As with any network, Office Communications Server should be secured against unauthorized access or use from within and from outside the infrastructure. Intruders use a number of methods to compromise a system, including the following ones:
Trojan horses Sending harmful programs or files into a network, where they are launched
SPIM Unsolicited, commercial instant messaging, or spam over IM
Sniffing/Snooping Unauthorized interception of communications or data
Spoofing Hijacking an IP address from outside the network
Man-in-the-middle (MITM) attack All communications intercepted by an attacker before they arrive at the intended recipient; attacker then forwards fake communications.
Viruses and worms ...