Page 153 - 2015 Security in Telecommunications and Information Technology
P. 153
SECURITY IN TELECOMMUNICATIONS AND INFORMATION TECHNOLOGY
13 Countering common network threats
Threats to computer systems and to the networks that link them are many and varied. Although many attacks
can be initiated locally, the vast majority of attacks today are conducted via communications networks. The
fact that vast and increasing numbers of computers and network devices are connected to the Internet and
operated from homes and workplaces by people with little training, awareness or knowledge of IT security
greatly increases the ease and probability of remote, often indiscriminate, attacks. Spam, spyware, viruses and
other attack vectors are released in ever greater numbers. The attackers often rely on weak and inadequately
protected systems as conduits for their malware.
In this section, an overview of the work of the ITU-T to respond to some of these threats is presented.
13.1 Spam
Spam is any unsolicited, unwanted or potentially harmful message. While the most widely recognized form of
spam is e-mail spam, the term also applies to other forms such as instant messaging spam, mobile messaging
spam, and VoIP spam. In fact, its meaning is evolving and broadening with the development of technologies
that provide novel opportunities to create spam. Spam is recognized as a widespread problem that interferes
with legitimate operations of telecommunication operators, service providers and users. It consumes
bandwidth and processing cycles and, in extreme cases, can result in denial of service attacks by flooding
networks. No single anti-spam measure is effective on its own and, given the agility and resourcefulness of
spammers, even a combination of measures often proves effective only to the extent of reducing the volume
of spam. Examples of measures being used include: regulation; technical measures; international cooperation;
and education of users and Internet service providers.
13.1.1 Technical strategies on countering spam
The ITU-T work on spam focuses primarily on technical counter-measures. Recommendations are being
developed using a framework that allows for extensibility as illustrated in Figure 65.
Figure 65 – Standardization framework for countering spam
Countering common network threats 131