HOME >> IT Security >> information
Reports for Unauthorized Computer Access for the 3rd-Quarter (July – September 2008)
October 14, 2008
IT Security Center
Information-technology Promotion Agency, Japan (IPA)
This is the summary report for the unauthorized computer access for the 3rd Quarter (July to September) in 2008 compiled by IPA.
According to the reports filed by IPA for the 3rd Quarter in 2008, following tendencies can be viewed.
- There was number of damages caused by intrusion such as attacked to the port(s) used by SSH;
- Such instance that a server was intruded by exploiting vulnerability in software or by password cracking attack and subsequently altered files and/or exploited as the steppingstone server to attack to the other server(s) are frequently occurred;
- Someone logged-in to the member-only site(s) by spoofing to be a legitimate user to use the site fraudulently.
For thorough computer security configuration and daily operational measures, be sure to conduct adequate security measures by referring to the following URLs.
-
IPA Security Center, pages for individual users (in Japanese)
http://www.ipa.go.jp/security/personal/ - Enlightenment materials for information security (in Japanese)
http://www.ipa.go.jp/security/fy18/reports/contents/
1. Reported Number
The reported numbers relevant to unauthorized computer access for the 3rd Quarter 2008 (July to September) was 48: This eventually resulted in about 1.5 times higher than the previous quarter. The number actually damaged was about 1.6 times higher than the previous quarter as well.
Note) Of the numbers actually damaged are the numbers shown in the parentheses.
2. Reports by Damage Type
Of the reports for actually damaged was 40 (the previous quarter: 25) out of 48: the ratio taken over by that damaged reports reached to 83.3%. The reports actually damaged included “intrusion”, “infection w/worms”, “source address spoofing”, “unauthorized mail relay”, “DoS” and “others (damaged)”.
| 3rd Qtr,'07 | 4th Qtr,'07 | 1st Qtr,'08 | 2nd Qtr,'08 | 3rd Qtr,'08 | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Intrusion | 14 | 38.2 % |
13 | 33.3 % |
12 | 38.7 % |
11 | 35.5 % |
16 | 33.3 % |
| Unauthorized Mail Relay | 0 | 0.0 % |
0 | 0.0 % |
0 | 0.0 % |
0 | 0.0 % |
0 | 0.0 % |
| Infection w/Worm | 0 | 0.0 % |
0 | 0.0 % |
0 | 0.0 % |
0 | 0.0 % |
0 | 0.0 % |
| DoS | 0 | 0.0 % |
3 | 7.7 % |
2 | 6.5 % |
4 | 12.9 % |
4 | 8.3 % |
| Source Address Spoofing | 2 | 5.6 % |
3 | 7.7 % |
1 | 3.2 % |
3 | 9.7 % |
4 | 8.3 % |
| Others (Damaged) | 13 | 36.1 % |
8 | 20.5 % |
9 | 29.0 % |
7 | 22.6 % |
16 | 33.3 % |
| Access Probe (Attempt) | 7 | 19.4 % |
10 | 25.6 % |
2 | 6.5 % |
3 | 9.7 % |
2 | 4.2 % |
| Worm Probe | 0 | 0.0 % |
0 | 0.0 % |
0 | 0.0 % |
0 | 0.0 % |
0 | 0.0 % |
| Others (Not Damaged) | 0 | 10.0 % |
2 | 5.1 % |
5 | 16.1 % |
3 | 9.7 % |
6 | 12.5 % |
| Total | 36 | 39 | 31 | 31 | 48 | |||||
Note: The crack types shaded indicated the cracks actually caused damage. Since reported numbers are rounded at the 2nd place of arithmetic points; accordingly, the total may not make 100% sharp.
3. Damage Cause
Of the reports actually damaged (40); the major causes were insufficient ID/password management with 11, use of older version of patches/patches are not yet applied with 2 and insufficient configuration with 2, etc.
Note: As for the report that has several causes were aggregated as 1 case under the major cause.
4. Classification of Reporters
The largest number was from individual users with 31 which taken over about 50% against the other 2 types of reporters.
Note) Since numbers were rounded at the 2nd place of arithmetic points, accordingly the total may not make 100% sharp.
Inquiries to:
Information-Technology Promotion Agency, Security Center
Kagaya/Hanamura/Mochizuki
Tel:+81-3-5978-7527
Fax:+81-3-5978-7518
E-mail: 