Countering spam by technical means
(Continuation of Q5/17)
Motivation
Spam has become a widespread problem causing potential loss of revenue to Internet service providers, telecommunication operators, mobile telecommunication operators and business users around the globe. Furthermore, spam creates problems of information and telecommunication network security while being used as a vehicle for phishing and spreading viruses, worms, spyware and other forms of malware, etc. Therefore, WTSA-16 Resolution 52 instructed the relevant study groups to continue to support ongoing work, in particular in Study Group 17, related to countering spam and accelerate their work on spam in order to address existing and future threats within the remit and expertise of the ITU-T, as appropriate. In addition, it is instructed to continue collaboration with the relevant organizations, in order to continue developing, as a matter of urgency, technical Recommendations with a view to exchanging best practices and disseminating information through joint workshops, training sessions, etc., and further instructs Study Group 17 to report regularly to the Telecommunication Standardization Advisory Group on the progress of this resolution.
With the rapid expansion of mobile internet and the convergence of ICT technologies, the main ingredients of spam have significantly evolved from traditional advertisement, fraud to convergence malicious software such as ransom and targeted attacks. Those new generation of SPAM are also unsolicited and harassed to ICT service consumers, but they do even more serious damage than traditional ones. A targeted attack often uses spear phishing, a type of social engineering, to gain access to the network through legitimate means such as email. Ransomware is a type of malicious software that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid. Some of the malware, especially most of the ransomware can be spread through a malicious email attachments and compromised website.
Countering spam has been recognized as a global problem that requires a multifaceted, comprehensive approach. Study Group 17, as the lead study group on telecommunication security and in supporting the activities of WTSA Resolutions 52, is well-positioned to study the range of potential technical measures to counter spam as it relates to the stability and robustness of the telecommunication network. In addition, technical structure for existing and potential Recommendations on countering spam by technical means has been established to facilitate Recommendation production. Furthermore, new Recommendations should be published to counter new forms of spam.
Recommendations and Supplements under responsibility of this Question as of 19 September 2018: X.1231, X.1240, X.1241, X.1242, X.1243, X.1244, X.1245, X.1246, X.1247, X.1248, and Supplements X.Suppl.6, X.Suppl.11, X.Suppl.12, X.Suppl.14, X.Suppl.25, X.Suppl.29 and X.Suppl.33.
Text under development: X.1249 (X.tfcma), X.gcims, X.tecwes, X.tfcas, X.tfcmms and X.tsfpp.
Question
Study items to be considered include, but are not limited to:
a) How to understand and identify spam?
b) What are new forms of spam in existing and future networks?
c) What are serious effects of spam?
d) What are technical factors which contribute to difficulties of identifying the sources of spam?
e) How can new technologies, services and applications, such as instant messaging, social networking, mobile application, Voice over Long-Term Evolution (VoLTE)/ Rich Communication Suite (RCS) etc. lead to opportunities to create and spread spam?
f) How can routes, sources and volumes of spam be identified to counter and combat such spam?
g) How can implement the messaging security?
h) How can a malicious software and malware distribute through email be prevented?
i) How can routes, sources and volumes of spam be identified and the amount of investment in facilities and other technical means be estimated to counter and combat such spam?
j) How can a targeted attack using a spear phishing be prevented?
k) How can a ransomware distributed through email be prevented?
l) What technical work is already being undertaken within the IETF, 3GPP, GSMA, M3AAWG, in other fora, and by private sector entities to address the problem of spam?
m) What telecommunication network standardization work, if any, is needed to effectively counter spam as it relates to the stability and robustness of the telecommunication network?
n) What are the effective and efficient solutions for countering spam?
o) How are generic and specific requirements developed for information sharing on countering spam?
p) What are the best practices for countering spam?
Tasks
Tasks include, but are not limited to:
a) Act as the lead group in ITU-T on technical means for countering spam, as spam is described by Study Group 2.
b) Identify and examine the telecommunication network security risks (at the edges and in the core network) introduced by the constantly changing nature of spam.
c) Identify routes, sources and volumes of spam and estimate the amount of investment in facilities and other technical means to counter and combat such spam.
d) Develop a comprehensive and up-to-date resource list of the existing technical measures for countering spam in a telecommunication network that are in use or under development.
e) Develop new Recommendations for countering existing and emerging forms of spam.
f) Develop a set of technical measures to support messaging security.
g) Develop new Recommendations for preventing a malicious software and malware distributed through e-mail.
h) Develop a set of solutions to prevent targeted attacks using a spear phishing through e-mail
i) Develop new Recommendations for preventing a ransomware distributed through e-mail.
j) Develop generic and specific requirements for information sharing on countering spam.
k) Determine whether new Recommendations or enhancement to existing Recommendations, including methods to combat delivery of unsolicited email, malware, and other malicious contents, and combat compromised network equipment, such as Botnets, would benefit efforts to effectively counter spam as it relates to the stability and robustness of the telecommunication network.
l) Provide regular updates to the Telecommunication Standardization Advisory Group and to the Director of the Telecommunication Standardization Bureau to include in the annual report to Council.
Relationships
Questions:
• ITU-T Qs 1/17, 2/17, 3/17, 4/17, 6/17, 7/17, 8/17, 9/17, 10/17 and 11/17.
Study Groups:
• ITU-D SGs 1 and 2; ITU-T SGs 2, 11, 13, 16 and 20.
Standardization bodies:
• ISO/IEC JTC 1; Internet Engineering Task Force (IETF); European Telecommunications Standards Institute (ETSI); Third Generation Partnership Project (3GPP); Third Generation Partnership Project 2 (3GPP2); Open Mobile Alliance (OMA) and other relevant national & international standards organizations
Other bodies:
• GSM Association (GSMA); Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG); Forum for Incident Response and Security Teams (FIRST); National Institute of Standards and Technology (NIST); Organisation for Economic Cooperation and Development (OECD).
