|
Work item:
|
X.gpmr
|
|
Subject/title:
|
Guidelines and security measures for prevention and mitigation of ransomware
|
|
Status:
|
Under study
|
|
Approval process:
|
AAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
2026-Q2 (No priority specified)
|
|
Liaison:
|
-
|
|
Supporting members:
|
Ant Group. China Unicom, China Mobile
|
|
Summary:
|
With the increasing attacks from ransomware, ransomware may have brought severe security threats to those in financial, construction education, information transmission, software and information technology services and manufacturing industry, etc. By encrypting data or denying access to the device, blocks the normal use of user’s data assets or computing resources, ransomware sources of attacks blackmail organizations in exchange for decryption key or restore access to the device, which often cause huge economic losses, theft of data and impact to services.
Ransomware can have an impact on various formats of files such as documents, emails, databases, and source code, and can use real currency or virtual currencies to extort a ransom. In addition, sources of attacks usually a set time limit for ransom payment, and the ransom amount will also increase over time. These characteristics further increase the difficulty of preventing and mitigating ransomware. Sometimes, even if the victim organizations pay ransom to the source of attack, the encrypted files cannot be recovered. In recent years, huge amounts of organizations were attacked by ransomware, causing serious losses to global industry.
In order to assist organizations to improve the awareness and capabilities on the prevention and mitigation of ransomware, a detailed guideline focusing on the mitigation and prevention of ransomware is needed.
This recommendation provides a description of handling process for ransomware, provides security measures for ransomware mitigation in each phase, and provides guidelines for ransomware prevention.
The purpose of this Recommendation is to guide organizations to scientifically prevent and mitigate ransomware attacks so that can reduce the impact of ransomware.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2024-03-12 10:36:58
|
|
Last update:
2024-03-12 10:43:29
|
|
