Employees using instant messaging could be opening up gaping holes in
their companies’ network security.
Viruses aimed directly at instant messaging (IM) software, along with a
lack of security for IM freeware, are creating big problems, according
to Eric Chien, chief researcher for Symantec Security Response.
And to make matters worse, many, if not most, IT administrators don’t
have policies regarding instant messaging, and many don’t even know how
many end users have it installed on their desktops and laptops. That
means there are potential problems and security lapses that
administrators aren’t even aware of.
”At conferences, when we ask if people are using instant messaging,
everyone raises their hands,” says Chien. ”But when we ask who has a
policy about it, maybe 50 percent raise their hands… It’s a problem.”
Not so long ago, email surpassed the telephone as the key form of
communication in the workplace. People could send and receive emails
without interrupting their work flow. They could contact several
colleagues with one message. They could open a message and read it when
they had an opening instead of when the phone was ringing.
But today, instant messaging is nipping at the heels of email for the
top rung on the communication ladder. Messages can travel back and forth
in real time, enabling colleagues or business partners to communicate in
real time. Buddy lists enable coworkers to see when you’re online and
available. Away messages keep bothersome interruptions at bay.
All of that has made instant messaging popular. And that popularity has
made it dangerous.
”Instant messaging has become so popular that we’re getting the classic
issues that we’ve had with email,” says Chien. ”IM can attach and
transfer files, so viruses and worms can attach themselves. There are
worms that will send themselves to everyone on your buddy list.”
Actually, between 2002 and 2003 there was a 400 percent increase in IM
malware, according to Symantec’s figures. Since 2002, 25 instant
messaging worms have been released into the wild, with about 20 of them
coming out last year alone. At least five or six have hit the wild so
far this year, reports Chien.
”It’s a continuing threat,” says Steve Sundermeier, a vice president
for Medina, Ohio-based Central Command. ”Virus writers are always
looking for a new vector for infection… As companies secure their
email gateways, virus writers will be looking for alternative or
additional ways to get their viruses inside.”
However, with relatively so few viruses and worms targeting instant
messaging software, Chien and Sundermeier agree that the biggest
security threat comes through unencrypted messages traveling across
free, public software.
”What people should be the most worried about is that the IM traffic
with the popular free clients is unencrypted today,” says Chien. ”If
you use free messaging, people can sniff the traffic and read your
messages. It’s something hackers do all the time.”
Chien explains that if an employee is using IM to send a message to a
coworker down the hall or even in the next cubicle, the message travels
outside the building and through outside servers where it easily could
be picked up.
”Even if you’re talking to the guy in the cube next to you, your
message may go halfway around the world before it gets to the guy in the
cube next door,” says Chien. ”Sensitive business matters are exposed
to the general Internet for people to potentially sniff and view.”
Central Command’s Sundermeier says the best thing for IT administrators
to do is to create a corporate policy regarding IM usage. He suggests
that users not be allowed to use any freeware. The company should buy
instant messaging software designed for internal communications so
messages don’t needlessly travel across a remote server. They should
also make sure the IM software they’re using has encryption
capabilities.
Chien also recommends that IM shouldn’t be used for sensitive
information. And users should be reminded that they need to follow safe
computing practices when using instant messaging. That means they should
never open an executable and they should be careful around any
attachments.
Huawei’s AI Update: Things Are Moving Faster Than We Think
FEATURE | By Rob Enderle,
December 04, 2020
Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 18, 2020
Key Trends in Chatbots and RPA
FEATURE | By Guest Author,
November 10, 2020
FEATURE | By Samuel Greengard,
November 05, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 02, 2020
How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 29, 2020
Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 23, 2020
The Super Moderator, or How IBM Project Debater Could Save Social Media
FEATURE | By Rob Enderle,
October 16, 2020
FEATURE | By Cynthia Harvey,
October 07, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
October 05, 2020
CIOs Discuss the Promise of AI and Data Science
FEATURE | By Guest Author,
September 25, 2020
Microsoft Is Building An AI Product That Could Predict The Future
FEATURE | By Rob Enderle,
September 25, 2020
Top 10 Machine Learning Companies 2020
FEATURE | By Cynthia Harvey,
September 22, 2020
NVIDIA and ARM: Massively Changing The AI Landscape
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
September 18, 2020
Continuous Intelligence: Expert Discussion [Video and Podcast]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 14, 2020
Artificial Intelligence: Governance and Ethics [Video]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 13, 2020
IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI
FEATURE | By Rob Enderle,
September 11, 2020
Artificial Intelligence: Perception vs. Reality
FEATURE | By James Maguire,
September 09, 2020
Anticipating The Coming Wave Of AI Enhanced PCs
FEATURE | By Rob Enderle,
September 05, 2020
The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
August 14, 2020
Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.
Advertise with TechnologyAdvice on Datamation and our other data and technology-focused platforms.
Advertise with Us
Property of TechnologyAdvice.
© 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this
site are from companies from which TechnologyAdvice receives
compensation. This compensation may impact how and where products
appear on this site including, for example, the order in which
they appear. TechnologyAdvice does not include all companies
or all types of products available in the marketplace.
