HOME >> IT Security >> information
Reports for Unauthorized Computer Access First Half of 2009(January – June)
July 10, 2009
IT Security Center
Information-technology Promotion Agency, Japan (IPA)
This is the reports for the unauthorized computer access for the first half of 2009 (January to June) compiled by Information-technology Promotion Agency (IPA).
According to the reports summarized for the first half of 2009, following tendencies can be viewed.
- There often conducted attack and then intruded to the port used by SSH.
- There often exploited vulnerability (ies) in software/conducted password cracking attack to intrude to a server: in the event, files in that server were altered and the server itself was exploited as a steppingstone server to attack to the other server by embedding of malicious codes.
- Someone (malicious intent) masquerading to be a legitimate user logged in to membership only site (s) for fraudulent/illegal activities.
To prevent from the damages above mentioned, be sure to pay attention to the security configuration on your computer and to maintain your security measures by daily operational management by referring following URLs.
-
Pages for Individual Users – IPA Security Center (in Japanese)
http://www.ipa.go.jp/security/personal/ - Enlightenment Materials relevant to Information Security (in Japanese)
http://www.ipa.go.jp/security/fy18/reports/contents/
1. Reported Number
The reported number for unauthorized computer access for the first half of 2009 (January – June) was 63: decreased 30 (last half ’08: about 68%). The reports actually damaged were 27: decreased 27 (last half ’08: about 62%).
Note) the numbers in parentheses indicate the reported number actually damaged against the whole reported number.
2. Reports by Type
Of the reports for actually damaged was 44 (Last Half ’08: 71) which taken over about 70% against the whole reported number of 63 (Last Half ’08: 93) filed with IPA. The actual reports include “intrusion”, “unauthorized mail relay”, “infection w/worm”, “DoS”, “source address spoofing”, “masquerading”, “embedding of malicious codes” and “the others (damaged)”.
| First half '07 | Last Half '07 | First half '08 | Last half '08 | First half '09 | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Intrusion | 27 | 18.9% | 27 | 36.0% | 23 | 37.1% | 32 | 34.4% | 16 | 25.4% |
| Unauthorized Mail Relay | 2 | 1.4% | 0 | 0.0% | 0 | 0.0% | 0 | 0.0% | 1 | 1.6% |
| Infection w/Worm | 0 | 0.0% | 0 | 0.0% | 0 | 0.0% | 0 | 0.0% | 0 | 0.0% |
| DoS | 2 | 1.4% | 3 | 4.0% | 6 | 9.7% | 5 | 5.4% | 4 | 6.3% |
| Source Address Spoofing | 10 | 7.0% | 5 | 6.7% | 4 | 6.5% | 5 | 5.4% | 1 | 1.6% |
| Masquerading | * | * | * | * | 7 | 11.1% | ||||
| Embedding of Malicious Program | * | * | * | * | 12 | 19.0% | ||||
| Others (Damaged) | 65 | 45.5% | 21 | 28.0% | 16 | 25.8% | 29 | 31.2% | 3 | 4.8% |
| Access Probe (Attempt) | 34 | 23.8% | 17 | 22.7% | 5 | 8.1% | 16 | 17.2% | 19 | 30.2% |
| Worm Probe | 0 | 0.0% | 0 | 0.0% | 0 | 0.0% | 0 | 0.0% | 0 | 0.0% |
| Others (Not Damaged) | 3 | 2.1% | 2 | 2.7% | 8 | 12.9% | 6 | 6.5% | 0 | 0.0% |
| Total | 143 | 75 | 62 | 93 | 63 | |||||
Note: Of the reports being shaded indicate reported type actually damaged.
Since each ratio is rounded at the 2nd arithmetic point so that the total may not make 100% sharp, accordingly.
Up to the last half of 2008, “masquerading” and “embedding of malicious codes” included in “others (damaged)”.
3. Damage Cause
Of the reports actually damaged (44), insufficient ID/password management with 7, use of older version/patches has not yet applied with 9 and insufficient configuration with 2 were the major causes.
Note: Those reports that had several damage causes were counted as 1 case under the major cause.
4. Reporters
The breakdown of reporters is as follow.
Note: Each ratio is rounded at the 1st arithmetic point so that the total may not make 100% sharp, accordingly.
Inquiries to:
Information-Technology Promotion Agency, Security Center
Kagaya/Hanamura/Ooura
Tel:+81-3-5978-7527
Fax:+81-3-5978-7518
E-mail: 