IM, chat and P2P network attacks up in 2007

gallery

New figures released today have found they were five unique instant message (IM) and peer-to-peer (P2P) virus attacks on enterprise networks a day in 2007.

At the same time, uncontrolled use of greynets on enterprise networks has grown significantly over the past year, which include real time, always on applications including IM and web conferencing among others according to IM security specialist FaceTime Security Labs.

The GreynetsGuide website, managed by FaceTime, found most organisations operate between eight and 10 greynets in their networks and, along with rising employee usage, can increase risk exposure to viruses increasingly targeting IM, chat and P2P vectors.

Frank Cabri, vice president of marketing and product management for FaceTime said that, while many greynet applications have legitimate business uses, there are also many that do not.

"IT managers need to ensure the safe use of approved applications and effectively detect and block the rogue use of unapproved applications," he said, highlighting the 1,088 incidents reported over all IM, P2P, and chat vectors during 2007.

The research found the most heavily targeted IM network was Microsoft MSN (45 per cent), followed by Yahoo! with 20 per cent and AOL with 19 per cent. The remaining 15 per cent included all other IM networks, including Jabber-based ones. And attacks on these private networks have more than doubled since 2003, rising from seven per cent of all IM attacks to 15 per cent in 2007.

It also notes a shift in the non-IM vectors also used to distribute viruses, highlighting that internet relay chat (IRC) distributed attacks were up 14 per cent during 2006-7, along with a rise in socially engineered attacks on sites like MySpace.

"Many hacks and scams are creeping into the mainstream areas of MySpace and other social networking sites, as the perpetrators become bolder and more aggressive," said Chris Boyd, FaceTime director of malware research.

In tandem, the security firm predicted the number of greynets currently in use worldwide will increase from more than 600 currently to over 1,000 by the end of 2008.

Other commonly downloaded applications classed as greynets also include newer plug in-type applications like search engine tool bars and online social networking sites, multimedia distribution portals, internet protocol television (IPTV) and web 2.0 applications that enable liberal user customisation and require continual revisiting of enterprise network usage and compliance policies.

Further 2007 research findings can be found on the FaceTime Security Labs blog.

Email to a friend

Print this page