HOME >> IT Security >> information
Unauthorized Computer Access Incident Report for 3rd Quarter of 2006 (July - September)
October 31, 2006
IT Security Center
Information-technology Promotion Agency, Japan (IPA)
This is a summary of unauthorized computer access for the 3rd Quarter (July to September) of 2006.
According to the reports for the 3rd Quarter 2006 filed with IPA,
- number of attacks to the ports used by SSH
- number of damages intrude into server to use the server as steppingstone to attack to the other servers
are realized as current tendency of unauthorized computer access.
Please refer to the following sites to ensure your continual security measures via thorough computer security configuration and daily operational management.
- Practical Information for Information Security Measures for end-
users/home-users (in Japanese)
http://www.ipa.go.jp/security/awareness/end-users/end-users.html - Practical Information for Information Security Measures for System
Administrators (in Japanese)
http://www.ipa.go.jp/security/awareness/administrator/administrator.html
1. Reported Number
The gross reported number for unauthorized computer access for the 3rd Quarter (July to September 2006) was totaled 111 for which 2.2 times larger than the previous quarter. The reported number for actually damaged was also 1.8 times larger than the previous quarter. .
Note) Numbers in the parenthesis above indicate of the reported number actually damaged from the gross reported number for the 3rd Quarter 2006.
2. Type of Unauthorized Computer Access
Of the reported number filed with IPA, the reported number for “ Access Probe (Attempt) ” meaning developed certain attempts of unauthorized computer access was reached 50 (previous quarter: 15) or was taken over 45.0% against entire reported number. In addition, the reported number for actually damaged was counted 59 (previous quarter: 33) or was taken over 53.2% against entire reported number. The reported number for actually damaged include “Intrusion”, “Infection w/Worms”, “Unauthorized Mail Relay”, “DoS” and “Others (Damaged)”.
| Third Qtr. 2005 | Fourth Qtr. 2005 | First Qtr. 2006 | Second Qtr. 2006 | Third Qtr. 2006 | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Intrusion | 19 | 15.2 % | 33 | 46.5 % | 26 | 22.8 % | 21 | 42.0 % | 29 | 26.1 % |
| Unauthorized Mail Relay | 1 | 0.8 % | 2 | 2.8 % | 0 | 0.0 % | 0 | 0.0 % | 0 | 0.0 % |
| Infection w/Worm | 2 | 1.6 % | 3 | 4.2 % | 0 | 0.0 % | 4 | 8.0 % | 11 | 9.9 % |
| DoS | 6 | 4.8 % | 1 | 1.4 % | 2 | 1.8 % | 3 | 6.0 % | 4 | 3.6 % |
| Mailing Address Spoofing | 3 | 2.4 % | 1 | 1.4 % | 1 | 0.9 % | 1 | 2.0 % | 3 | 2.7 % |
| Others (Damaged) | 7 | 5.6 % | 9 | 12.7 % | 9 | 7.9 % | 4 | 8.0 % | 12 | 10.8 % |
| Access Probe (Attempt) | 85 | 68.0 % | 17 | 23.9 % | 71 | 62.3 % | 15 | 30.0 % | 50 | 45.0 % |
| Worm Probe | 2 | 1.6 % | 3 | 4.2 % | 4 | 3.5 % | 0 | 0.0 % | 0 | 0.0 % |
| Others (Not Damaged) | 0 | 0.0 % | 2 | 2.8 % | 1 | 0.9 % | 2 | 4.0 % | 2 | 1.8 % |
| Total | 125 | 71 | 114 | 50 | 111 | |||||
Note: the shaded parts are the incident types actually damaged .
%s shown above are rounded at the 2 nd place of arithmetic decimal points, the total may not be made 100%, accordingly.
3. Damage Cause
Of the reported number for actually damaged (59), Insufficient ID/Password Management with 11 , Use of Older Version/Patches have not been Applied with 11 , etc. were the major causes.
Note: The report that has multiple damage causes was aggregated by the major cause
4. Type of Reporters
Of about 55% against entire type of reporters were individual users for which taking over unchangeably high ratio.
Note: The ratios are rounded at the first arithmetic points; the total may not make 100% sharp, accordingly.
Contact
IT Security Center, Information-technology Promotion Agency (IPA/ISEC)
Tel:+81-3-5978-7527
Fax:+81-3-5978-7518
E-mail: 