IM Threat Center Formed

IMlogic has joined with leaders in the instant messaging and security community to create a new IM
Threat Center. The center claims to be the first broad-based initiative to help IM users
protect themselves against malware threats.

Security firms McAfee and Sybari, as well as IM network providers AOL, Microsoft and
Yahoo have joined IMlogic as part of the effort. The center
will help to provide detection for malware, including Spim (Spam over IM), worms, IM-born
viruses and malicious code.

Francis deSouza, CEO of IMlogic, told internetnews.com that the initiative is
very much an industry collaboration to proactively address the threat of IM malware.

“We’re working with the global IM networks to deploy honeypots or listening posts in the
IM networks that will watch for spam and malware, and then they’ll report them to us,”
deSouza explained. “If we identify something that is Spam or Malware, we’ll let the IM
networks know to see if we can squash it at the network layer itself. We’ll also update
our security partners.”

Waltham, Mass.-based IMlogic offers a number of IM security solutions, including its
IM Manager solution, which is targeted at enterprises.

Back in September the firm
announced a free tool,
IM Detector, to detect and block unmanaged IM, P2P and VoIP activity. The
new Threat Center will help IMlogic’s IM Manager product, deSouza said, but it doesn’t
stop there.

“We’ll also let anybody who signs up on our Web site know via e-mail or IM, and
update knowledge base on the Web site,” deSouza said. “If you are a consumer who is just
getting a notification, as part of the Threat Center we’ll actually tell you more
information about that threat and how to avoid getting it.”

The IMlogic Threat Center is freely available to anyone and is part of IMlogic’s
overall approach to IM security.
“We do believe that a key element of protection is detection,” deSouza explained.
“We view the Threat Center as the cost of doing business in the security world in
which we play.”

In November, IMlogic competitor FaceTime Communications
launched its own
IM security notice initiative. FaceTime’s Instant Response Security Team (FIRST) is an
information and response unit whose purpose is to identify malicious global IM and P2P
activity. The unit also provides countermeasures for the attacks that are supposed to be
provided to the IT community as a whole and also via automated product updates to
FaceTime customers.

IMlogic’s deSouza believes however that there is a fundamentally different approach
between his initiative and that undertaken by his competitor in that IMlogic is focused
on collaboration with the wider security community through the efforts of partners McAfee,
AOL, Yahoo! Microsoft and others.

“Through the honeypots, we are globally watching for malware. We automatically receive
traffic from them if a threat emerges,” deSouza said. “We really want to make sure that
our customers and anybody that signs up to our Web site really benefits from the global
security community out there.”

According to a
recent Radicati Group report,
76 percent of organizations have not deployed a formal IM solution.
The SANS Institute in October
ranked IM among the 10 vulnerabilities on Windows systems.
The risk for not dealing with IM security has not fallen on deaf ears in the IM
community, either. AOL
recently released
a security edition of its AOL Instant Messenger (AIM) 9.0 client.

In IMlogic’s view the greatest threat to IM though may well be the emergence of what
is referred to as blended threats.

“They may come in via IM and they may go out over e-mail. They may hop between
different IM networks or use a P2P client to get out,” deSouza said. “So the worrying
thing is the new emergence of blended threats that are very capable of jumping between networks.”