According to the study by FaceTime Communications, incident frequency appears to be accelerating with almost 800 incidents recorded in the fourth quarter of 2005, compared with 59 in the first quarter of 2005. Additionally, the findings warned that hackers are turning to increasingly sophisticated techniques, including threats targeting multiple networks, IRC controlled botnets and IM-borne rootkits as some of the more alarming trends of 2005.
The data for the report, titled IMPact Report: Summary Analysis of IM & P2P Threats in 2005, was derived from the Greynets Research Database, which is maintained by FaceTime Security Labs, the threat research arm of FaceTime Communications.
The research indicated that quarter-on-quarter increase in security incidents occurred at a 90-percent compound annual growth rate. MSN experienced the largest number of incidents in both 2004 and 2005. For 2005, 57 percent of IM incidents targeted MSN, 37 percent targeted AOL and 6 percent targeted Yahoo!. Year-on-year growth rates were largest on the AOL network with a 1,300-percent increase of security incidents.
In addition, 2005 was found to have been characterized by a "dramatic change" in hacker attacks across multiple networks, where in 2004, security incidents primarily spread via one network only. According to FaceTime, individual viruses or security breaches are 19 times more likely to use two or more public networks in the fourth quarter of 2005 compared with the first quarter of 2005.
"It is important for end users and IT managers to understand the business risks associated with the unprecedented growth of IM and P2P threats," said Michael Osterman, founder of Osterman Research. "IM and P2P threats have reached critical levels, but it is the sophistication of these attacks that is even more alarming," added Kailash Ambwani, president and chief executive officer of FaceTime Communications. "As we move into a new year and anticipate greynet security incidents to increase in number and sophistication."