HOME >> IT Security >> information

Yearly Report for Unauthorized Computer Access for 2010

January 18, 2011

IT Security Center
Information-technology Promotion Agency, Japan (IPA)

This is the yearly report for the unauthorized computer access from January to December 2010, compiled by Information-technology Promotion Agency, Japan (IPA).

1. Number of Cases Reported

The yearly reported number for 2010 was 197: increased 48 (about 32 percent) from 149, the yearly reported number for 2009. Please refer to the following graph for the reported numbers for the past 10 years summarized by IPA. This graph shows that the year 2010 marked increase, compared to the previous two years that marked decrease.


2.Type of Reports

Compared to the year 2009, the number of reported cases for "Intrusion" increased in the year 2010, which contributed to the increase in the total number of reported cases.


3.Damage Contents

Followings are the contents of actual damages reported. The number of reported cases decreased 33 (about 31 percent) from the previous year. While "Homepage Alteration" and "Exploited as a steppingstone" increased, "File alteration" decreased.


4.Breakdown of the Report Submitters

In the year 2010, proportion of corporations exceeded that of individuals.


5.Cause of Damages

When we look at the cause of actual damages reported in the year 2010, we can see that "Poor ID & password management" stood at 16 cases (13 percent of the total cases), "Older version used/patch not applied" at 13 cases (10 percent) and "Inappropriate settings" at 7 cases (6 percent). "Unknown" stood at 75 cases (61 percent), up 21 cases, or about 39 percent, from the year 2009, accounting for more than half of the total. From this result, we can see that damage cases whose causes are hard to identify continued to increase in the year 2010 as the methods for unauthorized computer access have become increasingly sophisticated.


6.Countermeasures Information

One of the characteristics of the year 2010 was that, a number of cases involving Website Alteration by so called "Gumblar" have been reported. In most cases, the cause of such damages has remained unidentified, indicating that Website alteration techniques are getting more sophisticated. Other cases that stood out involve an online game and other services being used illicitly by a malicious entity spoofing as a legitimate user, for which the legitimate user was billed unreasonably; a port used by SSH being attacked and a PC being penetrated (mainly due to "Poor ID & password management" or "Unknown" cases); and a PC being used as a steppingstone for attacking other computers. In most cases, the cause has remained unidentified, but those damages would have been prevented if the PC users had implemented fundamental security measures.  So system administrators should check for the following items and take comprehensive countermeasures:

- Strict ID/password management/settings

- Resolving of security holes (operational preventive measures should be included if no patch can be applied)

- Appropriate router/firewall settings/access restriction

- Frequent log check

Individual users should also be sure to:

- Update their OSs and applications by using Windows Update, Office Update, etc.

- Follow best practices in password settings/management (i.e., use a complex password; change it regularly; and do not tell it to anyone else, etc.)

- Make use of router/firewall

- Check if their wireless LAN is configure to use encryption (whenever possible, use WPA2 instead of WEP)

Refer also to the following URLs.

<For system administrators>
<For end users/home users>

Inquiries to:

Information-Technology Promotion Agency, Security Center
Tel:+81-3-5978-7591
Fax:+81-3-5978-7518
E-mail: Please feel free to call at +81-3-5978-7517.

Top Page