| |
FaceTime
Releases Quarterly Report on IM, Chat and P2P Security
Threats
FOSTER
CITY, CALIF — April 10, 2006 — FaceTime Communications, the
leading provider of solutions for securing Greynets such as
instant messaging (IM), peer-to-peer (P2P), and spyware,
today released a quarterly report highlighting the trends
and growth in security incidents and malware attacks over
IM, chat and P2P services. The report details that threat
incidents are up over the same quarter last year (Q1 2005),
and an increasing proportion of threats propagate through
multiple channels and P2P networks. The Q1 2006 IMPact
Report comes from FaceTime Security Labs, the threat
research and response arm of FaceTime Communications. Key
findings in the report include:
-
With
453 incidents recorded in the period, the number of
security incidents was 723% percent higher in Q1 2006
compared to the same period last year.
-
The
growth in threat incidents targeting public IM channels
stabilized during the quarter, but the complexity of
incidents and use of multiple delivery methods has
increased.
-
Multi-channel propagation was 23 times more common in Q1
2006 than the same period last year.
-
IRC and
chat-based attacks continue to dominate, but their share
of all attacks dropped in favor of an increasing number
of P2P attacks.
-
P2P
attacks were almost 15 times more common in Q1 2006 when
compared with one year earlier.
-
The
number of threats using P2P in the first quarter has
already surpassed the total number of P2P attacks in all
of 2005.
"The number
of threats across multiple P2P and IM channels demonstrates
the need for a comprehensive approach to managing threats,”
said Tyler Wells, Research Director at FaceTime
Communications. “As malware creators increasingly attack
these mainstream applications, administrators should ensure
they have the ability to control and manage them.”
FaceTime categorizes IM, P2P and spyware programs as
'greynets'. Greynets are network-enabled applications that
are installed on an end user’s system without permission
from IT and are highly evasive to existing security
infrastructure. The Q1 2006 IMPact Report demonstrates that
greynet applications pose a security risk, but their risk
must be managed in concert with the business benefits of the
applications.
Operating in three research centers around the world,
experts at FaceTime Security Labs monitor the frequency and
severity of risks posed by viruses, worms, spyware and other
malware propagating through applications such as IM and P2P.
FaceTime Security Labs experts publish the IMPact Index to
allow security professionals to quickly and easily assess
the aggregate “point-in-time” risk from these threats.
Additionally, FaceTime Security Labs publishes the SG Index™
which rates the privacy and corporate risks associated with
different types of spyware applications, using factors such
as distribution methodologies, transmission protocols, pre-
and post-installation behaviors and degree of stealth to
determine individual threat levels for each application.
Protecting Against the Growth of Greynet Threats
FaceTime anticipates that both the frequency and complexity
of greynet threats will continue to increase, with
particular emphasis on multi-channel attacks targeting P2P
and IM networks. The growth of Skype and other VoIP
communications channels should be carefully monitored by IT
departments and the appropriate steps taken to both manage
and secure their adoption by individual users.
The Q1 2006 IMPact Report underscores the need for
organizations to adopt comprehensive security measures
specifically designed to protect IM, P2P, IRC and other
greynet applications. IM threats are extremely challenging
for corporate IT staff because they utilize real-time
communications channels and proven social engineering
techniques over worldwide IM networks to propagate
significantly faster than email-based attacks. Many security
products, which take hours or days to test and distribute
patches, cannot keep up with the deluge and speed of IM
threats. FaceTime provides solutions that utilize both
traditional signatures and patent-pending challenge/response
technologies that are automatically activated when
behavioral attributes such as message frequency, content
matching, and URL identification meet defined thresholds to
detect malicious activity and stop infections before they
occur.
To find the most current and up-to-date threat information,
or to view a copy of the report, visit FaceTime Security
Labs at http://www.facetime.com/securitylabs/securitylabs.aspx
For more information on FaceTime solutions please contact Armana
Security on (01344) 780000 or
info@armana.co.uk
|
|
|
|
