Instant Messaging software (IM) as a business tool can be rather powerful, but any instrument can be abused, especially if unmanaged. The better way to manage any communication is to guarantee that communication is directed through a central point, like a gateway. Vendors have worked this and have built clients that are gateway aware and that function as both internal and external IM solutions.
Recently there have been more Instant Messaging vulnerabilities. Antivirus vendors are realising that worms, viruses and other malware can spread through IM and are building new defences that reduce the risk.
Links transferred by the use of IM are an additional risk, the use of application firewalls on the corporate LAN can reduce the risk, but a bigger problem is presented when users take their corporate machines offsite. On unprotected networks application layer firewalls are absent at the perimeter meaning that communication is less secure, for this reason the endpoint requires a host based firewall solution that has scanning capability.
In some organisations where the policy is not to allow Instant Messaging communications, some users have found a way around the firewall technical control by using HTTPS based websites. These websites effectively bypass the scanning and grant access to these users. The problem is that some of these websites capture the data and credentials for spying deliberately.
Because IM does not yet consider authentication mechanisms like two factor authentication, impersonation and unauthorised access is a strong possibility.
Some worms spread using links that are sent to your entire contact list like (W32.Aplore.A@mm), it then installs browser plug-in and then the fun begins. Certain worms patch files and when these systems files are executed. a unique trojanware is downloaded. Backdoors and encrypted tunnels to internet based servers are all common.
Some worms are so volatile and aggressive that in seven seconds Symantec reported that 500,000 machines were infected and Zombified.
Threats like in the middle, password theft, information disclosure, data leakage and many more similar threats are all possible and create a significant risk to any business and or individual.
Subscribe to:
Post Comments (Atom)
Durov: The phone of the richest man in the world was hacked through WhatsApp.
The founder of "VKontakte" and Telegram Pavel Durov said that back in November 2019 he warned about the vulnerability of the Whats...
-
Computer's personal often face problems when they have to take a break from their PC for some time and can’t answer to emails and instan...
-
The founder of "VKontakte" and Telegram Pavel Durov said that back in November 2019 he warned about the vulnerability of the Whats... -
We have received a question about using Instant Messaging services (such as AIM, Yahoo, MSN Messenger & Skype Chat) in the office: “Is i...
No comments:
Post a Comment