Attacks rocket as organized cyber criminals target IM

IT security watchers today reported that the number of recorded attacks using instant messaging (IM) to propagate is rocketing as organized cyber criminals begin to target IM networks.

Researchers from Akonix Systems' Security Center team said that they tracked 62 IM-based attacks in November 2005 – a month-on-month increase of 226 percent. Of this total, 58 worms were found to be variants of previous infections, and four were identified as new worms that were introduced during the month.

But year-on-year analysis of IM attacks reveals a far higher percentage jump. According to the latest data from the IMlogic Threat Center, IM security threats increased by 3,266 percent last month compared with November 2004.

"The rate of IM threat mutations, combined with increasingly sophisticated payloads such as spyware and information gathering agents, clearly indicates that IM threats are now being created by attackers focused on organized cyber-crime," said IMlogic Chief Technology Officer Jon Sakoda.

"This rise in complexity highlights the breadth and depth of the overall IM security risk, causing organizations to recognize the need for best-of-breed threat protection for real-time communications," he said.

The Akonix researchers reported that P2P attacks decreased by 36 percent from October 2005 to November 2005, with a total of 14 attacks targeting P2P networks, such as Kazaa and eDonkey being detected during November.

Akonix reported that the most significant new finding in November was that 36 percent of the IM attacks hit more than one public network, and 13 percent of the IM attacks had the capability to spread through all four major IM networks. According to Akonix, this shows that viruses no longer discriminate against specific IM systems, and can have a far costlier impact in terms of potential damage.

"November marked the highest number of IM threats that we have ever seen to date, proving that hackers see this real-time communications medium as a wide-open security hole in corporate networks," said Don Montgomery, vice president of marketing at Akonix Systems.

"With nearly 50 new attacks this month alone, it's critical that organizations take immediate action to protect their networks. Beyond the loss of employee productivity, the price to clean up a virus is shocking, with some reports estimating the remediation cost of the Blaster virus at nearly half a million dollars per enterprise."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.