"IM me" a strike order

In my previous post "What's the potential of the IM security market? Symantec thinks big" I commented on various IM market security trends, namely Symantec's acquisition of IMLogic. It's also worth mentioning how a market leader security vendor was able to quickly capitalize on the growing IM market, and turn the acquisition into a valuable solution on the giant's portfolio of solutions. What's also worth mentioning is the military interest in instant communications in today's network centric warfare powered battlefield. Today I across an interesting recent development, namely that :



"The US Army, Navy, and Air Force have deployed protected interoperable instant messaging (IM) systems among the threebranches. Army Knowledge Online, Navy Knowledge Online, and theAir Force’s Knowledge Management Portal built the IM systems for 3.5 million users from Bantu's Inter-domain Messaging (IDM)gateway, a policy-driven with role-based access controls. The system will carry messages over sensitive and secret networks, and can populate a user's contact list with appropriate officials in the chain of command. Intelligence agencies will hook into the system to work with the military, and the Department of Homeland Security is also interested in the IM system."



Flexible military communications have always been of great importance, and flexibility here stands for securely communicating over insecure channels -- IP based communications. While you might have not heard of Bantu before, to me their real-time network for interagency communication sounds more like a security through obscurity approach -- temporary gain and possible long term disaster.

Could the instant communication finally solve the Intelligence Community's information sharing troubles?


In a relatively recent report I came across, "a survey was hosted on the Secret Internet Protocol Router Network (SIPRNET) so that personnel could respond to the survey from the convenience and privacy of their own workstations." in order to measure the communication requirements of various staff members, some of the findings worth mentioning :



MS Chat was used by at least 50% of all command groups
- 100% of Afloat Staffs, 86% of Carriers, 78% of Cruisers & Destroyers, 50% of Support
XIRCON was used by 28% - 50% of command groups
- 50% of Support, 41% of Carriers, 32% of Cruisers & Destroyers, 28% of Afloat Staffs
Lotus Sametime was used by 0 – 44% of command groups
- 44% of Afloat Staffs, 16% of Cruisers & Destroyers, 10% of Carriers, 0% of Support
mIRC was used by 13 – 33% of command groups
- 33% of Support, 23% of Carriers, 22% of Cruisers & Destroyers, 13% of Afloat Staffs



Lotus Sametime and mIRC seem to be only survirors, still the implications of using the above in respect to the powerful execution of various network centric warfare events, would definitely raise not just my eyebrows for sure. Two years ago, led by IMLogic a consortium on IM threats was established, the IM Threat Center, an indispensable early warning system for anything related to IM malware.



Would age-old IM threats re-introduce themselves on military networks like never before? Whatever the outcome, information overload wouldn't necessarily be solved through instant communications, but in a combination with powerful visualization concepts as well.



The post recently appeared at LinuxSecurity.com "IM me" a strike order"



Technorati tags:
Security, Military, IM, Technology, Symantec, Bantu Continue reading →

What's the potential of the IM security market? Symantec thinks big

Yesterday, Symantec, one of the world's leading security, and of course, storage providers aquired IMlogic, a leading provide of Instant Messaging security solutions. How sound is this move anyway? Doesn't Symantec already have the necessary experience in this field?

IMlogic has never been a build-to-flip company. Dating back to 2002, it has managed to secure important customers, Fortune 1000 companies as a matter of fact, and acts as a prefered choice for many of them. And given that enterprise IM is exploding, and so it home use, the real-time nature of this type of communication has always been acting as a hit-list in my mind. Client based vulnerabilities, social engineering attacks, auto-responding malware, and many other issues are among the current trends. How huge is the potential of IM security, or is it me just trying to think big in here, compared to Symantec's simple product line extension ambition?

Besides acting as another propagation vector for future malware releases, IM usege worldwide is already outpacing the most common form of Internet communication -- the email. A Radicati Group's research report entitled "Instant Messaging and Presence Market Trends, 2003-2007" indicates the same. The group predicts that :

- 1,439 million IM accounts in existence by 2007
- a very significant increase in corporate imlpementation of IM, from 60 million accounts today to 349 million in 2007.
- that's a degree of monopoly, as always!

Lucky you, Symantec!

With fear of being a pessimist, I have though witnessed how unique organizations and teams got eventually swallowed by the corporate world. And it's their know-how that I truly miss these days. You can though, still go through Symantec's constantly updating list of acquired companies, and it's evident they are fully committed to continue being a market and knowledge leader. I also recommend you read a great aricle at eWeek entitled IM Threats : The Dark Side of Innovation to find out more about the current trends. What's your attitude about them?!

Technorati tags :
Symantec, IM, security, information security Continue reading →

What's the potential of the IM security market? Symantec thinks big

Yesterday, Symantec, one of the world's leading security, and of course, storage providers aquired IMlogic, a leading provide of Instant Messaging security solutions. How sound is this move anyway? Doesn't Symantec already have the necessary experience in this field?



IMlogic has never been a build-to-flip company. Dating back to 2002, it has managed to secure important customers, Fortune 1000 companies as a matter of fact, and acts as a prefered choice for many of them. And given that enterprise IM is exploding, and so it home use, the real-time nature of this type of communication has always been acting as a hit-list in my mind. Client based vulnerabilities, social engineering attacks, auto-responding malware, and many other issues are among the current trends.


How huge is the potential of IM security, or is it me just trying to think big in here, compared to Symantec's simple product line extension ambition? Besides acting as another propagation vector for future malware releases, IM usege worldwide is already outpacing the most common form of Internet communication -- the email. A Radicati Group's research report entitled "Instant Messaging and Presence Market Trends, 2003-2007" indicates the same.


The group predicts that :

 - 1,439 million IM accounts in existence by 2007
- a very significant increase in corporate imlpementation of IM, from 60 million accounts today to 349 million in 2007.
- that's a degree of monopoly, as always!



Lucky you, Symantec!



With fear of being a pessimist, I have though witnessed how unique organizatons and teams got eventually swallowed by the corporate world. And it's their know-how that I truly miss these days.
You can though, still go through Symantec's constantly updating list of acquired companies, and it's evident they are fully committed to continue being a market and knowledge leader. I also recommend you read a great aricle at eWeek entitled IM Threats : The Dark Side of Innovation to find out more about the current trends. What's your attitude about them?!



Technorati tags :
Symantec, IM, security, information security

Continue reading →