While e-mail worms and viruses capture the most media attention, another threat to enterprise networks quietly...
looms as a growing menace: viruses transmitted via instant messaging.
As the popularity of instant messaging within the enterprise grows, so does the potential for security threats to organizations that depend on such messaging to communicate. In response, Waltham, Mass.-based IMlogic Inc. today launched a service in partnership with several security and IM software makers that gives administrators and others up-to-date notification of threats, as well as mitigation advice.
The IMlogic Threat Center combines a global network of IM honeypots that listen for threats with a free Web site that details the severity of new threats and how to combat them. The company will also provide notifications of e-mail and IM viruses for a fee, and its customers will receive updates on how to block viruses and worms at the server level.
IMlogic CEO Francis deSouza said IM exploits can spread across the globe more quickly than their e-mail counterparts -- in some cases minutes instead of weeks. And the volume of threats is eerily familiar.
"What's worrying is that it looks exactly like the pattern of e-mail traffic four years ago," deSouza said. "Spam went from 5% of e-mail traffic to greater than 85% of e-mail traffic."
Antivirus, IM vendors on board
Among the partners in the new service are the makers of the three most popular instant messaging clients: America Online Inc. (AOL Instant Messenger), Microsoft (MSN Messenger) and Yahoo Inc. (Yahoo Messenger). Security software partners include McAfee Inc., Hewlett-Packard Co., KVault Software Ltd., Sybari Software Inc. and EMC Corp.'s Legato unit.
"The threats are really starting to rise in the IM front," said Tom Buoniello, vice president of product management at Sybari. "One of the big things we've seen over the past year, it's really gone from the end-user application to being a key part of enterprise applications.
"The threat center is really out there to help create awareness of the issues that are arising," he said. "We've had some good worms this year that were using IM as the vector. It's really going to help education at the enterprise level."
Going beyond traditional alert channels
Brandon Dunlap, an information protection specialist at Baltimore-based Constellation Energy Group Inc., participated in the beta testing for the threat center. He said the service should be valuable to enterprises.
"I think it's a great place to get good information above and beyond what we get from the traditional channels like vendor alert services and our antivirus vendors," Dunlap said. "We rely on getting information as quickly as possible and giving it out."
"It's new in and of itself, so I can't actually say that it's saved my bacon, but I have a feeling it's going to play very heavily into our risk categorization process," he said.
IMlogic's deSouza said the new service will not live in a security vacuum.
"We are sharing intelligence with the other threat centers out there," he said. "Whether we discover it first or they discover it first, it helps all our customers."
Note: This article originally appeared on SearchExchange.com.