RealTime IT News

IM Threat Center Formed

IMlogic has joined with leaders in the instant messaging and security community to create a new IM Threat Center. The center claims to be the first broad-based initiative to help IM users protect themselves against malware threats.

Security firms McAfee and Sybari, as well as IM network providers AOL, Microsoft and Yahoo have joined IMlogic as part of the effort. The center will help to provide detection for malware, including Spim (Spam over IM), worms, IM-born viruses and malicious code.

Francis deSouza, CEO of IMlogic, told internetnews.com that the initiative is very much an industry collaboration to proactively address the threat of IM malware.

"We're working with the global IM networks to deploy honeypots or listening posts in the IM networks that will watch for spam and malware, and then they'll report them to us," deSouza explained. "If we identify something that is Spam or Malware, we'll let the IM networks know to see if we can squash it at the network layer itself. We'll also update our security partners."

Waltham, Mass.-based IMlogic offers a number of IM security solutions, including its IM Manager solution, which is targeted at enterprises.

Back in September the firm announced a free tool, IM Detector, to detect and block unmanaged IM, P2P and VoIP activity. The new Threat Center will help IMlogic's IM Manager product, deSouza said, but it doesn't stop there.

"We'll also let anybody who signs up on our Web site know via e-mail or IM, and update knowledge base on the Web site," deSouza said. "If you are a consumer who is just getting a notification, as part of the Threat Center we'll actually tell you more information about that threat and how to avoid getting it."

The IMlogic Threat Center is freely available to anyone and is part of IMlogic's overall approach to IM security. "We do believe that a key element of protection is detection," deSouza explained. "We view the Threat Center as the cost of doing business in the security world in which we play."

In November, IMlogic competitor FaceTime Communications launched its own IM security notice initiative. FaceTime's Instant Response Security Team (FIRST) is an information and response unit whose purpose is to identify malicious global IM and P2P activity. The unit also provides countermeasures for the attacks that are supposed to be provided to the IT community as a whole and also via automated product updates to FaceTime customers.

IMlogic's deSouza believes however that there is a fundamentally different approach between his initiative and that undertaken by his competitor in that IMlogic is focused on collaboration with the wider security community through the efforts of partners McAfee, AOL, Yahoo! Microsoft and others.

"Through the honeypots, we are globally watching for malware. We automatically receive traffic from them if a threat emerges," deSouza said. "We really want to make sure that our customers and anybody that signs up to our Web site really benefits from the global security community out there."

According to a recent Radicati Group report, 76 percent of organizations have not deployed a formal IM solution. The SANS Institute in October ranked IM among the 10 vulnerabilities on Windows systems. The risk for not dealing with IM security has not fallen on deaf ears in the IM community, either. AOL recently released a security edition of its AOL Instant Messenger (AIM) 9.0 client.

In IMlogic's view the greatest threat to IM though may well be the emergence of what is referred to as blended threats.

"They may come in via IM and they may go out over e-mail. They may hop between different IM networks or use a P2P client to get out," deSouza said. "So the worrying thing is the new emergence of blended threats that are very capable of jumping between networks."