HOME >> IT Security >> information
Reports for Unauthorized Computer Access for the 1st-Quarter of 2009
April 13, 2009
IT Security Center
Information-technology Promotion Agency, Japan (IPA)
This is the report for unauthorized computer access for the 1st Quarter of 2009 (January to March) compiled by IPA.
According to the reports filed by IPA, following tendencies are identified:
- Number of intrusions caused by the attack to the port used by SSH
- By exploiting the vulnerability in software or by password cracking attack to intrude to the servers in where files are altered and/or malicious programs are embedded to exploit as the steppingstone server to attack to the other servers.
- Someone spoofed to be a legitimate user logs in to the member only site in where he/she is fraudulently served.
Please refer to the following URLs to ensure thorough security configuration and to conduct daily operational management as a continual security measures.
-
IPA Security Center, pages for individual users (in Japanese)
http://www.ipa.go.jp/security/personal/ - Materials for enlightenment activities relevant to information security (in Japanese)
http://www.ipa.go.jp/security/fy18/reports/contents/
1. Reported Number
The total reported number for the 1st Quarter of 2009 (January – March) was 39 and was decreased to about 87% (4th Quarter of 2008: 45). The reports actually damaged were also decreased to about 84% (4th Quarter of 2008: 31).
Note) The number in parenthesis shows the actual damage.
2. Reports by Damage
The total reported number filed by IPA was 39 (previous Quarter: 45): of 26 was the reports for actual damage (previous Quarter: 31) or about 67% against the whole reported number. The reports for actual damage included “intrusion”, “unauthorized mail relay”, “infection w/worms”, “DoS”, “source address spoofing”, “masquerading”, “embedding of malicious programs” and “others (damaged)”.
| 1st Qtr,'08 | 2nd Qtr,'08 | 3rd Qtr,'08 | 4th Qtr,'08 | 1st Qtr,'09 | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Intrusion | 12 | 38.7 % | 11 | 35.5 % | 16 | 33.3 % | 16 | 35.6 % | 8 | 20.5 % |
| Unauthorized Mail Relay | 0 | 0.0 % | 0 | 0.0 % | 0 | 0.0 % | 0 | 0.0 % | 0 | 0.0 % |
| Infection w/Worm | 0 | 0.0 % | 0 | 0.0 % | 0 | 0.0 % | 0 | 0.0 % | 0 | 0.0 % |
| DoS | 2 | 6.5 % | 4 | 12.9 % | 4 | 8.3 % | 1 | 2.2 % | 2 | 5.1 % |
| Source Address Spoofing | 1 | 3.2 % | 3 | 9.7 % | 4 | 8.3 % | 1 | 2.2 % | 1 | 2.6 % |
| Masquerading | * | * | * | * | 3 | 7.7 % | ||||
| Embedding of Malicious Program | * | * | * | * | 10 | 25.6 % | ||||
| Others (Damaged) | 9 | 29.0 % | 7 | 22.6 % | 16 | 33.3 % | 13 | 28.9 % | 2 | 5.1 % |
| Access Probe (Attempt) | 2 | 6.5 % | 3 | 9.7 % | 2 | 4.2 % | 14 | 31.1 % | 13 | 33.3 % |
| Worm Probe | 0 | 0.0 % | 0 | 0.0 % | 0 | 0.0 % | 0 | 0.0 % | 0 | 0.0 % |
| Others (Not Damaged) | 5 | 16.1 % | 3 | 9.7 % | 6 | 12.5 % | 0 | 0.0 % | 0 | 0.0 % |
| Total | 31 | 31 | 48 | 45 | 39 | |||||
Note: Damages grayed are the actual damage reported. Since every ratio is rounded at the 2nd arithmetic points so that the total may not make 100% sharp, accordingly.
“Masquerading” and “Embedding of Malicious Programs” were aggregated into “Others (Damaged)” up to the 4th Qtr. of 2008.
3. Damage Cause
The report for actual damage was 26: Of insufficient ID/password management with 2, use of older version/not yet applied patches with 8, etc. were the major causes.
Note: Those reports that have multiple causes were counted as 1/report under its major cause. This graph is aggregated only by those reports actually damaged.
4. Reporters
The breakdown of reporters is as follow.
Note) Since every ratio is rounded at the 2nd arithmetic points so that the total may not make 100% sharp, accordingly.
Inquiries to:
Information-Technology Promotion Agency, Security Center
Kagaya/Hanamura/Ooura
Tel:+81-3-5978-7527
Fax:+81-3-5978-7518
E-mail: 