nForums.net -> Symantec Warns: IM Worms Could Devastate Business

nForums.net

Arcade Help Search Members Calendar

Outline · [ Standard ] · Linear+

Symantec Warns: IM Worms Could Devastate Business

Track this topic | Email this topic | Print this topic

Bearsland

Jun 20 2004, 03:22 AM

Post #1

Lightning Pool Champion!

Midi Golf Champion!

Pepsi Pinball Champion!

Pool Jam Champion!

Grumpy Old Man

Group: VIP Member
Posts: 494
Joined: 17-March 04
Tournaments Won: 2

From: London. UK
Member No.: 4

QUOTE

Companies whose workers use one of the free public instant-messaging networks, such as AOL, Microsoft, or Yahoo--risk malicious attacks that could make the quick-spreading Sasser worm look like a snail, said a security analyst said Friday.
"In instant messaging, we have a lot of the same security issues as in E-mail and networks," said Eric Chien, a senior researcher with Symantec's security response team. "Attacks can come in as attachments. There have already been some IM-related worms that send themselves to people on your buddy list, and IM lacks encryption."

Public IM services such as those hosted by AOL, Yahoo, and Microsoft are extremely popular in the workplace. According to a recent study by the Ridicati Group, by the end of 2008, 88% of business IM users will rely on a public network.

"No one wants to pay for something that they are already using for free," Ridicati analyst Genelle Hung said in an interview Monday.

Using public IM networks poses some special problems for businesses.

"IM the guy down the hall, and the message doesn't stay within the perimeter, as does E-mail," Symantec's Chien said. "It goes from the desktop onto the broader Internet to, say, Yahoo's servers, then from their servers back to the guy down the hall."

That means it's difficult for a company to secure the clear-text of IM sent over public networks--and makes it much easier for hackers to exploit any IM client vulnerabilities.

Source: Information Week

Full Article: http://www.informationweek.com/story/showA...icleID=22100814

Interesting read and not all that surprising really; it was always going to be the next big target the way it's used/abused by some people. That and the amount of lax security we see in big companies thesedays.

Jobefx	Jun 20 2004, 04:12 PM Post #2
nFm [ not leaving ] Group: Full Member Posts: 71 Joined: 4-April 04 Member No.: 81	Its notoriously easy to read IM messages if you are on the same lan as some one using it. ( I saw a segment on Tech TV about it last year, lol) All it takes is to download a free program and you can listen in on all your friends at work. Buisnesses should hate IM an I dont blaim them the software makers need to fix them. Jobefx P.S. I will look for the software needed to listen to your coworkers/fellow students IMs, its been awhile, if I find it I wil post a link

mcelb1200	Jun 21 2004, 02:45 AM Post #3
nFm [ Level 1 ] Group: Full Member Posts: 240 Joined: 29-April 04 From: Melbourne, Australia Member No.: 94	Anyone know how secure Integrity Messenger is? -------------------- ... just let me see if I can get that log out of your eye...

« Next Oldest · Security · Next Newest »

2 User(s) are reading this topic (2 Guests and 0 Anonymous Users)

0 Members: