{"id":2489,"date":"2025-10-28T17:58:53","date_gmt":"2025-10-28T08:58:53","guid":{"rendered":"https:\/\/www.protectmedicaldata.org\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/"},"modified":"2025-10-29T09:31:26","modified_gmt":"2025-10-29T00:31:26","slug":"software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously","status":"publish","type":"post","link":"https:\/\/www.protectmedicaldata.org\/en\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/","title":{"rendered":"Software Vulnerability and Malware Attacks \u2014 An International Standard ITU-T X.1220 That Defends Both Simultaneously"},"content":{"rendered":"\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Jonghyun Woo
Editors of ITU-T X.1220<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t

\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Summary<\/h3>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\tAmong cyber attacks, the two that security teams and operations teams should pay the most attention to are software vulnerability attacks and malware attacks. In this article we examine how large a portion these two attack types occupy in overall cyber attacks and introduce a new international standardized technology that can defend against both simultaneously. Through this we propose a method to build an additional defense layer beyond existing network and endpoint protection systems to prepare for unknown cyber attacks (such as zero-day attacks). In other words, we present measures to keep critical data safe even if attacks abusing undiscovered vulnerabilities or malware in forms that evade detection occur. \t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Types of Cyber Attacks and Defense Systems by Type\n<\/h3>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Recently, a variety of cyber attacks targeting telecommunications companies, medical institutions, and government agencies have been occurring one after another. These cyber attacks can be broadly classified into four categories based on their operational methods. <\/p>

  1. Software vulnerability attacks<\/li>
  2. Malware attacks<\/li>
  3. Phishing attacks<\/li>
  4. DDoS (Distributed Denial of Service) attacks<\/li><\/ol>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    Among these, software vulnerability attacks<\/strong> exploit flaws in operating systems or business applications we use, allowing the attacker to take over administrator privileges. Through these flaws an attacker secures administrator rights on a PC or server and executes commands as if they were a legitimate user. As a result, they can exfiltrate internal data or encrypt it (ransomware), causing damage. PC or server operators must regularly apply patches and updates to defend against this, but in practice software vendors often cannot provide patches quickly, and there are many cases exploiting zero-day vulnerabilities that have not yet been publicly disclosed. <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t

    \n\t\t\t\t\t\t\t\t\t

    The second attack type is malware<\/strong>. Malware attacks infect systems with malicious programs and continuously perform malicious actions in the background. Attackers distribute malicious code via email attachments, malicious links, drive-by downloads, etc., and the infected devices can cause various harms such as data leakage, information collection, remote control, and keylogging. Particularly, advanced malware uses evasion techniques such as obfuscation or rootkits to bypass antivirus and security solutions, making detection and removal difficult. <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t

    \n\t\t\t\t\t\t\t\t\t

    The third is phishing<\/strong>. Phishing is a social-engineering attack technique that impersonates a trusted sender or service to steal personal information or authentication credentials. Attackers deceive users via email, SMS, messengers, or fake login pages to induce entry of passwords, OTPs, card information, or to install malware. Because phishing targets \u201chuman trust\u201d rather than a technical vulnerability, it is easy to be careless; targeted (spear-phishing) attacks in particular have higher success rates and larger impacts. Efforts such as applying strong authentication methods, preblocking suspicious links, regular security training, and phishing simulation drills aim to reduce user vulnerabilities, but ultimately it is impossible to completely prevent users from being deceived by attackers. <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t

    \n\t\t\t\t\t\t\t\t\t

    Finally, DDoS attacks<\/strong> concentrate excessive traffic on a specific server or service using many distributed devices, making normal service provision impossible. Attackers exploit botnets or cloud resources to saturate network bandwidth or consume application resources, reducing service availability. Large-scale DDoS attacks can cause service outages, financial loss, and reputational damage for businesses. To mitigate this, traffic scrubbing and filtering, edge CDNs, or cloud-based mitigation services can be applied, but it is impossible to preemptively block all excessive traffic that comes in over public networks. <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t

    \n\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\n \n \n \n \n \n \n \n
    \n Summary table of the four major categories of cyber attacks\n <\/caption>\n
    Category<\/th>\n Main techniques<\/th>\n Main targets<\/th>\n Objective (Outcome)<\/th>\n Defense methods<\/th>\n Proportion<\/th>\n <\/tr>\n <\/thead>\n
    Software vulnerabilities<\/th>\n Exploit vulnerability \u2192 privilege escalation<\/td>\n Servers \u00b7 Cloud \u00b7 Applications<\/td>\n Steal admin privileges \u2192 internal access<\/td>\n Patch \/ Update<\/td>\n 25%<\/td>\n <\/tr>\n
    Malware (ransomware)<\/th>\n Install \/ execute malicious code<\/td>\n Personal PCs \u00b7 Servers \u00b7 Medical devices<\/td>\n Data encryption \u00b7 Data exfiltration \u00b7 Monetary demands<\/td>\n Anti-virus \/ EDR<\/td>\n 30%<\/td>\n <\/tr>\n
    Phishing \u00b7 Social engineering<\/th>\n Deceptive emails \/ messages<\/td>\n Employees \u00b7 User accounts<\/td>\n Account takeover \u2192 internal intrusion<\/td>\n Phishing-resistant MFA<\/td>\n 40%<\/td>\n <\/tr>\n
    DDoS<\/th>\n High-volume traffic attacks<\/td>\n Services \u00b7 Web portals<\/td>\n Service outage \u00b7 Business interruption<\/td>\n Traffic scrubbing<\/td>\n 5%<\/td>\n <\/tr>\n <\/tbody>\n<\/table>\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    Among the four attack types, rather than focusing primarily on preparing for phishing attacks that deceive employees or DDoS attacks that send traffic over public networks, it is more realistic for security officers and system operators to prepare for software vulnerability attacks and malware attacks. Especially because these two types together account for more than half of all cyber attacks, strengthening defenses in these areas is the most effective way to raise overall security posture. <\/p><\/blockquote>\t\t\t\t\t\t\t\t<\/div>\n\t\t

    \n\t\t\t\t
    \n\t\t\t\t\t

    Limitations of Existing Defense Systems and Establishment of a New Defense Standard\n<\/h3>\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\tWhat security officers and system operators currently use as preventive measures are constant updates to minimize software security vulnerabilities and adding network protection and endpoint protection to shield systems. However, these systems can only develop patches or block attacks if they \u201calready know about the vulnerability, malware, or intrusion behavior.\u201d A blacklist approach that blocks known attacks cannot prevent newly appearing vulnerabilities, malware, or intrusion behaviors. \n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    Theoretically, a whitelist approach can be used so that only \u201cregistered network packets\u201d or \u201callowed programs\u201d operate, but it is practically very difficult to run a whitelist on network nodes shared across all systems or on endpoints where many pieces of software run. It is impossible to predict how a system\u2019s network packets might change, and with operating system patches being released daily, re-registering everything each time is inefficient. <\/p>

    Therefore, even if security officers or system administrators consistently apply updates to protected systems, keep antivirus signatures up to date, and monitor network traffic as part of a layered defense, an attacker who exploits a software vulnerability unknown to us, attacks while a patch is being prepared, develops new malware that circumvents existing antivirus inspection, or distributes malware that operates in new behavioral modes to evade behavior-based detection engines may still cause theft or encryption of valuable data.

    To solve this problem, the ITU-T, an international standardization body under the UN, established a new storage protection approach as an international standard \u2014 ITU-T X.1220 \u2014 that applies whitelist access control at the storage layer where data is stored, rather than at shared network or endpoint layers.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t

    \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    This technology is placed between endpoints and storage; whenever a program running on an endpoint requests data, it checks whether that program is pre-registered. Registered programs can read and write the real data, while unregistered programs can only access fake data.

    If an unregistered program requests data, read-only fake data is provided. In other words, even if an attacker runs an exploit or malware on a PC or server to steal or encrypt files within the storage protection system, they cannot access the real data. <\/p>

    Most importantly, when a security officer or system operator registers an allowed program, they must input an OTP code from the PC or server so that a malicious program cannot be arbitrarily registered. Therefore, even if an endpoint is already compromised by an attacker, any program not registered via OTP cannot encrypt or delete data. <\/p>

    Thus, even when attacks exploiting unknown vulnerabilities or new malware attacks occur, data stored in storage protection remains safe because only allowed programs can access it.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t

    \n\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    A New Cyber Defense Paradigm Extended by Storage Protection\n<\/h3>\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\tGiven that software vulnerability and malware attacks constitute more than half of all cyber attacks, the long-standing lack of fundamental countermeasures for these attacks has been pointed out as a structural limitation of cyber security. In this context, the UN-affiliated international standardization body presenting a new alternative capable of dealing with unknown attacks represents a meaningful advance. \t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    To prepare for the increasingly evolving nature of cyber attacks, a new perspective is needed that considers security at the storage layer in addition to defense-centric approaches at the network and endpoint layers. If storage is designed not as a simple data repository but as a final line of defense that attacks cannot pass through, it can complement data areas that conventional security systems have failed to address.

    Going forward, we should continue to develop and expand this whitelist-based data access control model so it can be enhanced to block both vulnerability attacks and malware attacks at the storage level \u2014 effectively creating a new \u201csecurity genre.\u201d This will be more than the adoption of a single technology; it will be the first step toward fundamentally transforming the paradigm of cyber security. <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

    Jonghyun WooEditors of ITU-T X.1220 Summary Among cyber attacks, the two that security teams and operations teams should pay the most attention to are software vulnerability attacks and malware attacks. In this article we examine how large a portion these two attack types occupy in overall cyber attacks and introduce a new international standardized technology […]<\/p>\n","protected":false},"author":8,"featured_media":2496,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[22],"tags":[],"class_list":["post-2489","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-en"],"yoast_head":"\nSoftware Vulnerability and Malware Attacks \u2014 An International Standard ITU-T X.1220 That Defends Both Simultaneously - Protect Medical Data<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.protectmedicaldata.org\/en\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Software Vulnerability and Malware Attacks \u2014 An International Standard ITU-T X.1220 That Defends Both Simultaneously - Protect Medical Data\" \/>\n<meta property=\"og:description\" content=\"Jonghyun WooEditors of ITU-T X.1220 Summary Among cyber attacks, the two that security teams and operations teams should pay the most attention to are software vulnerability attacks and malware attacks. In this article we examine how large a portion these two attack types occupy in overall cyber attacks and introduce a new international standardized technology […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.protectmedicaldata.org\/en\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/\" \/>\n<meta property=\"og:site_name\" content=\"Protect Medical Data\" \/>\n<meta property=\"article:published_time\" content=\"2025-10-28T08:58:53+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-10-29T00:31:26+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.protectmedicaldata.org\/wp-content\/uploads\/2025\/10\/AdobeStock_983909135-scaled.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1435\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"protectmedicaldata\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"protectmedicaldata\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/blog\\\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/blog\\\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\\\/\"},\"author\":{\"name\":\"protectmedicaldata\",\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/#\\\/schema\\\/person\\\/f25a0f4f2bd8db199675895429b2636b\"},\"headline\":\"Software Vulnerability and Malware Attacks \u2014 An International Standard ITU-T X.1220 That Defends Both Simultaneously\",\"datePublished\":\"2025-10-28T08:58:53+00:00\",\"dateModified\":\"2025-10-29T00:31:26+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/blog\\\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\\\/\"},\"wordCount\":1346,\"publisher\":{\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/blog\\\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/wp-content\\\/uploads\\\/2025\\\/10\\\/close-up-data-center-employee-stressed-by-security-breach-alert-scaled.jpg\",\"articleSection\":[\"News\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/blog\\\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\\\/\",\"url\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/blog\\\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\\\/\",\"name\":\"Software Vulnerability and Malware Attacks \u2014 An International Standard ITU-T X.1220 That Defends Both Simultaneously - Protect Medical Data\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/blog\\\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/blog\\\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/wp-content\\\/uploads\\\/2025\\\/10\\\/close-up-data-center-employee-stressed-by-security-breach-alert-scaled.jpg\",\"datePublished\":\"2025-10-28T08:58:53+00:00\",\"dateModified\":\"2025-10-29T00:31:26+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/blog\\\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/blog\\\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/blog\\\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/wp-content\\\/uploads\\\/2025\\\/10\\\/close-up-data-center-employee-stressed-by-security-breach-alert-scaled.jpg\",\"contentUrl\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/wp-content\\\/uploads\\\/2025\\\/10\\\/close-up-data-center-employee-stressed-by-security-breach-alert-scaled.jpg\",\"width\":2560,\"height\":1707,\"caption\":\"Technician in server hub doing face palm gesture, trying to protect hardware from hacker stealing information. Close up of data center employee stressed by security breach alert caused by virus\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/blog\\\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\ud648\",\"item\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Software Vulnerability and Malware Attacks \u2014 An International Standard ITU-T X.1220 That Defends Both Simultaneously\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/\",\"name\":\"protectmedicaldata\",\"description\":\"Protect medical data with Storage Protection\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/#organization\",\"name\":\"protectmedicaldata\",\"url\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/pmd_web_logo.png\",\"contentUrl\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/pmd_web_logo.png\",\"width\":456,\"height\":277,\"caption\":\"protectmedicaldata\"},\"image\":{\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/#\\\/schema\\\/person\\\/f25a0f4f2bd8db199675895429b2636b\",\"name\":\"protectmedicaldata\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/44ed5921a5f857a783f69487a44b1119a467c3cf18c85b0caa176e3acaaac868?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/44ed5921a5f857a783f69487a44b1119a467c3cf18c85b0caa176e3acaaac868?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/44ed5921a5f857a783f69487a44b1119a467c3cf18c85b0caa176e3acaaac868?s=96&d=mm&r=g\",\"caption\":\"protectmedicaldata\"},\"url\":\"https:\\\/\\\/www.protectmedicaldata.org\\\/en\\\/blog\\\/author\\\/protectmedicaldata\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Software Vulnerability and Malware Attacks \u2014 An International Standard ITU-T X.1220 That Defends Both Simultaneously - Protect Medical Data","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.protectmedicaldata.org\/en\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/","og_locale":"en_US","og_type":"article","og_title":"Software Vulnerability and Malware Attacks \u2014 An International Standard ITU-T X.1220 That Defends Both Simultaneously - Protect Medical Data","og_description":"Jonghyun WooEditors of ITU-T X.1220 Summary Among cyber attacks, the two that security teams and operations teams should pay the most attention to are software vulnerability attacks and malware attacks. In this article we examine how large a portion these two attack types occupy in overall cyber attacks and introduce a new international standardized technology […]","og_url":"https:\/\/www.protectmedicaldata.org\/en\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/","og_site_name":"Protect Medical Data","article_published_time":"2025-10-28T08:58:53+00:00","article_modified_time":"2025-10-29T00:31:26+00:00","og_image":[{"width":2560,"height":1435,"url":"https:\/\/www.protectmedicaldata.org\/wp-content\/uploads\/2025\/10\/AdobeStock_983909135-scaled.jpeg","type":"image\/jpeg"}],"author":"protectmedicaldata","twitter_card":"summary_large_image","twitter_misc":{"Written by":"protectmedicaldata","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.protectmedicaldata.org\/en\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/#article","isPartOf":{"@id":"https:\/\/www.protectmedicaldata.org\/en\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/"},"author":{"name":"protectmedicaldata","@id":"https:\/\/www.protectmedicaldata.org\/en\/#\/schema\/person\/f25a0f4f2bd8db199675895429b2636b"},"headline":"Software Vulnerability and Malware Attacks \u2014 An International Standard ITU-T X.1220 That Defends Both Simultaneously","datePublished":"2025-10-28T08:58:53+00:00","dateModified":"2025-10-29T00:31:26+00:00","mainEntityOfPage":{"@id":"https:\/\/www.protectmedicaldata.org\/en\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/"},"wordCount":1346,"publisher":{"@id":"https:\/\/www.protectmedicaldata.org\/en\/#organization"},"image":{"@id":"https:\/\/www.protectmedicaldata.org\/en\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/#primaryimage"},"thumbnailUrl":"https:\/\/www.protectmedicaldata.org\/wp-content\/uploads\/2025\/10\/close-up-data-center-employee-stressed-by-security-breach-alert-scaled.jpg","articleSection":["News"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.protectmedicaldata.org\/en\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/","url":"https:\/\/www.protectmedicaldata.org\/en\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/","name":"Software Vulnerability and Malware Attacks \u2014 An International Standard ITU-T X.1220 That Defends Both Simultaneously - Protect Medical Data","isPartOf":{"@id":"https:\/\/www.protectmedicaldata.org\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.protectmedicaldata.org\/en\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/#primaryimage"},"image":{"@id":"https:\/\/www.protectmedicaldata.org\/en\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/#primaryimage"},"thumbnailUrl":"https:\/\/www.protectmedicaldata.org\/wp-content\/uploads\/2025\/10\/close-up-data-center-employee-stressed-by-security-breach-alert-scaled.jpg","datePublished":"2025-10-28T08:58:53+00:00","dateModified":"2025-10-29T00:31:26+00:00","breadcrumb":{"@id":"https:\/\/www.protectmedicaldata.org\/en\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.protectmedicaldata.org\/en\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.protectmedicaldata.org\/en\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/#primaryimage","url":"https:\/\/www.protectmedicaldata.org\/wp-content\/uploads\/2025\/10\/close-up-data-center-employee-stressed-by-security-breach-alert-scaled.jpg","contentUrl":"https:\/\/www.protectmedicaldata.org\/wp-content\/uploads\/2025\/10\/close-up-data-center-employee-stressed-by-security-breach-alert-scaled.jpg","width":2560,"height":1707,"caption":"Technician in server hub doing face palm gesture, trying to protect hardware from hacker stealing information. Close up of data center employee stressed by security breach alert caused by virus"},{"@type":"BreadcrumbList","@id":"https:\/\/www.protectmedicaldata.org\/en\/blog\/software-vulnerability-and-malware-attacks-an-international-standard-itu-t-x-1220-that-defends-both-simultaneously\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\ud648","item":"https:\/\/www.protectmedicaldata.org\/en\/"},{"@type":"ListItem","position":2,"name":"Software Vulnerability and Malware Attacks \u2014 An International Standard ITU-T X.1220 That Defends Both Simultaneously"}]},{"@type":"WebSite","@id":"https:\/\/www.protectmedicaldata.org\/en\/#website","url":"https:\/\/www.protectmedicaldata.org\/en\/","name":"protectmedicaldata","description":"Protect medical data with Storage Protection","publisher":{"@id":"https:\/\/www.protectmedicaldata.org\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.protectmedicaldata.org\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.protectmedicaldata.org\/en\/#organization","name":"protectmedicaldata","url":"https:\/\/www.protectmedicaldata.org\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.protectmedicaldata.org\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.protectmedicaldata.org\/wp-content\/uploads\/2025\/08\/pmd_web_logo.png","contentUrl":"https:\/\/www.protectmedicaldata.org\/wp-content\/uploads\/2025\/08\/pmd_web_logo.png","width":456,"height":277,"caption":"protectmedicaldata"},"image":{"@id":"https:\/\/www.protectmedicaldata.org\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.protectmedicaldata.org\/en\/#\/schema\/person\/f25a0f4f2bd8db199675895429b2636b","name":"protectmedicaldata","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/44ed5921a5f857a783f69487a44b1119a467c3cf18c85b0caa176e3acaaac868?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/44ed5921a5f857a783f69487a44b1119a467c3cf18c85b0caa176e3acaaac868?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/44ed5921a5f857a783f69487a44b1119a467c3cf18c85b0caa176e3acaaac868?s=96&d=mm&r=g","caption":"protectmedicaldata"},"url":"https:\/\/www.protectmedicaldata.org\/en\/blog\/author\/protectmedicaldata\/"}]}},"jetpack_featured_media_url":"https:\/\/www.protectmedicaldata.org\/wp-content\/uploads\/2025\/10\/close-up-data-center-employee-stressed-by-security-breach-alert-scaled.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.protectmedicaldata.org\/en\/wp-json\/wp\/v2\/posts\/2489","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.protectmedicaldata.org\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.protectmedicaldata.org\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.protectmedicaldata.org\/en\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/www.protectmedicaldata.org\/en\/wp-json\/wp\/v2\/comments?post=2489"}],"version-history":[{"count":1,"href":"https:\/\/www.protectmedicaldata.org\/en\/wp-json\/wp\/v2\/posts\/2489\/revisions"}],"predecessor-version":[{"id":2490,"href":"https:\/\/www.protectmedicaldata.org\/en\/wp-json\/wp\/v2\/posts\/2489\/revisions\/2490"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.protectmedicaldata.org\/en\/wp-json\/wp\/v2\/media\/2496"}],"wp:attachment":[{"href":"https:\/\/www.protectmedicaldata.org\/en\/wp-json\/wp\/v2\/media?parent=2489"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.protectmedicaldata.org\/en\/wp-json\/wp\/v2\/categories?post=2489"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.protectmedicaldata.org\/en\/wp-json\/wp\/v2\/tags?post=2489"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}