Instant Threats

Although specialized instant messaging platforms with built-in security features have been around for years, consumer IM platforms are still being used on the trading floor. The headaches these open platforms inevitably bring are endless.

Mike Persaud, head of strategic architecture at investment bank Dresdner Kleinwort Wasserstein (DrKW), says that the dangers in public IM platforms like those from AOL, Microsoft and Yahoo are akin to threats found in e-mails bearing malicious software or code. "The enterprise space is sensitive to that," he says, highlighting the presence of worms and spam within IM.

Given the relative infancy of IM threats, Persaud says he puts his energies into other aspects of IM compliance. Logging conversations and identity management are two important issues that he emphasizes. "Many hedge funds use public platforms," he says, adding that logging is still necessary for regulatory compliance.

Identity management focuses on how a recipient can ascertain a message's author and origin. "To start, we need identity management," says Persaud. Solutions exist, such as unique PIN numbers to identify users, and third-party systems like those provided by Sxip, which provides online or hosted digital identities.

DrKW's own solution is a persistent chat system branded internally as Grapevine. Closed off from public platforms, external IM threats are eliminated, and identity management is dealt with through a user's standard login to the firm's IT network. "In the past, we were confident that the e-mail client was the first application opened and the last closed," says Persaud. "Now, Grapevine is the first window you see when you log on. It's our preferred internal channel, rather than e-mail."

At the end of each week, conversations conducted over Grapevine are stored in the firm's archives, solving the third problem of conversation logging. There will be pockets of external communication via Grapevine by the third quarter of 2006, says Persaud.

According to reports from IMLogic and FaceTime Communications, threats to IM users have increased dramatically. Data from the IMLogic Threat Center reveals that IM security threats increased by 253 percent from January 2005 to January 2006, and that attackers are using newer technologies to hide the malicious attacks.

In January, IM attacks totaled 174 unique threats. Worms dominated at about 80 percent of IM attacks, while Trojan viruses—which hide in a system, providing access to an outside user—doubled to 18 percent of IM attacks.

FaceTime published a report indicating that IM and peer-to-peer threats increased more than twenty-fold from 2004 to 2005. Quarter-on-quarter increases in security incidents are occurring at a 90 percent growth rate. According to FaceTime, there was a dramatic change in hacker attacks across multiple networks last year, compared to 2004 security incidents, which were primarily spread via one network only. Individual security breaches were 19 times more likely to use two or more public networks in Q4 2005 compared with Q1 2005, according to the report.

Granted, these firms have a vested interest in publicizing bad news for IM users, but an informal survey of European firms conducted by Waters found that while firms are adopting specialized solutions such as Reuters Messenger and Bloomberg Messenger, many establishments rely on popular public platforms from AOL, Microsoft and Yahoo. IMLogic's report highlights the dangers associated with the use of such platforms. In January, 56 percent of new threats targeted the AOL Instant Messenger (AIM), 22 percent focused on MSN Messenger and 22 percent targeted Yahoo Chat.

According to one analyst, most attacks currently focus on AIM because of its popularity. But it seems that every platform will have to prove its security measures before investment firms are willing to allow employees to use them on a large scale.