International Telecommunication Union   ITU
Site Map Contact us Print Version
 Wednesday, 18 July 2007

CRITIS'07 together with IFIP WG 11.10 on Critical Infrastructures Protection, IEEE Computer Society Task Force on Information Assurance, and Joint Research Center Ispra of the European Commission will be holding the 2nd International Workshop on Critical Information Infrastructures Security on October 3-5, 2007 at Benalmadena-Costa (Malaga), Spain. This event aims to bring together researchers and professionals from universities, private companies and Public Administrations interested or involved in all security-related heterogeneous aspects of Critical Information Infrastructures.

Speakers that will grace the event include Jacques Bus of the European Commission, INFSO Unit "Security", Adrian Gheorghe of Old Dominion University, US, and Paulo Veríssimo of Universidade de Lisboa, Portugal. A panel discussion on Resilient Critical Information Infrastructures: a myth or a realistic target? will be held as well.

Visit the CRITIS'07 site for more information.

Wednesday, 18 July 2007 15:21:34 (W. Europe Standard Time, UTC+01:00)  #     | 

The new manual on Prosecuting Computer Crimes has been relesed by the Computer Crime & Intellectual Property Section of the United States Department of Justice in March 2007. This 53-page document discusses different cyber crimes and the corresponding penalties that are seen befit for the offenses. Definitions, background information as well as related statutes can also be found in the manual. Offenses discussed include obtaining national security information, compromising confidentiality, trespassing in a government computer, accessing to defraud and obtain value, damaging a computer or information, trafficking in passwords, and threatening to damage a computer. A legislative history on this subject has also been made available.

Wednesday, 18 July 2007 10:27:19 (W. Europe Standard Time, UTC+01:00)  #     | 

"When you've got a full-blown security breach on your hands, what do you do? If you've been smart, you'll already have a computer security incident response team -- and a plan -- in place. But many companies are too resource-strapped to have a full-blown, fully-tested incident response strategy." DarkReading proposes six steps on what to do when your security is breached.

1. Assemble an incident response team.

Experts believe that a computer security incident response team (CSIRT) must already be set up even before an event occurs. If a team is not yet in place, the company must create one quickly, and make sure all the stakeholders are there.

2. Assess the initial damage and the risk for more.

"According to BackGrounD Software, a Canadian forensics firm that does security breach damage assessment, the costs of a breach should include not only the technical costs associated with finding and fixing the breach, but also loss of productivity and loss of business. You'll need a plan that not only outlines your strategy for recovering your systems, but that includes steps for recovering customers."

3. Develop a notification plan.

An important decision to be made is who to notify when. Law enforcement, for instance, are contacted first when there is a potential crime involved. Other parties to be notified are customers that might have been affected by the incident and consultants, such as security experts or a computer forensics firm, who must be called in as early as possible.

4. Begin remediating the problem.

It is very important to fully understand the problem and its potential impact before any remediation is done. Otherwise, evidences might be damaged or the problem might aggravate. BackGrounD Software suggests, "disconnect your server(s) from the network, and if there is a potentially malicious code running, disconnect media devices as quickly as possible (i.e. disks, SAN, NAS). You never know how far the intruder has managed to get, so the faster you disconnect the equipment, the more of a chance you have to save your data." The next steps in remediating the problem then depend on the resources and skills available within the team or the company.

5. Document everything.

Experts also stress the importance of documentation as it is often overlooked. Documentation aids in recovering the affected system and in strategizing against future incidents.

6. Develop a strategy for stopping the next attack.

As DarkReading puts it, "if one attacker finds a vulnerability, there's a good chance that he may have accomplices -- or that another attacker might find the same vulnerability." Thus, it is necessary to develop a strategy to block possible holes still existing in the system.

To read the full article, access it here.

Wednesday, 18 July 2007 09:13:22 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 17 July 2007

Gangs of hackers, who are presumed to be based in Eastern Europe, initiated various website assaults now known as "The Italian job." More than 10,000 web pages of popular web sites have been penetrated and infected by this attack, and it is believed to have started in the middle of last month. Most of the infected sites are Italian websites, but the expanse of the attacks has reached Spain and the US as well.

A "tool kit" worth $815 which is sold online in Russia was used by the hackers to embed "keylogger" codes on the computers of those who visited the sites. These codes enable the hackers to access the infected machines and track valuable user information such as bank details and passwords. The gravity of this attack has been evidently tremendous as it was aimed at established websites to steal banking identities.

David Perry, director of Trend Micro, says: "This is a paradigm shift. We can expect to see this kind of thing being replicated now for the next five or six months." He explained that the Italian job has become very effective because the bug has been particularly programmed to adapt to various types of weaknesses in computer security systems. "It looks for a wide spectrum of vulnerabilities in a computer, acting like a sort of Swiss Army knife with many different ways to pierce through the protection."

Access the full article at

Tuesday, 17 July 2007 15:55:02 (W. Europe Standard Time, UTC+01:00)  #     | 

Symantec recently reported that it has detected phishing sites hosted on government servers. In the last month, it has found phony sites hosted on government servers in Thailand, Indonesia, Hungary, Bangladesh, Argentina, Sri Lanka, Ukraine, China, Brazil, Bosnia-Herzegovina, Columbia and Malaysia. This new disturbing trend compromises the credibilty of government-hosted sites and jeopardizes the security within government online transactions.

Basically, these phishing sites managed by data thieves are used to mimic authentic business or government sites in order to gather valuable information from users such as credit card details or account passwords. These information are in demand in the underground market, and these could easily result to identity theft or account fraud.

Government servers that are involved in low-risk jobs are often the target of this sort of scams. However, despite these servers being relatively low-risk, this still poses a problem. "Under the Federal Information Security Management Act, information technology security in the federal government is based on a philosophy of risk management. It does not aim for absolute security — which is impossible anyway — but for the proper level of security. Administrators do a risk-based assessment of their IT systems, prioritizing them by their vulnerabilities, their role in the agency’s mission and the criticality of that mission." Nonetheless, the impact and dangers of these phishing sites that are faced by the citizens should very well be considered in the process of risk-assessment as well.

Read the full article here.

Tuesday, 17 July 2007 14:46:50 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 16 July 2007

The Computer Science and Telecommunications Board (CSTB) released on 26th June 2007 Toward a Safer and More Secure Cyberspace, "a broad research agenda that includes traditional, problem-specific studies as well as unconventional ideas necessary to combat current and future cybersecurity threats. The report examines the vulnerabilities of the Internet and offers a strategy for future research aimed at countering cyber attacks. The report also explores the nature of online threats and some of the reasons why past research for improving cybersecurity has had less impact than anticipated."

To purchase or skim through the publication online, go to the National Academies Press.

Monday, 16 July 2007 13:03:49 (W. Europe Standard Time, UTC+01:00)  #     | 

OECD recently released their Communications Outlook Report, a discussion and an analysis of market structures and recent policy developments. Among the topics discussed was the chapter on main trends in pricing in telecommunication services. It has been noted that with the dramatic increase in Broadband speeds, subscription costs have either remained constant or have been reduced. Based on monthly subscriptions, Sweden has the cheapest broadband plan with $10.47 a month, and US ranks fourth with $15.93 a month. With regard to the newest broadband technology: Fiber, Japan NTT residential connection (100 Mbps down/up) costs $49 a month, and in the US, Verizon FiOS (30 megabits down/5 megabits up) costs $191.20.

More on the OECD Communications Outlook Report here.

Related article may also be accessed at GigaOM.

Monday, 16 July 2007 08:56:01 (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, 11 July 2007

The Ugandan Government is finalising new cyber laws aimed at protecting computer users from cyber crime, including personal intrusion, national security, fraud and con activities.

"Liberalised information can lead to unwanted uses and usage leading to cyber crime. It is necessary to have legal infrastructure within which the technologies can be used. There are three bills which have been drafted, the Electronics Transactions Bill, Digital Signatures Bill and the Computer Misuse Bill," the information and communications technology minister, Ham Mulira, explained.

Read the full article at

For more information on ICT policy developments in Africa, please see the Balancing Act website.

Wednesday, 11 July 2007 09:56:40 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 26 June 2007

An ITU commissioned study on a Generic National Framework for Critical Information Infrastructure Protection is now available.

The objective was to outline a possible simple framework that could be of potential interest to developing countries who wished to establish a national Critical Information Infrastructure Protection (CIIP) programme. The framework is modeled after the Swiss Reporting and Analysis Center for Information Assurance (MELANI). The author, Manuel Suter, is from the Crisis and Risk Network (CRN), Center for Security Studies (CSS), ETH Zurich, Switzerland, who produce the International CIIP Handbook: An Inventory and Analysis of National Protection Policies.

The Center for Security Studies previously produced a study for ITU entitled A Comparative Analysis of Cybersecurity Initiatives Worldwide.

This paper has been submitted to ITU-D Study Group Question 22/1: Securing information and communication networks: best practices for developing a culture of cybersecurity for their consideration.

The views expressed in the study are those of the author and do not necessarily reflect the opinions of the ITU or of its membership.

Tuesday, 26 June 2007 20:14:42 (W. Europe Standard Time, UTC+01:00)  #     | 
 Thursday, 21 June 2007

A new paper: Terrorism in Cyberspace - Myth or reality? has been posted by cybercrime expert Judge Stein Schjolberg on his website

Thursday, 21 June 2007 22:17:39 (W. Europe Standard Time, UTC+01:00)  #     | 

28-31 Aug 2007 The ITU, in collaboration with the Viet Nam Ministry of Posts and Telematics and with support from the government of Australia, will be hosting a workshop 28-31 August 2007 entitled Regional Workshop on Frameworks for Cybersecurity and Critical Information Infrastructure Protection in Hanoi, Viet Nam.

The description of the event, draft agenda, invitation letter, and practical information for meeting participants is available on the event website. Further information is available from

Thursday, 21 June 2007 08:33:04 (W. Europe Standard Time, UTC+01:00)  #     | 
 Thursday, 07 June 2007

ITU has developed an online tool to keep track of crucial ICT security standards work through a single access point. The guide called the ICT Security Standards Roadmap brings together information about existing standards and work in progress by the world's key standards developers. It is a collaborative effort between ITU, the European Network and Security Information Agency (ENISA) and the Network and Information Security Steering Group (NISSG).

Thursday, 07 June 2007 09:45:14 (W. Europe Standard Time, UTC+01:00)  #     | 

The ICT Applications and Cybersecurity Division Internet Multilingualization website is now available.

Thursday, 07 June 2007 06:06:00 (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, 30 May 2007

An electronic version of the 2007 Cybersecurity Guide for Developing Countries is available in English. Non-finalized versions are also available in Arabic, Chinese, French, Russian and Spanish. NB: A printed copy of this publication is available on request.

The 2006 version of the guide is available in English and French.

Wednesday, 30 May 2007 09:45:28 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 28 May 2007
A North American corporation focused on acquiring versatile and profitable companies in the IT sector "...has received an order for a turnkey DICOM archive solution [...] to be deployed within Saskatchewan's Provincial health care region. The order is significant and unprecedented as it represents the first of its kind in Canada. The [...] Image Manager is a secure, open-system software solution for transporting, storing, tracking and retrieval of digital images across an entire DICOM network.

To view the full article by On The Go Technologies Group as published by GRIDtoday on 28 May 2007, click here.

Monday, 28 May 2007 16:48:16 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 21 May 2007

The ITU will be hosting a workshop on 17th Sepember 2007 entitled ITU Workshop on Frameworks for National Action: Cybersecurity and Critical Information Infrastructure Protection:

At the start of the 21st century, modern societies have a growing dependency on information and communication technologies (ICTs) which are globally interconnected. However, with these growing dependencies, new threats to network and information security have emerged. There is a growing misuse of electronic networks for criminal purposes or for objectives that can adversely affect the integrity of critical infrastructures within States. To address these threats and to protect these infrastructures, a coordinated national framework is required - combined with regional and international cooperation. This workshop will review several related ITU initiatives and present two case studies by expert speakers from the United States of America and the European Union on their respective approaches. Attendance at the workshop is open to all interested participants within available space. Further information is available from

Monday, 21 May 2007 12:02:12 (W. Europe Standard Time, UTC+01:00)  #     | 

This is the newly unveiled newslog for the ITU's Bureau for Telecommunication Development ICT Applications and Cybersecurity Division. More will be posted here soon.

Monday, 21 May 2007 11:22:47 (W. Europe Standard Time, UTC+01:00)  #     | 
 Friday, 04 May 2007

Although the European Commission decided against imposing new legislative restrcitions on radio frequency identification (RFID) tags for now (opting for "soft legislation" instead) , a top official warned on Monday that regulations are likely if future uses of the technology don't protect fundamental privacy rights, reports ZDNet. Gerald Santucci, head of the European Commission unit whose domain includes RFID issues, said he feared that rushing to place restrictions on industries hoping to use the technology would choke its potentially valuable application in health care, business, transportation and other realms. But if regulators deem that widespread RFID use is insufficiently safe, secure and privacy-preserving, then "Mrs. Reding [European Commissioner for Information Society and Media] will have no other option but to trigger legislation," Santucci told participants at a luncheon discussion in Washington DC. By the end of 2008, the commission plans to reevaluate whether legislation is necessary. It's unclear how restrictive any potential rules would be.

Read the full story here (ZDNet). More on the European Commission Policy on RFID can be found here.

RFID, along with sensors and nanotechnology, was one of the key techological developments explored in the 2005 ITU Internet Report on The Internet of Things. An ITU New Initiatives Workshop on Ubiquitous Networks Societies was also held in the same here. Network aspects of identification systems are being studied in the context of standardization by the ITU's JCA-NID.

Friday, 04 May 2007 16:11:04 (W. Europe Standard Time, UTC+01:00)  #     | 

A United States House of Representatives subcommittee approved a bill on spyware this week, which recommends up to five years in prison for convicted distributors of malicious spyware.

Past versions of the Internet Spyware Prevention Act have failed to pass a vote in the United States Senate. Observers have pointed out, however, that the increasing militancy among users fed up with unwanted software intrusion may make this latest attempt more successful. And there is a lot at stake. Creating trust in the internet will ensure its future development. More on this story is available here.

The ITU is taking a leading role in cybersecurity initiatives, particularly in light of calls for global action made at the World Summit on the Information Society. More information on ITU's work in this area is available here.

Friday, 04 May 2007 15:01:37 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 01 May 2007

According to a recent Press Realease by The Infocomm Development Authority of Singapore (IDA), Singapore is already looking into a new five-year infocomm security roadmap (2008-2012) as it embarks on the final year of the current three-year Infocomm Security Masterplan (2005-2008). The Infocomm Security Masterplan was launched on 22 February 2005 as a strategic roadmap to chart Singapore's national efforts in developing capabilities to prevent cyber-security incidents and protect the critical infrastructure from cyber-threats. According to Dr. Vivian Balakrishnan, Second Minister for Information, Communications and the Arts, Singapore "cannot afford to be complacent, especially with new and dangerous threats evolving and growing at such an alarming rate. Instead of simply taking one step forward, we need to be many steps ahead in our efforts to combat cyber threats."

Providing a glimpse of the new five-year Masterplan to be launched in 2008, Dr. Balakrishnan shared that the new infocomm security roadmap will build on Singapore's existing efforts to focus on more international collaborations to improve Singapore's ability to combat cyber threats. The collaborations will look into knowledge exchanges and regular communication between governments on cyber threat trends and protection of critical infrastructure. When launched in 2008, the new security roadmap will also secure Singapore's ultra high-speed and pervasive Next Generation National Infocomm Infrastructure (NGNII) to provide a secure and trusted environment for the creation of new value-added services such as location-based marketing, goods tracking and localised information services and the pervasive adoption of online services such as those in the area of banking, healthcare and education.

Under the current Masterplan, the government has developed various security initiatives to equip public officers with more timely information and knowledge to assess and improve on their cyber defence. This allows them to better protect, detect and respond to cyber threats. An example is the Cyber-WatchCentre which monitors cyber threats real-time and round-the-clock. By mid 2008, the centre will ensure end-to-end security for all public officers, allowing government agencies to better anticipate cyber attacks and respond to them speedily.

For more information on these inititiatives, view the IDA Press Release.

Tuesday, 01 May 2007 15:19:40 (W. Europe Standard Time, UTC+01:00)  #     | 
 Thursday, 08 March 2007

The first steps towards a globally harmonized approach to identity management (IdM) have been taken during a meeting of the ITU Focus Group on Identity Management (FG IdM) bringing together, for the first time, the world’s key players in the IdM space.

IdM promises to reduce the need for multiple user names and passwords for each service used, while maintaining privacy of personal information. A global IdM solution will help diminish identity theft and fraud. Further, IdM is one of the key enablers for a simplified and secure interaction between customers and services such as e-commerce. Experts at the meeting concurred that interoperability between existing IdM solutions will provide significant benefits such as increased trust by users of on-line services as well as cybersecurity, reduction of spam and seamless "nomadic” roaming between services worldwide. Abbie Barbir, chairman of the Focus Group on Identity Management: "Our main focus is on how to achieve the common goals of the telecommunication and IdM communities. Nobody can go it alone in this space, an IdM system must have global acceptance. There was a very positive feeling at the meeting that we can achieve this and crucially we saw a great level of participation from all key players."

The meeting of the FG IdM brought together developers, software vendors, standards forums, manufacturers, telcos, solutions providers and academia from around the world to share their knowledge and coordinate their IdM efforts. Interoperability among solutions so far has been minimal. One conclusion of attendees is that cooperation is crucial and that players cannot exist in isolation.

The spirit of the meeting was that everyone will gain by providing an open mechanism that will allow different IdM solutions to communicate even as each IdM solution continues to evolve. Such a "trust metric" does not exist today experts say. Work will continue online and during Focus Group meetings in April, May, and July 2007. An analysis of what IdM is used for will be followed by a gap analysis between existing IdM frameworks now being developed by industry fora and consortiums. These gaps should be addressed before the interworking and interoperability between the various solutions can be achieved. The aim is to provide the basis for a framework which can then be conveyed to the relevant standard bodies including ITU-T Study Groups. The document will include details on the requirements for the additional functionality needed within next generation networks. ITU has a long history of innovation in this field, with key work on trusted, interoperable identity framework standards including Recommendation X.509 that today serves as the primary "public key" technical mechanism for communications security across all telecom and internet infrastructures.

See more information on the Focus Group on Identity Management (FG IdM) website.

Thursday, 08 March 2007 10:42:50 (W. Europe Standard Time, UTC+01:00)  #     | 
 Thursday, 01 March 2007

Kaspersky Lab, a developer of secure content management solutions, recently announced its annual report on malware and spam evolution. The report, authored by Kaspersky Lab analysts, surveys the trends of 2006 and looks at what 2007 may bring.

Malware Evolution: 2006. The report provides an overview of the most important incidents in the malware world, highlights the main trends, and examines how the situation will evolve. Particular stress is laid on the continuing increase in the number of Trojan programs, particularly those designed to steal online gaming account data; the first viruses and worms for MacOS; and Trojans for J2ME, which are designed to steal funds from mobile user accounts. The number of new malicious programs was up 41% on 2005. As for the future evolution of malicious programs, Kaspersky Lab virus analysts believe that virus writers and spammers will work ever more closely together; the number of Trojans will continue to increase; and that virus writers will be on the lookout for exploitable vulnerabilities in Vista.

Spam Evolution: 2006. Data provided by the Kaspersky Spam Lab shows that in 2006, between 70% and 80% of mail traffic on the Russian Internet was spam. The majority of spam sent to Russian users originates in Russia, the U.S.A. and China. Spammers actively used graphics in order to evade spam filters. They are also continued to send spam masquerading as personal correspondence in order to get the recipient to read the whole message and then act as the spammers intended, whether by calling a designated number or clicking on a link. The report on spam evolution also highlights how mass mailings differ from each other according to language: most Russian language spam offers education and training, and a wide range of goods ranging from busts of the Russian president to a device which will 'translate' a dog's bark. English language spam, on the other hand, tends to focus on advertising for stocks and shares, viagra and cheap software. The report also notes that spam became increasingly criminalized in 2006, with spammers actively using SMS to spread spam.

The company's analysts believe that technologies currently in use will continue to evolve in 2007, together with further development of graphical spam, and increased criminalization of mass mailings.

Read the executive summaries here: Malware Evolution: 2006 and Spam Evolution: 2006.
The full annual report can be found here.  

This news item was accessed through Russia Newswire.

Thursday, 01 March 2007 16:03:34 (W. Europe Standard Time, UTC+01:00)  #     | 

ITU-T Study Group 2’s February meeting saw work continue on harmonizing numbering resources for child helplines. Study Group 2 is looking at the issue following a request from Child Helpline International (CHI). CHI is a global network of telephone helplines and outreach services for children and young people.

Specifically Study Group 2 is looking at the logistics of providing a global number. It previously conducted a survey which discovered that a wide range of numbers are in use globally and that there is support in many countries for studying a more harmonized solution. A review process will be an initial assessment of all of the various options for introducing childrens’ helplines. The fundamental question is whether a single number can be deployed worldwide. Other issues include how regulators will handle migration from existing services and who pays for the services.

See the Study Group 2 website and ITU-T Newslog for further information.

Thursday, 01 March 2007 09:20:43 (W. Europe Standard Time, UTC+01:00)  #     |