Saturday, September 21, 2019
The More Effective Leader: Hitler Or Stalin?
The More Effective Leader: Hitler Or Stalin? Introduction In a sense, a certain analogy appears to be between Adolf Hitler and Joseph Stalin. It is vital to recognize that these two dictators of the twentieth century represented embodiments of modern evil. Both leaders possessed almost absolute power due to their unprecedented level of repression and attempted manipulation and indoctrination. Each of these dictators was drifted by revolutionary and controversial monopolistic set of dogmatic principles about the internal systemization of society and the leading power of history. Although Hitler and Stalin shared some clear parallelisms, their personalities, the effectiveness of leadership and specific regimes were fairly distinct rather than similar. The first part of this essay will concentrate on the analysis of various historiographical interpretations, focusing on the intentionalist view, to critically assess the effectiveness of Hitlers leadership qualities in particular. Secondly, the essay will focus on the comparison of some distinct aspects of Hitler and Stalins dictatorships in order to examine the importance of power hierarchy in both their regimes. It will be argued that both leaders had different styles of leadership that played very important part in moulding of their authorities and leading power. Furthermore, the essay will evaluate some principal tools of power such as the cult of personality, the powerful machine of propaganda, the use of terror and the development of pivotal economic policies, in order to provide a compact framework of Hitlers leadership potential capabilities. It will be highlighted that Stalin counted far too much upon mass terror therefore he was unable to maintain an efficient mechanism of leadership. Lastly, the essay will conclude by connecting the analysis of Hitlers dictatorship to the current debate between historical scholars, therefore the central argument will be proved that Hitler personified more competent and constructive leader compared to Stalin.* *The purpose of this essay is not to establish the fact that Hitler was, to a certain extent, a leading giant or a failure. It is meant to assess a man and the various facets of successful leadership he applied during his domination in the Third Reich that makes him more effective leader in comparison with Stalins abilities and intentions. The Analysis of Historiographical Interpretations of Hitlers Leadership It is indispensable to realize that several historical schools of thought (the Functionalist/ Structuralist and the Intentionalist school) have tried to account for their own arguments and interpretations of Hitlers dictatorship abilities. Lets look at the major points of each historiographical perspective in order to analyze Hitler as more effective leader in comparison with Stalin; and evaluate the relevance of Kershaws theory of Working Towards the Fuhrer in terms of Hitlers role in the Third Reich. Advocates of the Functionalist view, such as Martin Broszat and Hans Mommsen, largely concentrate on the interpretation of systematization of Hitlers Nazi Germany and on his leadership qualities and charisma which played an essential role in strengthening Hitlers leading effectiveness. According to Broszat, Nazi Germany represented a chaotic tangle of conflicting institutions and bureaucracies therefore the figure of Adolf Hitler was not a key driving force behind the dynamics and organization of Hitlers Germany (Broszat, 1981: p. 262). It can be argued that Hitler as a leader did not solely dominate to the Third Reich because there were constant power struggles initiated by several institutions. Furthermore, in Broszats perspective, Hitler epitomized a weak dictator because the Third Reich signified a dualistic state where Nazi Party operated simultaneously with the normal institutions of Nazi state (Broszat, 1981: p. 244). Broszat advocated that behind a faà §ade of Nazi integrity , there were perpetual struggles for power between the revolutionary Nazi institutions, such as SA and SS, and the traditional authority of German state. According to Broszats opinion, Hitlers leadership style enabled Nazi state to emerge as a collection of competing power units which triggered the radical forces to penetrate into German society (Kershaw, 2000: p. 75). Certainly Hitler undermined orderly government in Germany by his habit of appointing several people to practically the same job, resulting in official competing for Hitlers favour. The Intentionalist historiography is embedded in the concept of Social Darwinism, therefore according to this view Hitler was depicted as a fanatical and extreme ideologist who was incessantly avid for nationalism, militarism, the importance of lebensraum and anti-Semitism. It is worth noting that there is a certain parallel between the Nazi bureaucratic machinery and Darwinian Theory of competition in terms of power struggle. In a certain way, Hitler as a leader represented the fittest element of the Nazi Party, relying on his personal appeal. Hitler was essentially responsible for the increasing momentum of radicalization. In Allan Bullocks view, he was very strong and artful leader, creating uncertainty, confusion and tension among his adherents in order to secure his leading post. Therefore, it is evident that Hitlers intention was to provoke unchecked struggle and competition until the natural selection and the survival of the fittest would have occurred (Kershaw Lewin, 1997: p. 96). To a certain extent, a highly regarded scholar Ian Kershaw inclined to endorse the interpretation of Functionalist/Structuralist school regarding Hitlers leadership qualities. On one hand, Kershaw does not associate himself with the thesis that Hitler was a weak dictator and therefore played an unimportant role in the Third Reich. On the other hand, Kershaw had advocated the idea that Hitler was completely uninvolved in the daily administrative work (Kershaw, 1998: p. 529). It is necessary to point out that Kershaw considered Hitler to be a lazy dictator who was highly inconsistent, indecisive and did not engage in the everyday direction of Germany (Kershaw, 1998: p. 533). However, other structuralist champions, such Mason, maintained that Hitler was predominantly involved in the leading of his interests: military decision-making and planning of foreign policy (Kershaw, 1998: p. 532). It might be argued that Hitlers clear focus enhanced his untouchable leading status and veiled him i n the mystery. Moreover, Kershaw argued that the actual importance of Hitler was mainly based on the perception of Germans people of Hitlers personality and not just on the character of his dictatorship.1 _______________________________________________________ 1 It is vital to recognize that some historians agreed that Hitlers effective leadership aimed to arrange his power that would enable him continuously to educate the people in the spirit of his mission by means (in his words) the total domination of every individual (Cassinelli, 1976: p 63). Nazism and Stalinism: The Comparison of Leadership Styles Ãâà Ideology The main contrast between the Stalinism and Nazism was that both regimes arose from completely different types of societies traditions. Russias lack of culture, traditions and illiteracy meant that Stalin had very limited possibilities to accomplish his large tasks, such as transform the whole society from bourgeois system to socialist community. The Nazi ideology was shaped Given that Hitler was allergic to any restriction to his power, he had no clear-cut effort to form the administrative anarchy of the Third Reich. It is essential to emphasize that Hitler is characterized by the unbureaucratic style of leadership mainly because he remained quite aloof from the daily business and government and distanced himself from the intricate situations. Although his style of leadership appears to be, to some extent, limited, Hitler predominantly focused on the realm of his personal interests, such as foreign policy and military affairs. It can be argued, that this unbureaucratic style emphasized Hitlers personality, an inescapable product of the deification of the leadership position itself (Kershaw, Ian, 1997: p. 99). It can be purported that Hitler did not want to concern himself with the administration to sustain prestige to match the created image (Kershaw, 1997: p. 100). According to Marx Webers classic study of the authority of power, the quality of Hitlers charisma consists in his apparent possession of supernatural or superhuman or at all events specifically out of the ordinary qualities, which make him appear an emissary of God, or a destined Leader (Schapiro, 1972: p. 21). By contrast, Stalin personified very interventionist dictator whose main objective was to established the centralization of state power in order to eliminate the party-state dualism (Kershaw Lewin, 1997: p. 91) but also to create a monopolization of all decision-making, in relation to economic reconstruction, to open up a giant bureaucratization of all aspects of life. He intended to intentionally provoke instability in the governmental apparatus and society to implement his unpopular policies by the full command of modern means of control and administration [EVIDENCE]. Stalins power was, therefore, described as bureaucratic authority (Kershaw Lewin, 1997: p. 98) hence his influence in daily administration was far-reaching and cross-sectional. This fact suggests that Hitler largely relied on his charismatic impression to coordinate the states apparatus and gain a public support for his policies and actions, therefore it might be argued that Hitler was more effective leader in strengt hening his support and forming a new and higher kind of man by a process that involved the remolding of mens psychologies than Stalin (Cassinelli, 1976: p. 63). However, Stalin was able to transform illiterate and backward masses of Russians into obedient and simple-minded people. He relied on the masses that have a certain purity and naivetà © enabling them to understand the essence of significant situations. [2] _______________________________________________________ [2] As Stalin said, Simple people sometimes prove to be far nearer to the truth than some highly placed institutions. (Cassinelli, 1976: p. 89) ***Joseph Stalin declared: Can such a radical transformation of the old bourgeois system of society be achieved without a violent revolution, without the dictatorship of the proletariat? (Cassinelli, 1976: p. 77) The Effectiveness of Hitlers Leadership There is no doubt that Hitler and Stalins regimes shared some similar characteristics, nevertheless the main argument of this essay is based on fact that Hitler represented more effective and visionary leader compared to Stalin in terms of the cult of personality, propaganda, the use of terror and economic strategies several significant ways compared to Stalin. Therefore it is quite substantial to take into account the extent to which these major factors contributed to the effectiveness of Hitlers leadership. In essence, both Stalin and Hitler applied their power in different manner, however they shared a common ground regarding to implementation of their power. Evidence I: The Cult of Personality One of the principal factor, that significantly contributed to Hitlers effective leadership, was his sophisticated cult of personality. [3] Hitler was regarded as the personification of the nation and the unity of the national community therefore he primarily established his mastery on a cultivated principle of personal loyalty to which he could always successfully appeal at moments of crisis (Kershaw, 1997: p. 93). It must be noted that the principal reason for Hitlers domination of all who assisted him was an extraordinary power of his individuality. Hitler radiated confidence, high self-esteem and strong belief in his ability; it made him extremely powerful and everyone was frightened by his aura of total assuredness (Cassinelli, 1976: p. 73) thus he could stir up emotions and hypnotize the broad spectrum of German society. Hitlers main characteristic features were his skills to achieve an extraordinary power over the German people and ability to accomplish his political objective s. In large measure, his power to grip an attention and public admiration was especially due to his exceptional oratorical talent. [4] Hitler used his speeches as a powerful tool of political intoxication that inspired a degree of fervor in his listeners that seems to defy definition and explanation (De Luca, 1983: p. 96-7). Therefore it can be argued that Hitlers leadership uniqueness stemmed from his geniality to effectively use spoken word in order to manipulate mass propaganda for his own benefit. In Hitlers view, words build bridges into unexplored regions (Bullock, 1962: p. 372). The key aspect of this argument is that his uncanny ability to appeal to the subconscious and irrational needs of his audience and to solicit the desired response made him a formidable political figure (De Luca, 1983: p. 96-7). Furthermore, Hitler, in contrast to Stalin, was able to add the authority of spiritual founder of national socialism to that of party leader. _______________________________________________________ [3] Charismatic rule has long been neglected and ridiculed, but apparently it has deep roots and becomes a powerful stimulus once the proper psychological and social doubt that millions believe in it (Neumann, 1942: p. 75). Both the Stalinist and the Nazi regimes signified a new genre of political system that concentrated the artificial concept of a leadership cult the heroic myth of the great leader, who represented a man of the people and no more super-ordinate monarch who was distant to the masses. However, in Moshe Lewins view, the rapid pace of centralization in Stalins leadership resulted in rapid growth of officialdom; hence, it might be said that the cult of Stalin was replaced by the cult of the state (Kershaw Lewin, 1997: p. 11) hence Stalin predominantly concentrated on reinforcing his authority in order to be seen as autocratic and retain. [5] It is necessary to emphasize that Stalins rise to power was from within the Soviet Union consequently he shared public glorification with former icons such as Vladimir Lenin and Karl Marx. The crucial aspect of this argument is that Stalin and his communist ideology could be detached therefore when Stalin died the similar cult of personality never evo lved around his successor but the Soviet communism preserved. It is worth noting that unlike Stalin, Hitler became a permanent image of Nazism. The Fuhrer principle, in essence, rooted in Hitler formulated the Nazis system of governance. [6] megalomaniac ambitions _______________________________________________________ [4] Walter Langer depicts Hitler as a showman with a great sense for the dramatic. However he provides very clear characterization of Hitlers captivating rallies: Not only did [Hitler] he schedule his speeches late in the evening when his audience would be tired and their resistance lowered through natural causes, but would always send an assistant ahead of time to make a short speech warm up the audience. Strom troops always played an important role at these meetings and would line the aisle through which he would pass. At the psychological moment, Hitler would appear in the door at the back of the hall. Then with a small group behind him, he would march through the rows of S.A. men to reach the speakers table. He never glanced to the right or to the left as he came down the aisle and became greatly annoyed if anyone tried to accost him or hampered his progress. Whenever possible he would have a band present, and would strike up a lively military march as he came down the aisle (Lan ger, 1972: p. 46). [5] To a certain extent, a Cult of Stalin Worship developed from a sense of paranoia because he wanted people to deify him and if he had to accomplish it though brutal means then he was prepared to do so. [6] Moreover, it might be said that the loyal adulation of Hitler signified the most effective political instrument of power in Nazi Germany, therefore there was no reliance and dependence on massive domestic constrain that was typical feature for Stalins rule. Evidence II: Propaganda Ãâà controlling every single aspect of daily-life Ãâà parades and marches provided a sense of order and gave a feeling of belonging. So that the unity between the people was very firm. Ãâà youth indoctrination The second key factor strengthening the effectiveness of Hitlers power was the Nazi propaganda that played very substantial role in the setting of totalitarian society. In essence, the primary objective of Hitlers propaganda was not the ideological enlightenment of the masses, but their mobilization for action through extensive spreading of ideas and symbols aimed at influencing opinion and attitude of wide range of people. For Hitler, propaganda was the sharpest weapon in conquering the state, and remains the sharpest weapon in maintaining and building up the state (Hinton Hite, 2000: p. 244). It can be affirmed that every propaganda was the preparation of political activities (Unger, 1974:p. 35). Hitlers effectiveness to indoctrinate society might be seen in fact that the high cultural level of the Germans allowed the Nazis to extensively apply the technical potentialities of modern propaganda as far as possible; therefore Nazis propagandist intended to develop the manipulation of words and symbols into the highest creative art (Unger, 1974: p. 47). [EVIDENCE Ãâà Unger p. 43] [7] In some way, this propaganda had also considerable success in strengthening overall support for Hitler and the regime, by reinforcing enthusiasm for a strong leader who was capable of making Germany economically and military powerful. For instance, the Nuremberg rallies brought some excitement into peoples lives and gave them a sense of belonging to a great movement. [EVIDENCE Ãâà DATA, STATISTICS World History] In contrast, Stalins propaganda contended with the lack of technical skills and the virtues of labour disciple therefore the effectiveness of propaganda was very limited. Due to the lack of modern mass media in the Soviet Union, a large illiterate masses (especially peasantries), were only indoctrinated by oral agitation which was hardly disseminate across large distances. There were no cultural and informational media which cemented the framework of modern society, therefore the Soviet propaganda was full of stereotyped monotony of Stalins declarative and simplistic slogans convincing the Russians about Stalins greatness and invincibility. In other words, Soviet propaganda had to be adapted to the capacity of the least intelligent and constant repetition was one of its main weapons (Unger, 1974: p. 46). Ãâà forcible collectivization of agriculture led to a direct clash between Stalins regime and the majority of the population therefore the rapid mobilization /////In Conquests view, the alienation distinctly increased before the wartime since many Russians started to hate Stalin for the misery he triggered; therefore it led to gradual decline in morale and discipline (Conquest, 1991: p. ). In case of Stalin, the propaganda tool was used to a limited extent and often in a wrong way. It is essential to mention that the widespread fear between the Russian population resulted in limited ability to believe Stalins promises and slogans. EVIDENCE !!!!!! ////Ãâà Additionally, it is vital to perceive that Hitlers leading effectiveness was mainly achieved by remarkable Nazi propaganda that enhance the popularity of policies that were genuinely popular, for instance, public works projects (autobahn) or the 1933 Farm Law assuring subsidies for farms. Whereas Stalins propaganda was directed at forming a measure of acceptance for politics that were quite undesirable, such as compulsory collectivization and rapid industrialization. [FOOTNOTES Ãâà EVIDENCE!!!!!] Unger Citation!!! _______________________________________________________ [7] According to historian Dick Geary, the Nazi propaganda was most successful: where it could play upon the traditional German prejudices and values of German middle-class society upon issues such as nationalism, anti-socialism, family issuesà ¢Ã¢â ¬Ã ¦ (Geary, 1993: p. 59). [8] Evidence III: The Use of Terror and Violence The third crucial element related to Hitlers effective leadership is the use of terror and violence. Terroristic aspect of the two regimes appears to be very significant in order to compare the leadership qualities of Adolf Hitler and Joseph Stalin. Hitler seems to have had no deliberate policy of destabilization. In a sense, he tried to protect his deified leadership position by his non-bureaucratic and non-interventionist governance because he did not want to lose a popularity by deciding some unpopular policies. Furthermore, Hitler did not rule internally by terror even so his regime was deeply authoritarian and disciplinary. This means that his effectiveness based on the ability to maintain a supporting base of Nazi members in order to strengthen his own position but also to stabilize the party apparatus. However, with the exception of his purge of the Storm Trooper leadership on the Night of the Long Knives in 1934, Hitler never triggered a systematic attack on members of his ow n regime. However, It is important to note that Hitler never initiated an organized terror on members of his regime. It is significant to highlight that Hitler had his leadership position technically more secure than Stalin. On the other hand, Stalin personified the creature of bureaucracy therefore he appeared intentionally to destabilize government to turn this to his advantage; in the mid-1930s Stalin mainly instigated the liquidation of the kulaks as a class and great purges against his closest supporters in order to eliminate all challenges to his absolutistic rule but also he used the brutality of collectivization to infected the whole political system with the lust for blood and any criticism came to be identified with the sabotage of class enemies (Sakwa, 1998: p. 40). To a considerable extent, Stalins purges and the extensive use of terror and violence undermined the stability of his position and intensify his opposition within the Party sector (Kershaw, 1997: p. 93). However, it might be said that the use of purges represented a kind of weapon against the unstoppable power and expansion of Stalinist bureaucracy which seemed to malfunction. Also Stalins paranoid mentality resulted in unprecedent ed brutality used as an instrument for applying and implementing his policies and terrorizing his followers and Soviet citizens. Therefore he used purges and the Show Trials to remove Old Bolshevik rivals like Zinoniev and Kamenev, in order to destroy their reputation, so that he alone could take the credit for the Communist Partys achievements. Additionally, Steve Rosefielde argues that in the years 1929-38, the average Gulag forced labour population was about 8.8 million, and that the total adult losses attributable to forced labour, collectivization and the purges was over 20 million (Sakwa, 1998: p. 41). This, in fact, resulted in a greater alienation of masses and sustained the Soviet peoples sense of anxiety and feeling of helplessness thus they responded to Stalins force by self-control and dissimulation (Cassinelli, 1976: p. 129). Furthermore, the Purges disruptive effects were felt in the development of industry where the destruction of qualified engineers and managers seri ously undermined the Second Five Year Plan and accounts for Stalins reduction in the scale of the purges in 1939. Nonetheless the destructive policies penetrated through Stalins autocracy and the Soviet people felt perpetually insecure therefore this led to escalation of opposition between the Soviet citizens which had weakening effect on Stalins power. Evidence IV: The Major Economic Policies Another important factor that reflects Hitlers effective leadership is the series of economic policies implemented in 1930s. The main success of Hitlers economic recovery based on the total elimination of unemployment and on stabilization of German economy and progress towards an economy that would prepare Germany for war. For instance, Dr. Schacht organized Germanys finances to fund a huge programme of work creation; the increase in government spending (from RM 8.6 billion in 1932 to RM 29.3 billion by 1938) resulted in schemes to build a network of autobahns or conservation programmes. Moreover, Hitler concentrated on need to gear the economy for war It is important to highlight that Hitler was aware that he needed the support of the German people and could not risk to exacerbate their living standards at the cost of military supremacy. In 1930s, Hitler developed managed economy in Nazi Germany and in 1936 he focused on the Four Year Plan Ãâà autobahn completed, industry rebuilt, farmers: Blood and Soil, Workers: Strength Through Joy Ãâà Germany was a great economic power Stalin Ãâà unsuccessful FYPs collectivization and industrialization still backward- inability to catch up the West!! On the other hand, it might be argued that Stalins economic policies had only moderate short-term success. established the command economy [*9*] in the Soviet Union, clearly without this economic concept USSR would not survived. However, Stalins Five Year Plans were followed by forcible collectivization of the peasantry in order to erase all traces of capitalism and transform Soviet Union into fully industrialized, self-sufficient and completely socialist state without regard to cost. It is significant to point out that the effort to fulfill overambitious plans and resistance to collectivization led to acute shortage throughout the economy. It can be argued that despite the Stalin The top priority was investment in heavy industry which was view as the key to rapid economic growth and as an essential guarantee of national security. The acceleration continued through the Second Five Year Plan and extended into consumer goods. Against a background of a political purges and partial wartime mobilization, the pace of industrial growth slackened in the three years of the Third Five Year Plan, and such growth as took place may be attributed to territorial expansion. (p. 152-3) Falsification Ãâà It is vital to point out that Stalins leadership proved to be inefficient in terms of improving the Russian economy in the long run and great human expense. According to Isaac Deutscher, Stalins All-out Drive revolution from above appeared to be unsuccessful attempt to stimulate the production and increase the output because it lacked all rules of logic and principles of economies which were turned upside down (Cassinelli, 1976: p. 117). It is important to realize that Stalins economic policies were aimed at satisfying his own ideology rather than for benefit of people. This clearly supports the initial claim that Stalin was less effective leader than Hitler. _______________________________________________________ [*9*] Soviet planned or command economy was a type of economy in which centralized, bureaucratic management of economy, GOSPLAN, made a wide range of decisions penetrating to production and wages. Basically, the key objectives of centrally planned economy were to build socialism as quickly as possible and centralize the decision making and control. [10] In 1932, the number of unemployed in Germany was 5.6 million, however in 1938 there were only 0.2 unemployed in Nazi Germany. [EVIDENCE] Debate: Intentionalist view and Hitlers Effective Leadership Qualities Intentionalist view Ãâà Hitlers leadership domination and effectiveness was apparent in connection with [***]Hitlers dictatorship presented very extreme and intensive totalitarian demands of modern state, such as unexpected degree of violence and oppression, unprecedented manipulation of mass media to gain control and mobilize the masses, an unaccustomed cynicism in the international relations, an extraordinary aggression of nationalism and pestilent power of ideological racial superiority. Additionally, this specific dictatorship demonstrated that the modern, advanced and cultural society could fall headlong into barbarism. Indeed, Hitlers form of dictatorship meant the collapse of the modern civilization. On the other hand, Stalin personified a type of leader who focused on the continuity of Leninist tradition. By contrast, Stalin used hostility and terror as a normal feature of government when the USSR was in peace. His dictatorship resulted in creation of a personality cult of monstrous proportions but he never achieved a popular acceptance for his policies as Hitler did. ******It is vital to highlight that Hitler was more effective leader in terms of his cult of personality, propaganda and social and economic policies to 1941. This year represented a key turning point in Hitlers power and effectivity. Hitlers clash with Stalin indicated that the existing distribution of powerfulness was no longer able to outlast. It is very interesting to see the rapid transformation of power from Hitler to Stalin. Therefore it may be argued that, from the chronological perspective, Hitler was able to keep his authority at the highest position so his leadership skills were clearly better than Stalins abilities. Conclusion In conclusion, although Hitler signified a leader of one of the purest autocracies, there were some limits to his power, but it is essential to point out that these limits did not result from imperfections in his machinery of power but mainly from the context within which Hitler has to operate. However, Hitlers success might be apparent in regard to popular acceptance of his policies but also most Germans appreciated the sense of national community which was constantly instilled into them by Hitler. Furthermore, Hitlers long-lasting interest for the material-well being and social standing gave his regime a popular legitimacy that was one of the greatest success to his power. Security Management: Instant Messaging Perspective Security Management: Instant Messaging Perspective Executive Summary Nowadays, Instant messaging (IM) is used in the corporate environment which is rising rapidly, as organizations welcome to accept IM as a business communications tool. IM promotes cooperation and real-time communication among employees, business partners, and customers. It also brings new threats to local area network security and makes organizations to have a potential risks when employees share illegal or inappropriate content over the internet. Organizations are also faced with reduced employee productivity when IM is used arbitrarily and for personal communications. When use of IM is unmonitored and uncontrolled, it can lead to a significant drain on IT resources, as the IT staff attempt to identify which IM applications are being used and by whom. Moreover, when instant messaging is used to send and receive files, not only can the resulting drain on bandwidth negatively impact network performance, but the files themselves can pose a serious security threat. This report provides information to better understand threats of IM and mitigate its impact to business. The threats of IM are investigated. The trend in growing targets and number of cases are related to IM threats are analyzed. The impacts to business are assessed to identify areas of security management require great concern. Finally, measures are introduced to improve security management such that IM threats become manageable and their impact is reduced. 1. Introduction Today, Instant Messaging (IM) applications have rapidly become accepted by businesses as viable employee communications tools. IM is more instant than email, obviously easy-to-use, and provides the real-time collaboration organizations need to ensure quick judgments and decisions. Using Instant Messaging, organizations and their business partners can make a conference, share files and information easily over the Internet. Furthermore, within the organization, IM conversations among project team members can resolve issues and questions in an instantsomething that might have taken a series of emails, telephone calls, or face-to-face meetings to carry out. IM can be used to provide immediate replies to requests. It can also help promote personal relationships with customers and remote employees, and assist customers in completing transactions with Web-based businesses. This report is shown the concern of security of IM and gives some countermeasure to deal with IM threats. 2. Findings and Analysis 2.1 What threats are related to Instant Messaging? là Worms A worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes and it may do without any user participation. In case of instant messaging, antivirus software does not currently monitor traffic at OSI Model-network layer. If a worm starts to spread via instant messaging, it cannot be stopped before it reached the remotes computer. Dissimilar a virus, it does not need to attach itself to an existing application or program. Worm almost always causes damage to the network when it drains the network bandwidth. On the contrary, virus almost always corrupt or modify files on a targeted computer. The number of instant messaging worms is rising steadily. This is made clear when one considers the list of recent IM worms: n dubbed Pykse.A (16 April 2007) n W32/Rbot-GRS (26 June 2007) However, a few antivirus applications can plug in to instant messaging clients for scanning files when they are received. The lack of applications scanning instant messaging network traffic is partly due to the difficulty in monitoring instant messaging traffic so that the antivirus product running at the desktop level can catch the worms. l Backdoor Trojan Horses Instant messaging clients allow peer-to-peer file sharing, the instant messaging client to share all files on the system with full access to everyone can be configured by a Trojan Horse and in this way gain backdoor access to the computer. Moreover, the victim computer is on-line; a notification will be send to hacker automatically. So hacker can keeps track and accesses the infected computer easily. Besides, the hacker does not need to open new suspicious ports for communication in that hacker can instead use already open instant messaging ports. Classic backdoor trojans open an outgoing listening port on the computer, forming a connection with a remote machine. If the trojan operates via the instant messaging client, it does not open a new port as the user has usually already created an allow rule for instant messaging traffic to be outbound from their machine, therefore, allowing the backdoor trojan horse using the same channel to go unblocked. l Hijacking and Impersonation Users can be impersonated in many different ways by hacker. The most frequently used attack is solely stealing the account information of an unsuspecting user using the instant messaging or IRC application. Hacker can execute a password-stealing trojan horse to obtain the account information of a user. If the password for the instant messaging client is saved on the computer, the hacker could send a trojan to an unsuspecting user. When trojan executed, it would find the password for the instant messaging account used by the victim and send it back to the hacker. l Denial of Service Instant messaging may lead a computer vulnerable to denial of service (DoS) attacks. These attacks may have different outcomes: A lot of DoS attacks make the instant messaging client crash, hang, and in some cases consume a large amount of computer processing power and causing the entire computer to become unstable. There are many ways in which a hacker can cause a denial of service on an instant messenger client. Furthermore, they are used to combine with other attacks, such as the hijacking of a connection and form a bot network to attack other servers. l Unauthorized Disclosure of Information Information disclosure could occur without the use of a trojan horse. Once the data that is being transmitted via the instant messaging network is not encrypted, a network sniffer can sniff data on most types of networks and can be used to capture the instant messaging traffic. Also, a hacker could sniff the packets from an entire instant messaging session. It can be very dangerous as hacker may gain access to privileged information. It is especially dangerous in the corporate environment in that confidential information may be transmitted along the instant messaging network. 2.2 Recent Incidents Case 1: New IM worm targets Skype users (Published date: 17 Apr 2007) Affected: The IM worm affects Skype users running Windows. Threat Type: Worm Description: A new instant-messaging pest that spreads using the chat feature in Skype has surfaced, security firm F-Secure warned. The worm, dubbed Pykse.A, is similar to threats that affect instant-messaging applications. A targeted Skype user will receive a chat message with text and a Web link that looks like it goes to a JPEG file on a Web site, F-Secure said on its Web site. Clicking the link will redirect the user to a malicious file. The file, after executing, will send a malicious link to all online contacts in a Skype users list and will show a picture of a scantily clad woman, F-Secure said. In addition, it sets the users Skype status message to Do Not Disturb, the security firm said. Pykse also visits a number of Web sites that dont host any malicious code and a site that appears to count infected machines, F-Secure said. The Finnish security company doesnt list any particular malicious payload for Pykse other than it spreading and visiting Web sites. Status: Skype also recommends using antivirus software to check the files received from other people. Case 2: Next-generation Skype Trojan hits web (Published date: 26 Mar 2007) Affected: Warezov Trojan horse to target Skype users. Threat Type: Trojan Horse Description: Miscreants have again adapted the Warezov Trojan horse to target Skype users. The attack is similar to threats that target instant-messaging applications. A targeted Skype user will receive a chat message with the text Check up this and a link to a malicious executable called file_01.exe on a website. Once infected, a computer will be at the beck and call of the attacker and the Trojan horse will start sending messages to the victims Skype contacts to propagate. Status: Skype warned users against opening the malicious file, take caution in general when opening attachments, and also recommends using antivirus software to check incoming files. Case 3: AIM bot creates fight combos to spread (Published date: 18 Sep 2006) Affected: Online attackers have created an instant-messaging bot program for AOL instant messaging that chains together a number of executable files, similar to the combination moves in fight games. Threat type: Worm and Bot Description: The software, dubbed the AIM Pipeline worm, uses modular executable files to infect machines with different functionality but also to make the bot networks growth more robust: if a Web site hosting one of the components gets shutdown, the other pieces of the worm can still spread. Status: America Online has blocked the URLs used in the messages sent by the AIM Pipeline worm. 2.3 Trends l Increase in IM threats IM Security Center researchers tracked 33 malicious code attacks over IM networks during the month of September, bringing the 2007 total to 297. This is a 20% increase in IM threats compared with the same time period last year. (SAN DIEGO Akonix Systems, Inc 2007) Research also indicates that there are more targets affected by IM threats (SANS Institute 2006) l New type of IM worms New IM worms identified include Agent-GCG, Ataxbot, Exploit-VcardGadget, Focelto, MSNFunny, IMBot, MsnSend, MSN-WhoBlocked, Neeris, Pykse, Skipi, STRATION and Yalove. IRCBot was the most common with four variants, followed by Imaut and Neeris with two, respectively. Akonix tracked 16 attacks on P2P networks, such as Kazaa and eDonkey (SAN DIEGO Akonix Systems, Inc) l Evolution of IM threats The vulnerability of IM are used in botnet communication and spread the bot and worms to another computers. When the hacker send the command to botnet army, the consequence of attacks is very serious. Unlike other attacks, botnet can comprised of thousands of computer power to perform a variety of attacks against a wide range target. For example, the botmaster can command each zombie participant in a botnet to launch spamming e-mails to steal the credit card information and launch Distributed Denial-of-Service (DDoS) attacks simultaneously against the thousands of computer. 2.4 Factors for growth of IM threats The growth of instant messaging usage within the organization, vulnerabilities in public IM networks occur during the process of transferring files. When a user transfers files or uses other IM features like file sharing or voice chat, users IP address is revealed. Using this IP address, hackers can have ability to attack the system. Some organizations configure their firewalls to block ports used by IM applications or block the external addresses of IM network servers. But IM applications can be configured to change ports automatically and are capable of penetrating firewalls through ports used by other applications. (For example: port 80). So policy control management is required. 3. Impact to Business Once the IM threats occur in the organizations, they face a significant security risk from disclosure of intellectual property or business-critical information using IMs file attachment capability. As IM is a highly informal means of communication, employees can unintentionally send critical company-confidential information, such as product specifications, code, and blueprints, or private customer data, to friends, colleagues, and competitors. There are three main concerns of using the IM which are identified. l Legal Liability concerns The danger of allowing employees to use IM at work under lacking of security management, the viruses and worms is very easy to expose. On the other hand, organizations face legal and compliance risks when employees share copyrighted, illegal, or inappropriate content via instant messaging. Unmonitored IM applications allow employees to openly transfer files and information that could lead to significant corporate liability. For example, transferring copyrighted MP3 files, movies, and software using IM is common among friends and bypasses the file size restrictions of email. l Employee productivity loss Many employees have already adopted IM which they prefer that IM is regarded as the personal connection with friends of family, because it has not used the telephone to be obvious, talking cant be eavesdropped. Employees can seem it is work, in their keyboard is typed and left, been exchanging the personal connection with friends of family all the time. l IT resource abuse Most organizations dont know what kind of IM should be installed on computer, which employees should use the IM and how often to use IM for business communication such as send, receive files, video conferencing. In addition, it is not uncommon for intensive file sharing over the IM that can influence the performance of the network. 4. Dealing with Instant Messaging threats IM threats can be operated by insider (employees) and outsider (hacker). According to the Figure 4-1, Operational-level employees want to increase their ability to override controls mechanisms base on some factors such as fear of lose their job whereas the top level-manger want to have control mechanism to monitor all harmful activity in the organization. However, top level-mangers always neglect the risk of middle-level managers whose have part of administrative power to act as insider. So that good security management must be executed in the organization to avoid or mitigate the insider and outsider activities. Consequently, prevention, detection, incident response and controls are good measures for security management. 4.1 Prevention Ensure that vendor patches are promptly applied to instant messaging software, interrelated applications, and the underlying operating system. Firewalls to separate all DMZs, internal networks and external un-trusted networks Monitor using an Intrusion Detection/ Prevention system for users. Create secure communications channel when using instant messaging with trusted business partners Do not rely on external IM servers for internal use of instant messaging. Install and use anti-virus and anti-spyware applications. Consider disposing the clear products designed for instant messaging safely. Some product like as Trend Micro IM Security for Microsoft Office and Symantec IM Manager 2007 seamlessly manages can be used for mitigation of the potential risks associated in that they acts a filter and detector between internal and external. Using Multi-factors authentication or biometric authentication to prevent the hacker to login the target computers. 4.2 Detection Monitor and detect using an Intrusion Detection for users creating tunnels for instant messaging. An intrusion detection system (IDS) generally detects unwanted manipulations of computer systems, mainly through the Internet. Enable the auto detect mode of updated antivirus and anti-spyware products for client computer. Filter all http traffic through an authenticating proxy server or firewall to provide additional capabilities of filtering or monitoring instant messaging traffic. Appropriately configure intrusion detection systems. Understand that many instant messaging applications are capable of enabling associated communications to masquerade as otherwise allowed traffic (e.g. http). 4.3 Incident Response Block popular instant messaging ports. Block access to known public instant messaging servers that have not been explicitly authorized. Virus-scanning software at all critical entry points such as firewalls, remote access server, e-mail servers etc. Ensure that vendor patches are promptly applied to instant messaging software, interrelated applications, and the underlying operating system. 4.4 Management Policy Controls Establish policies for acceptable use of instant messaging and ensure that all users are aware of those policies and clearly understand the potential risks. General users should not be allowed to install software. Limit Administrative and Power User level privileges to support personnel with their support ability. If a user must have Administrative or Power User privileges, create a separate account to be used for their daily office functions, internet surfing and on-line communication. 5. Conclusion Instant messaging has clearly taken off as a means of communication. The ability to communicate in real-time makes it an ideal medium for both business and personal communication. Unfortunately, threats that affect instant messaging already exist today, including worms and vulnerabilities that can give hackers remote access to vulnerable computers and can replicate in seconds can affect more than just instant messaging. Therefore, end users and corporations should employ basic security countermeasure. However, update the patch of product can mitigate the occurrence of threats, but these measures are not enough to prevent the network security. Corporations should have other measures for security such as prevention, detection and incident response. Furthermore, management controls are available to less the impact of IM threats. Once these measures get implement, IM threats must become manageable as a result of reducing the damage of business. References Michael E. Whitman and Herbert J. Mattord (2004) Management of Information Security, Boston, Mass.; London: Thomson/Course Technology Joris Evers (2007) New IM worm targets Skype users, Cnet, Available: http://www.zdnet.com.au/news/security/soa/New-IM-worm-targets-Skype-users/0,130061744,339274904,00.htm (17 Apr 2007) Joris Evers (2007) Next-generation Skype Trojan hits web, Silicon, Available: http://software.silicon.com/malware/0,3800003100,39166534,00.htm (26 Mar 2007) (2006) AIM bot creates fight combos to spread, Security Focus, Available: http://www.securityfocus.com/brief/305 (18 Sep 2006) San Diego (2007) Akonix Intros IM Security Appliance, Dark Reading, Available: http://www.darkreading.com/document.asp?doc_id=125041WT.svl=wire_2à (29 MAY, 2007) San Diego (2007) Akonixs Threat Center tracks 33 IM attacks , Dark Reading, Available: http://www.darkreading.com/document.asp?doc_id=135045à (28 Sep 2007) SANS Institute (2006) SANS Top-20 Internet Security Attack Targets, Available: http://www.sans.org/top20/ (15 Nov 2006) Symantec (2006) Protect Your Business from Instant Messaging Threats, Available: http://www.symantec.com/business/library/article.jsp?aid=instant_messaging_threats (11 Jul 2006) Symantec (2007) Internet Security Threat Report 2007,à Avalable: http://tc.imlogic.com/threatcenterportal/pubIframe.aspx (13 Jun 2007)
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.