Your Next IM Could Be Your Network's Last

A significant rise in instant messaging threats will eventually lead to an automated worm that will strike hundreds of thousands of machines in seconds, IM security firms warn. Of particular concern is the recent big boost in the maliciousness of the IM exploits.
IMlogic, for instance, uses something it calls RTTPS (fro Real-Time Threat Protection System) to shut down an attack, even a nearly-instantaneous one. "RTTPS looks at client behavior in the client protocol or the system itself, then when it detects odd behavior, blocks any transmission from that client to others on the network," said Gilliland.

"Typically, we can stop an attack within five messages sent by an infected client."

FaceTime, a Foster City, Calif.-based IM security firm, is so sure that its behavioral-based defense will stop attacks that it issued a "Worm Free Guarantee" on Tuesday as it launched IMAuditor 6.5, saying that it would compensate customers "upon a single instance of an IM worm propagating in the customer's environment."

"Even a short 'window of vulnerability' for IM based attacks is unacceptable," said Kailash Ambwani, FaceTime's chief executive, in a statement announcing the guarantee. "Enterprise organizations require a solution that prevents new infections before they start."

Editor's Choice
Samuel Greengard, Contributing Reporter
Cynthia Harvey, Freelance Journalist, InformationWeek
Carrie Pallardy, Contributing Reporter
John Edwards, Technology Journalist & Author
Astrid Gobardhan, Data Privacy Officer, VFS Global
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing