The Center released the following statistics highlighting the increasing threat level to business and consumer users of IM applications:
Threat Analysis:
- IM threats in December 2005 increased 826 percent over December 2004
- IM threats in December 2005 grew by an additional 241 threats; adding to more than 300 for November 2005 and 292 in October 2005
- In December 2005, 41 percent of new threats targeted AOL Instant Messenger, with 48 percent targeting MSN and 11 percent targeting Yahoo!
- Worms made up 87 percent of new threats with viruses at 12 percent and phishing attacks over IM at one percent
- First talking "intelligent" worm identified (IM.Myspace04.AIM).
Addressing the IM Security Dilemma
The latest release of threat data reinforces the fact that traditional anti-virus software is not sufficient to protect against the rapid mutation and spread of the latest IM security threats. Traditional anti-virus products rely on known threat signatures to protect organizations, often racing to release a signature after an outbreak has already been identified. The rapid proliferation of IM threats makes them increasingly more difficult for traditional reactive security approaches to keep pace. The inherent real-time nature of IM combined with the latest trend of increasingly destructive IM threats highlights the urgency for which specialized, proactive IM threat protections are needed.
"The growth in the level of sophistication and the advanced nature of the malware payloads such as root kits and information gathering agents sends a signal to IM users that IM security is no longer a 'nice to have' technology," said IMlogic Chief Technology Officer Jon Sakoda. "This rise in complexity and destructive nature of the threats requires organizations and individuals to put in place more adequate protections."
