• Countermeasure Guide Series
• Computer virus incident reports
• Status of damage report
• Information security seminars
• Investigation of actual damage by computer viruses in Japan
• Research anti-computer-virus technology
• Contact

The Computer Virus & Unauthorized Computer Access Countermeasures Group (VUAC) receives reports about detections and damage caused by intrusive computer viruses. The VUAC operates Anti-Computer-Virus Committee, whose members are representatives from associations of IT industries and academies.
They analyze the accumulated incident reports and endeavor in devising countermeasures. The results of their investigations as well as recommendations are publicized monthly through the media such as newspapers and magazines.

Computer Virus Incident Reports [Summary]

The worst virus ever !
There were approximately 10,000 reports for W32/Klez in one year ! !
This is a summary of Computer Virus Incident Reports for December 2002 and for the year 2002 compiled by IPA: Information-technology Promotion Agency.

1. Computer Virus Incident Reports

• 1-1. Annual virus incident report for 2002
  -- W32/Klez had the worst number of reports ever --

  In 2002, 20,352 reports were submitted to IPA, and the number decreased slightly compared from 2001 having 24,261 reports. W32/Klez had the worst number reported for 9 consecutive months, having 9,648 reports (approximately 50% of total), which made a single virus to have the worst number of reports ever for a year. This was followed by W32/Badtrans having 3,336 reports and W32/Hybris having 870 reports.

  
  For more information, please refer to "Computer Virus Detection Incident Reports in 2002"

• 1-2. December computer virus incident reports

  In December, 1,135 reports were submitted to IPA (November: 1,408 reports). The top number of viruses reported were W32/Klez having 465 reports with new variants having subjects such as "Happy Christmas" and "Happy New year", W32/Bugbear having 133 reports, and W32/Opaserv and VBS/Redlof, having 67 reports.

  In addition, an alert was announced for a massive spread of virus mail during the year change period since there was a concern, but there was no serious viral damage.

  Caution necessary for infection through web page ! !
  There are viruses, such as VBS/Redlof , where infection is obtained just by browsing a web page . When infected with this virus, infection is spread through ways provided below.

  • *Infected computer will record the virus program in the body of the sending e-mail , hence spreads the infection.
  • *Infects HTML and other files on the computer, and when the infected file is uploaded on the web page without noticing this, infection will spread to people who browse the web page.

  Especially, there are more cases where one gets infected through browsing a web page, so caution is necessary.

  Warning for this month:
  "Start virus countermeasure from anti-virus software !! "
  ===== In order to use the internet comfortably !=====

  There are various ways for virus infection to happen. The most common type is obtained through attached file on the e-mail, such as W32/Klez and W32/Bugbear. But there are infections obtained from browsing a web page, such as W32/Nimda and VBS/Redlof, and infections obtained from shared network, such as W32/Opaserv.

  In order to prevent infection damages through various paths from happening, it is essential to use the anti-virus software with the latest version of virus detecting data file on a constant monitoring setting.

  3 steps for anti virus software
  1. Must be installed  === Necessity for countermeasure
  2. Appropriate setting  === Constant monitoring setting is effective
  3. Updating virus detecting data file  === New virus emerges everyday Update at least once a week !

• Computer Virus Incident Reports for December, 2002 (full report)
• Computer Virus Incident Reports (back number)

The pie charts show the result of analysis of the computer virus damage cases reported in 2001.

Statistics of computer virus damage reports

Note)14 cases reported between April and December in 1990, 57 cases reported in 1991, 253 cases reported in 1992, 897 cases reported in 1993, 1127 cases reported in 1994, 668 cases reported in 1995, 755 cases reported in 1996, 2391 cases in 1997, and 2035 cases in 1998.

ISEC hosts Information security seminars all over Japan in every year. In 2001, 13 seminars were held from Hokkaido to Okinawa, in which computer virus countermeasures, and unauthorized computer access countermeasures.

• Help Desk (Tel, Fax,E-mail)
• Exhibition at computer-related shows
• Distribution of anti-virus brochures and CD-ROMs
• Anti-virus WEB site
• Anti-virus articles on magazines and papers
• Information exchange with anti-virus software vendors

The VUAC conducts a questionnaire survey to estimate the actual status of damage due to computer virus in Japan.
Investigation of number of damaged bodies

• The VUAC conducts a similar survey in the United States and Asia
  IPA Computer Virus Survey 2000 (1421KB)

The number of computer viruses is on the rise every day, and new types of viruses appear continually.They use new mechanism hard to be caught by anti-virus programs. Anti-virus software makers have a hard time to catch up with new viruses, and computer users feel uneasy about them. To resolve this problem, some software makers are developing new methods.
The VUAC has also launched a project to develop the new anti-computer-virus technology called "Integrity Check Method." This is based on encryption technologies.

IPA Security Center (IPA/ISEC) (ISEC: Information technology SEcurity Center)
TEL: +81-3-5978-7508 FAX: +81-3-5978-7518
Email:
Emergency call: +81-3-5978-7509
URL: http://www.ipa.go.jp/security/index-e.html