Introduction
The International Telecommunication Union organized a workshop on Advanced Cybersecurity Attacks and Ransomware that was held on 28 August 2018, at ITU Headquarters, Geneva, Switzerland. This workshop did precede the ITU-T Study Group 17 meeting held from 29 August to 7 September 2018 in the same venue.

Objectives
Advanced cybersecurity attacks and ransomware are evolving in the cybercrime threat landscape. Advanced cybersecurity attacks refer to all the sophisticated forms of attacks, in particular targeted attacks as well as ransomware which is more than just cybercrime. Targeted attacks (also referred to as Advanced Persistent Threats (APTs)) are attacks directed at a specific target as opposed to wide scale indiscriminate campaigns. Their motivations are mostly around intelligence gathering, disruption, sabotage or financial gain. Ransomware is a type of malware, short for malicious software, that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid to attackers. Ransomware is one of the top challenges in cybersecurity for the past few years. There are over 50 different ransomwares, and each one has multiple variants. The ransomware attacker typically just wants money, unlike other malware which mainly steals your information or gains unauthorized access.

The objectives of this workshop were:

• to facilitate a better understanding of advanced cybersecurity attacks and ransomware landscape by sharing on-going activities among relevant groups and industries that aim to prevent such attacks, analyzing how such attacks are conducted and assessing risks of such attacks caused to social, cultural, and economic systems;

• to promote holistic solutions including technical, organizational and administrative countermeasures;

• to discuss how international standards could assist organizations to take necessary actions; and to focus on what ITU-T SG17 should undertake to contribute to countering such attacks.

Target Audience
ITU Member States, ICT Regulators, Policymakers, ICT Service/Platform Providers, Mobile Operators, International Standards Organizations, NGOs related to security and privacy protection.