FaceTime Reports Malware over Real-Time Communications Channels Shows No Sign of Slowing

FaceTime Communications, the leading provider of solutions for securing and managing IM, P2P and Web-based greynets in the enterprise, reported today that security incidents targeting public IM and P2P channels have increased by 5 percent in Q2 2007 compared with Q1 2007. In contrast, last year saw a 35 percent decline over the same period, from Q1 to Q2 2006.

A total of 317 incidents were reported during Q2 2007, bringing the total since Jan. 1, 2007, to 618 incidents. Ongoing research reaffirms a cyclical nature to malware threats with peaks in each year, typically in the spring and fall, followed by lulls in the summer and winter. In 2007, security incidents declined somewhat during the first quarter from a high in January. In the second quarter, security threats climbed again, but appear to have peaked in June. If previous patterns hold, FaceTime expects a decline in the summer, followed by an upswing in the early fall.

From Q1 to Q2 2007, attacks spread via the mainstream networks (Yahoo, MSN and AOL) dropped from 74 total incidents in the first period to 64 in the second quarter. Attacks spread via AOL dropped by more than half (from 28 incidents to 13). Overall, the MSN network accounted for 50 percent of the attacks on the major networks, followed by Yahoo at 30 percent and AOL with 20 percent.

Additional key findings in the report include:

• Increase in IRC attacks

As FaceTime predicted earlier this year, attacks spread via Internet Relay Chat (IRC) continue to account for a growing percentage of all attacks. In fact, the percentage of attacks that are IRC-based has risen in each of the last six quarters, rising from a 59 percent share in Q1 2006 to 72 percent in the current quarter.

• Single channel attacks vs. multichannel

Similarly, single channel attacks—security incidents that propagate via only one vector, such as AOL, Yahoo or IRC—now account for almost three-fourths of all attacks. The percentage of attacks that are single-channel has also risen in each of the last six quarters, growing from a 46 percent share in the first quarter of 2006 to 71 percent in Q2 of 2007.

“We are continuing to track new malware incidents and to study the nature of the way these attacks spread and propagate,” said Frank Cabri, vice president of marketing and product management for FaceTime Communications. “The quantitative data confirms the continued risks of malware infection through real-time communications channels. These real-time applications are present on every major corporation’s network whether or not the IT department officially sanctions their use.”