Over the last few years, Instant Messaging has emerged as a very popular way of communicating over the Internet. IM is increasing in popularity in both professional and personal applications. However, as with most things Internet based, the increasing use of instant messaging has led to an associated increase in the number of security risks.
Instant messaging (IM) is a real-time supplement to and, in some regards, a replacement for e-mailing. Typically, the a secure messenger used with an instant messaging service will alert a user if somebody on the user’s list of correspondents is on-line. Instant messaging also differs from e-mail in that messages are exchanged directly almost instantly, allowing for a two-way communication in real-time. In this article we take a look at the need for high security and the ways in which the messenger can be made secure.
Instant Messenger Security Issues and the Need for High Security
Malicious hackers or Black Hat hackers have consistently used IM networks as vectors for delivering phishing attempts, “poison URLs”, and virus-laden file attachments from 2004 to the present, with over 1100 discrete attacks listed by the IM Security Center.
Hackers use two methods of delivering malicious code through IM: delivery of viruses, trojan horses, or spyware within an infected file, and the use of “socially engineered” text with a web address that entices the recipient to click on a URL connecting him or her to a website that then downloads malicious code.
Instant Messengers have seen a variety of threats in the past like Backdoor Trojan Horses, Hijacking and Impersonation attempts from Hackers, Denial of Service Attempts and Unauthorized Information Disclosure. All these have occurred in the past, making it important for the user to have high security and strong data encryption.
Instant Messenger Applications: Security and Use of Encryption
It is vital that the organization ensure that the IM service that is employed is as secure as possible. Securing instant messaging is not an easy task. One of the best ways to secure the information being transmitted along an IM network is to encrypt it. There are currently several companies that offer encrypted instant messaging communication.
In addition to encrypting the communication, the main thing a corporation should do to secure instant messaging is to keep logs. However, it is also absolutely vital to keep the logs secure. Furthermore, if file transfer via the instant messaging network is not required, then an instant messaging system that does not allow for files to be transferred should be utilized.
Instant Messengers: Overall Viewpoint
The number of worms for instant messaging is increasing each month, and looking at the success of some of these worms, clearly instant messaging is an up and coming platform for malicious threats. Furthermore, there are many exploits available for the various clients.
As a result, security professionals and end users alike need to be aware of the security issues involved with instant messaging, and download messenger services with the highest standards in data encryption and security. As with any Internet-based technology, the best way to make ensure the security of instant messaging services is to educate users of the risks involved and the means of mitigating those risks, preferably before a serious incident occurs.