|
This is a summary
of unauthorized computer access for the 3rd Quarter (July to September)
of 2007.
This is the summary of unauthorized
computer access report for the Third Quarter of 2007 (July –
September) compiled by IPA (Information-technology Promotion Agency).
As for the current trend
from the viewpoint of the reporting status for the Third Quarter
of 2007, it is realized that;
- There are
number of damages invaded by the attacks to the ports used by SSH;
- There are
number of damages invaded to servers by exploiting vulnerability
in software to alter files and to use the steppingstone to attack
to the other sites;
- There are
number of damages that computers are used illegally by logging in
to a membership site spoofing to be a legitimate user.
Be sure to conduct thorough
security configuration and continually conduct daily operational
management as security measures by referring following URL.
Practical Information for
Information Security Measures for End-users/Home-users (in Japanese)
http://www.ipa.go.jp/security/awareness/end-users/end-users.html
Practical Information for
Information Security Measures for System Administrators (in Japanese)
http://www.ipa.go.jp/security/awareness/administrator/administrator.html
1. Reported Number
The reported
number for the Third Quarter of 2007 was 36 in total
and was about a half of the previous quarter in number. The number
for actually damaged was, too, about a half of the previous quarter
in number.
Note) The numbers shown
in mauve bar present the actual number of damaged.
2. Type of Report
Of 36 (previous quarter
= 75) reported to IPA, the reports actually damaged was 29 (previous
quarter = 61) or 80.6% against the whole. The reports actually
damaged included “Intrusion”, “Infection w/Worm”, “Source Address
Spoofing” and “Unauthorized Mail-Relay” “DoS” and “Others (Damaged)”.
|
|
3
rd Qtr. of 2006 |
4
th Qtr. of 2006 |
1
st Qtr. of 2007 |
2
nd Qtr. of 2007 |
3
rd Qtr. of 2007 |
Intrusion
|
29
|
26.1%
|
18
|
32.1%
|
9
|
13.2%
|
18
|
24.0%
|
14
|
38.9%
|
Unauthorized
Mail Relay |
0
|
0.0%
|
1
|
1.8%
|
0
|
0.0%
|
2
|
2.7%
|
0
|
0.0%
|
Infection
w/Worm |
11
|
9.9%
|
1
|
1.8%
|
0
|
0.0%
|
0
|
0.0%
|
0
|
0.0%
|
DoS
|
4
|
3.6%
|
3
|
5.4%
|
2
|
2.9%
|
0
|
0.0%
|
0
|
0.0%
|
Source
Address Spoofing |
3
|
2.7%
|
2
|
3.6%
|
5
|
7.4%
|
5
|
6.7%
|
2
|
5.6%
|
Others
(Damaged) |
12
|
10.8%
|
7
|
12.5%
|
29
|
42.6%
|
36
|
48.0%
|
13
|
36.1%
|
Access
Probe (Attempt) |
50
|
45.0%
|
23
|
41.1%
|
21
|
30.9%
|
13
|
17.3%
|
7
|
19.4%
|
Worm
Probe |
0
|
0.0%
|
1
|
1.8%
|
0
|
0.0%
|
0
|
0.0%
|
0
|
0.0%
|
Others
(Not Damaged) |
2
|
1.8%
|
0
|
0.0%
|
2
|
2.9%
|
1
|
1.3%
|
0
|
0.0%
|
Total
|
111
|
56
|
68
|
75
|
36
|
Note: the
shaded parts are the incident types actually damaged
.
%s shown above are rounded at the 2 nd place of arithmetic
decimal points,
the total may not be made 100%,
accordingly.
3. Damage Cause
Of 29 reports actually
damaged, insufficient ID/password management with 12 ,
use of older version/not yet applied patches with 3 ,
etc. are the major causes.
Note: The report that
has multiple damage cause is aggregated as 1 case/report
under the major damage cause.
4. Type of Reporters
The breakdown of reporters
by type indicates that “ Individual User ” is taking
over the highest ratio of about 50% against the
whole.
Note: The number in ratio
is rounded at the 2 nd arithmetic points, so that the total
may not make 100% sharp, accordingly.
|
Japanese