According to a report issued on Tuesday by the IMlogic Threat Centre -- an industry consortium led by security software maker IMlogic -- the quantity of instant messaging threats increased 250 percent in the first quarter of 2005, compared with the same period last year.
The research, which tracks viruses, worms, spam and phishing attacks sent over public IM networks, also contends that reported incidents of newly discovered IM threats have grown by a whopping 271 percent this year.
In addition, the study found that more than 50 percent of the incidents reported to the Threat Centre during the first quarter of 2005 involved attacks at workplaces where freely available IM software such as AOL Instant Messenger, MSN Messenger, Windows Messenger, and Yahoo Messenger is used. Based on that data, the consortium advises that companies take a closer look at managing IM security issues.
Among the other findings of the Threat Centre report is that more than 75 new threats on public IM and peer-to-peer computing networks were discovered in the first three months of this year. The group said that 82 percent of the incidents reported to it involved IM virus or worm propagation, while 14 percent dealt with IM file transfer hijacking.
Only 11 percent of the incidents tracked by the Threat Centre involved attacks on known vulnerabilities on IM applications.
Of all the IM-borne threats followed by the Threat Centre, the Bropia, Kelvir and Serflog worms were found to be the three most frequently detected IM infections at workplaces, the group said. Multiple incidents of IM phishing and identity theft were also reported on IM networks.
At least one IT professional interviewed by the consortium said that the rise of IM attacks has changed the way that businesses are looking to secure their computing networks.
"The steady rise in attacks has put companies like us on the defensive," Ben Palacio, an IT manager at Priority Computer Parts, said in a statement.
According to at least one industry analyst, the rapid increase in IM threats will likely continue and mirror the development of earlier forms of IT security hazards, such as e-mail-based virus attacks.
"IM has made its way into companies, but it's still not as pervasive as e-mail. So the overall threat to the enterprise isn't yet as severe, but people are certainly sitting up and taking note," said Earl Perkins, analyst with Meta Group. "With the rise of these threats, it's almost like the analogy of the kid with his fingers in the dike, every time you fill one hole there appears to be another one, and the (IM) attacks are a hot spot for activity these days."
