Six companies including three instant messaging programs and two security companies have teamed up to create a new threat center aimed at helping instant messaging and peer-to-peer users defend themselves against malware threats.
The IM Threat Center is the brainchild of IMLogic, an enterprise software maker for instant messaging programs, who rounded up security companies McAfee and Sybari and instant messaging vendors America Online, Yahoo, and Microsoft to create the threat center, which the companies announced December 8.
"As with e-mail before it, instant messaging gives hackers new opportunities to wreak havoc on corporate infrastructures," said McAfee senior vice president of sales Todd Gebhart at the launch. "IMlogic’s solid perimeter IM security, integration with McAfee anti-virus technology and the around-the-clock alerts and expertise delivered through the IMlogic Threat Center help enterprises wall out the latest IM threats."
Sybari vice president of product management Tom Buoniello said more workers use instant messaging on the job and that, while it might give them better productivity and communication it also gives them more information technology threats. "Sybari and IMlogic are working together to provide the solutions needed to keep corporate networks safe from the growing number of viruses, unwanted content (SPIM) and other security risks posed by IM without damaging the productivity it offers," Buoniello said.
"Instant messaging is a global communications medium and increasingly is becoming a target for viruses, worms, and blended-threats," said IMlogic chief executive Francis deSouza. "Through partnerships with Internet security companies such as McAfee and Sybari, and the participation of global IM leaders such as AOL, Microsoft, and Yahoo, we are leading the industry to protect enterprises and consumers from emerging IM and P2P threats."
IMLogic said the threat center would include a comprehensive knowledge-base of IM/P2P viruses and worms built with leading internet security and IM vendors; free alerts and notifications via e-mail and IM of new and emerging IM and peer-to-peer threats for all subscribers; a rapid response and guidance for protection against IM and P2P threats for both enterprises and consumers; protection against spam over instant messaging (SPIM) and known hacker vulnerabilities in the IM clients, servers and networks; and, a broad partner collaboration between IMlogic security analysts, industry-wide Internet security response teams and the global IM providers.
"With one of the most widely used IM networks in the world, America Online takes matters of security very seriously," said AOL senior director for instant messaging network services Brian Curry at the threat center launch. "We applaud IMlogic for its continued efforts to provide value-added security and management services to AIM users through our certified partnership."
Microsoft general manager for realtime collaboration Gurdeep Pall said the threat center is "a great example" of collective industry partnership, "ensuring that our enterprise customers’ instant messaging and collaboration networks are safe, secure and reliable."
Yahoo product management director Frazier Miller said they were joining in support of the IMLogic Threat Center to safeguard Yahoo Messenger users. Miller also said Yahoo would boost its own YM protection and encourage all future such industrywide efforts.
DeSouza said IMLogic is working with the global instant messaging programs to set up listening posts—also known as honeypots—in those IM networks to detect spam and malware and report those threats to the Threat Center.
"If we identify something that is Spam or Malware, we'll let the IM networks know to see if we can squash it at the network layer itself," he said. "We'll also update our security partners."
The IMLogic Threat Center arrives in the wake of recent reporting showing that about 76 of surveyed organizations have no formal IM solutions deployed, according to the Radicati Group, while instant messaging and peer-to-peer networks rank as two of the top ten most vulnerable applications to malware on Windows systems, according to the SANS Institute.
DeSouza said the likely greatest threat to IM and P2P security could be what are known as blended threats. "They may come in via IM and they may go out over e-mail. They may hop between different IM networks or use a P2P client to get out," he said. "So the worrying thing is the new emergence of blended threats that are very capable of jumping between networks."
