriptive steps to ensure that its

approximately 1,400 employees, who are situated around the U.S., are protected.

”We didn’t want to hinder productivity since… we believe [instant messaging] will be a

good tool for employees, especially if someone in one office wants to discuss a job with

someone in another office. It’s real time,” says Jon Portz, network security lead at

KForce. ”We had anti-virus software in place… but it can’t stop a direct attack on a

buddy list on AIM, which is quite vulnerable to buddy list hijacking.”

Administrators at Kforce decided to bring in an instant messaging security and management

system to handle ”uncontrolled use of IM, whatever the client”. Portz adds that they also

wanted to prevent ”information leakage”, and have the ability to track and log employees’

IM sessions.

The enterprise instant messaging security market is burgeoning. Other providers include

FaceTime Communications, IMLogic, which was recently acquired by Symantec Corp., Postini,

Inc. and ScanSafe, Inc.

Since moving to Akonix, which Portz says provided granularity of control and customization

features, KForce has standardized on MSN and AIM clients until it moves to an internal IM

solution.

Akonix gives Portz the ability to create reports on usage and do keyword searches if he

wants to check on employees discussing a particular subject. ”Compliance is gaining concern

here,” he notes. ”Our HR and legal departments have given us directives to treat IM as

email.”

Company administrators are looking at integrating Akonix with their Legato mail archive

system, which would give them the ability to archive all instant messages as if they were

email and attach the conversations to a specific user, Portz notes.

”If something questionable comes across Akonix, I get an email,” Portz says. Since Kforce

doesn’t allow use of the extended attributes of IM — raw chats only — an employee will

receive a notification that they have violated company policy if they try to do something

like an audio/visual session, for example.

”We also get an alert from Akonix if anything outside of the policy boundaries, like file

transfers, occurs,” he adds. ”Executives used to be very afraid of IM. Trying to lock it

all down and turn it all off is harder than you think… Having an instant messaging

security management system in place gives a heck of a lot more peace of mind.”

Osterman says it’s a given that there will be a big outage caused by instant messaging.

”Its not a matter of if, but when.”

He estimates the cost of implementing an IM security system at about $10 per user. ”We

point out to companies,” he notes, ”that they’re spending more on coffee every year for

their employees than to protect themselves from outside threats.”

Similar articles

Latest Articles