Making IM safer place to be

by Douglas Schweitzer, A+, Network+. i-Net+, CIW, BIS

Organizations around the globe are beginning to realize the benefits of including instant messaging (IM) capabilities on their company networks. The most popular IM products in use today are AOL Instant Messenger, MSN Messenger, Yahoo Messenger, and ICQ. While they are available free for download and use, the aforementioned IM products also allow users to freely transfer potentially virus-ridden files and conduct unencrypted chat sessions that can be attractive to reasonably knowledgeable hackers.

The security risk involved with the use of instant messaging software comes from IM’s ability to sometimes bypass corporate firewalls, thereby providing another entry point through which hackers or malicious code might access the Windows client. This type of security hole essentially becomes the organization’s “weak link” in the security chain. As hackers become more sophisticated they increasingly attempt to enter company networks through the client (workstation) side via any holes they are able to locate in the system.

Network administrators need to be aware that the level of protection currently offered against viruses using instant messaging is not as sophisticated or advanced as it is for e-mail messaging. In light of the current lack of security software for IM, the role of social engineering is made more important. Users must be continually reminded that they should never open any unexpected or unsolicited attachments that arrive via IM. Network administrators may want to go a step further and consider disabling altogether any file transfers via instant messaging.

When it comes to instant messaging users, America Online’s Instant Messenger (AIM) is the most widely used IM service on the Internet. Packaged as part of their AOL Internet software, AIM is also available as a free download for non-AOL subscribers who want to use this popular service. AIM supports a variety of functions including chat, file transfers and Internet-to-telephone communications. Because AIM is so popular and easy to use, it has found its way onto the corporate landscape. However, like other popular instant messaging programs, AIM may also be used to transmit malicious code.

Keep in mind that flaws in IM programs have left their users vulnerable to attack from both hackers and viruses. With any IM service, users should follow these three basic “rules” to protect themselves from the threat of malicious code:

• Use updated antivirus software to scan all downloaded files. In addition, consider using an IM specific antivirus product like BitDefender for Instant Messaging by SOFTWIN. When used in conjunction with standard antivirus software, BitDefender for IM provides an extra “layer” of protection against malicious code threats.
• Never accept files via e-mail message attachment or file transfer from people you do not know, no matter how intriguing. It is good practice when using the Internet to verify that the person sending you a file is indeed the person they claim to be by asking them to provide information known only to the both of you.
• Watch for executable files that have been disguised (i.e. “Coolpic.jpg.exe”). Remember, the Windows operating system hides certain final extensions like, .exe, .vbs etc. Files “disguised” by double extensions often contain malicious code: they should be scanned with updated anti-virus software before they are executed. Configuring Windows to display all file extensions helps users avoid the double extension deception.

Discuss this article on the Forum