This is a summary of Unauthorized
Computer Access Incident Report for the 3 rd Quarter (July – September)
2004.
According from the recent reports aggregated for
the 3 rd Quarter 2004, it tends to:
- Most of them are for indiscriminant
attacks against every computer including such computer for home
use;
- Most of cases for damage are caused
that fundamental countermeasures are not being placed.
Please refer to the following sites to install computer
security thoroughly and try to maintain security countermeasures
by daily operational management.
Information for security countermeasures practice
information for end/home users (in Japanese)
http://www.ipa.go.jp/security/awareness/end-users/end-users.html
Information for security countermeasures practice
information for system administrators (in Japanese) http://www.ipa.go.jp/security/awareness/administrator/administrator.html
1. Reported
Numbers
The reported numbers for the 3 rd Quarter
(July to September) totaled to 133 ; the gross reported
numbers was decreased, but the ratio for damaged numbers was increased.
* The %s shown in the graph are
the ratio for actual damage taken over the gross reported numbers.
2. Reported
Numbers Classified by Cause
With regard to 133 cases reported to IPA during
the 3 rd Quarter, of 110 cases (previous Quarter: 184
cases) were for “Access Probe (attempt)”
or detection of unauthorized computer access attempt
was taken over 82.7% against entire reported numbers during that
period. In addition, reported numbers in relation to actual damage
were 21 cases (previous Quarter: 16 cases) for which reached to
15.8% against entire reported numbers. The reported numbers for
actual damage were the gross total of “Intrusion”, “Worm
Probe”, “Unauthorized Mail Relay”, “Mail Address Spoofing”
and “DoS and others”.

| Cause
|
3
rd Qtr. 2003 |
4
th Qtr. 2003 |
1
st Qtr. 2004 |
2
nd Qtr. 2004 |
3
rd Qtr. 2004 |
Intrusion |
19 (16.2%) |
9 (11.0%) |
11 (9.0%) |
7 (3.4%) |
14 (10.5%) |
Access Probe (Attempt) |
65 (55.6%) |
51 (62.2%) |
100 (82.0%) |
184 (90.6%) |
110 (82.7%) |
Infection w/Worm |
4 (3.4%) |
0 (0.0%) |
0 (0.0%) |
0 (0.0%) |
0 (0.0%) |
Worm Probe |
14 (12.0%) |
7 (8.5%) |
2 (1.6%) |
3 (1.5%) |
2 (1.5%) |
Unauthorized Mail Relay |
2 (1.7%) |
3 (3.7%) |
3 (2.5%) |
0 (0.0%) |
0 (0.0%) |
Source Address Spoofing |
5 (4.3%) |
6 (7.3%) |
1 (0.8%) |
3 (1.5%) |
5 (3.8%) |
DoS, others |
8 (6.8%) |
6 (7.3%) |
5 (4.1%) |
6 (3.0%) |
2 (1.5%) |
Total (Case) |
117 |
82 |
122 |
203 |
133 |
With regard to the reported numbers for actual
damage, cause for damage was specified for only 7 cases; insufficient
ID/Password management and use of older version/not yet applied
patches could count 3 cases (about 42.9%) respectively.

4. Reported Numbers Classified by Filers
With regard to the breakdown for filers, individual
users take over 91% of entire reported numbers which still
remain high ratio. |