So, as an organisation you've pretty much woken up to the potential vulnerability of your email systems. You've invested in anti-virus software at the email gateway, and you've warned your users against opening any unexpected messages and attachments they find in their inboxes.
But, wouldn't you know it, just as organisations are becoming wiser to thethreats of email-borne viruses, there's a new kid on the block.
In the continuing saga of 'wherever computers users go, virus writers are bound to follow' we've now seen the first viruses specifically designed to hitch alift on Instant Messaging (IM) platforms: these are the FunnyFile (akaHello) and Choke worms.
It's easy to see the appeal of IM - users have the ability to chat withfriends or colleagues on a real-time basis. Short messages can be sent andare received instantaneously, making light work of arranging a meeting.
If the analysts are right, we're about to see an explosion in the take-up of IM,akin to the growth we've already seen in email use. Research firm IDC estimates that users sent about 900 million instant messages on a typical day last year, and will send about 7 billion a day by 2004.
This massive growth strongly indicates that organisations need to take more notice of the IM virus threat.
The appearance of these two IM worms doesn't signify the coming of the apocalypse, but it does highlight yet another vulnerability which users andadministrators should be aware of.
Although the FunnyFile worm failed to create much of an impact, its successor enjoyed a little more success. The Choke worm, which attempts to exploit the MSN Messenger program, did manage to get into the wild and infect several users.
Many businesses allow staff to use IM services, and indeed some organisations use them to conduct day-to-day to business. However, the very fact that a link has been established with the outside world means that a vulnerability has been created.
Effectively, material sent via an IM service is able to bypass any security in place at the gateway. This doesn't just present an opportunity for virus penetration, but it also means that users could send and receive unauthorised material such as confidential documents or pornographic material without fear of detection.
What should be remembered is that any way into an organisation is a potential liability. This is as true for the IM platforms as it is for the front door of the office building.
It is therefore worth considering removing operating systems from desktops if they are not absolutely necessary for business purposes, thus reducing the chances of a security breach.
And for every system or tool in place, the appropriate precautions need tobe taken. In the case of IM services, this means making sure that you areprotected at the desktop level, not just at your gateway.
Then, should a virus sneak past the guard at the front gate, you'll be waiting for it at the door.
Australian government to require technology and communications companies to provide access to messages
New bill avoids demanding 'backdoors' in encryption, but includes measures to compel companies to provide access to encrypted communications
Indonesian overclocker Ivan Cupa (with the aid of a lot of liquid nitrogen) achieves record overclock on AMD's latest Threadripper
Ssupermassive black hole is so big it corresponds to four per cent of the galaxy's total mass
Imminent attack will target a single bank with cloned cards used to fraudulently withdraw millions over one weekend