By Danny Tsechansky, Staff Writer
Monday, 9 May 2005 10:14 EST

IT Observer has held an interview with Matt Anthony, Director of Product Marketing for CipherTrust, following the release of “Latest Messaging Threats Research” in late April. In this interview, Mr. Anthony presented his view on the latest messaging threats and their impact on businesses.

What do you see as the biggest security threats today?

The immediate answer is to rely on new CipherTrust research and say it’s the dramatic growth in the number of new zombies per day. Unprotected computers around the world are vulnerable to compromise within minutes of connecting to the Internet. Although those originating in the US are decreasing in number, approximately 157,000 new zombies are identified each day, with more than 20 percent originating in China. A zombie is a machine—typically connected to a broadband connection and without any type of firewall or anti-virus protection—that has been maliciously infected by a worm or virus without the owners’ knowledge. Once a machine is infected, the new zombie awaits instructions from zombie network operators that range from launching a Denial of Service (DoS) attack to sending spam and phishing e-mails through the zombie machine.

What’s the impact of unwanted emails – viruses, worms, spyware etc. - on the enterprise in terms of security?

Previously spam was regarded as a nuisance, but we should now realize that viruses and worms delivered via e-mail are expensive and time consuming. Case in point: in April, many e-mail users received e-mail messages displaying a wide variety of subject headings, including “Introduction,” “My eBay ads,” and “Your News Alert.” The e-mail itself actually delivered a worm. The five different varieties of the worm, called BugBear.e, infected an estimated more than 1,000 financial institutions in nearly one year’s time.

In addition to viruses, we see phishing attacks which use spamming techniques to enter the organization and get opened. To combat these types of attacks, an enterprise needs more than just an anti-spam tool; it requires a comprehensive e-mail security solution.

Spyware is a hot security issue today. What’s your take on the subject?

While e-mail is not the primary vector for spyware to penetrate networks, it’s clearly a problem and it highlights the need for a comprehensive approach to e-mail security. New problems will arise all the time, whether its spam, phishing, viruses, hybrid viruses, and now spyware. Because we take a comprehensive approach to e-mail security, IronMail protected organizations against spyware in e-mail, before the problem was even identified. This is very different than a narrowly focused product that requires a whole new product to be bought for each new problem.

What is, in your opinion, the biggest challenge in protecting from messaging threats?

Enterprises need to understand that there are many facets to an effective, comprehensive messaging security solution. Some might make the mistake of assuming that effective spam prevention architecture is enough, or that e-mail security appliances “out-of-the-box” can eliminate all threats. The reality is companies need a comprehensive approach to e-mail security that relies on a variety of different techniques and checks. This will stop e-mail borne viruses and worms. Also, an appropriate messaging security solution must be directly related to a clear policy, and that policy engine should be the foundation for the solution.

In addition, many enterprises finally understand that “messaging” is more than just e-mail, the attack vectors have increased and threats evolve. People don’t realize that messaging is so far reaching. Spim, or spam over instant messenger is on the rise. Today, only a tiny fraction of all businesses have their IM under control, never mind their e-mail systems.

What developments do you expect in the field of messaging security in the future?

Integration across communication mediums, including instant messaging, voice over IP and e-mail. In addition, this will need to be integrated with archiving which is integrally tied to messaging.