Threat report warns of spam attacks

Mail and IM-based attacks set to trouble IT managers

Integrated message management specialist Postini's annual threat report, released today, predicts that email spam and instant messaging (IM)-based attacks are likely to be among the key security problems facing IT managers over the coming year.

The 2006 Postini Message Security & Management Annual Report includes the results of a survey of more than 600 companies worldwide and an analysis of the 150 billion emails Postini processed in 2005.

Spammers will increasingly use images as a substitute for text to circumvent first-generation spam filters, while the interoperability of public IM networks will enable worms to propagate faster and spread more widely, according to Postini's Andrew Lochart.

"The private proprietary networks are now cooperating with each other, which is good news for users but also for hackers," he warned. "But this may create the crisis that is needed for people to take the problem seriously."

Postini also predicted that ISPs will be more proactive in securing the web, by providing antivirus solutions for subscribers, and by doing more to stop the volume of spam coming from their networks.

Eighty-five percent of respondents said the need to guard against viruses, worms and spam was their biggest concern with messaging, but Lochart said IT departments are struggling to juggle the demands of numerous security products.

"[Firms] are now calling for an integrated approach…with a single administrative interface and single policy framework," he said. "If you treat all [products] as separate problems, you will have a real mess on your hands trying to control them."

In separate news, the Welsh Assembly Government launched its E-Crime Manifesto at the second E-Crime Summit in Llangollen last week. The aim is to reduce the burden of e-crime on business and consumers by providing education, resources and support.

At the event, Microsoft's chief security advisor, Ed Gibson, said that consumers, governments and software vendors all have a part to play in preventing the growth of online crime, and he praised the Get Safe Online web site, which is sponsored by government and industry, as an excellent source of advice on security for firms and consumers.

"[With the E-Crime Manifesto initiative] Wales may be well ahead of other governments in what it is doing [in bringing together] government, law enforcers and private industry – everyone has the same difficulties," Gibson added.

Also last week, internet security specialist Websense announced it had posted a Global Phishing and Crimeware Threat Map on its web site. This tool enables visitors to search for threats around the globe by geographic region, date and threat type, and reflects information collated by the firm's security labs. Websense also launched a security blog to provide information about breaking security research issues.