Information-technology
Promotion Agency,
Japan
本文へ
IPA

TOP|Aplication|Contact us|Sitemap


Information-technology Promotion Agency, Japan
-japanese charactor-






IT Security Center

The Information-technology SEcurity Center (ISEC) is the center for promoting information security in Japan.









Japanese




Activities




Information Service Activities






Security Software Development Activities






CRYPTREC






IT SecurityAssurance







Organization







PGP key







RFCs







Mission Statement







Links







About IPA/ISEC







IPA TOP>IT Security Center Japanese TOP>IT Security Center English TOP>information



 

Unauthorized Computer Access Incident Report for First Quarter

(January - March) of 2008


May 9, 2008
IT Security Center
Information-technology Promotion Agency, Japan (IPA)



 

This is the summary of unauthorized computer access for the First Quarter (January to March) of 2008.

According to the reporting status for the First Quarter of 2008 (January to March), there realized:

-   Number of intrusions by attacking to the port used by SSH

-   Number of file alteration and exploitation as a steppingstone server to attack to the other sites intruded by the server that has vulnerability in software

-   Logged in to a membership site spoofing to be a legitimate user for fraudulently use, etc.

Please refer to the following URLs to conduct thorough security configuration and daily operational security measures for continual secure and safe computer use for all users.

IPA Security Center – Pages for Individual Users (in Japanese)

http://www.ipa.go.jp/security/personal/

Enlightenment Materials for Information Security (in Japanese)

http://www.ipa.go.jp/security/fy18/reports/contents/

 


1. Reported Number

The gross reported number for unauthorized computer access for the Fist Quarter (January to March), 2008 was 31; about 20% lowered from the previous Quarter (October to December ’07).  The number actually damaged was also lowered about 10% from the previous Quarter.

Reported Number for Unauthorized Computer Access

Note: Of the gross reported number, the numbers in the parenthesis presents the number actually damaged. .

 

2. Reported Number Classified by Type

Of 31, the reported number filed by IPA (previous Quarter: 39), the reported number actually damaged counted 24 (previous Quarter: 27), 77.4% against entire reported number.  The number actually damaged included “Intrusion”, “Infection w/Worm”, “Source Address Spoofing”, “Unauthorized Mail Relay”, “DoS” and “Others (Damaged)”.

Type of Repprts fpr Unauthorized Computer Access

Type of Repprts fpr Unauthorized Computer Access

Note:      the shaded types presented the types actually caused damage.  Since number in ratio is rounded at the 2nd places of arithmetic points, so thatthe number totaled may not make 100% sharp, accordingly.

 

3. Damage Cause

Of 24, the reports actually caused damage, ID/insufficient password management with 9, use of older version/patches are not yet installed with 1 were the major causes of damage.

Damage Cause of Unauthorized Computer Access (Aggregated only for those actually damaged)

Note:      The report that had multiple causes was counted as 1 case aggregated by its major cause.

 

4. Reporters by Type

As for the breakdown for the reporters by type, individual users are taking over 65% against entirely.

Classification by Filers

Note:      the number in ratio above is rounded at the 2nd place of arithmetic point so that the total number may not make 100% sharp, accordingly.



Contact
IT Security Center, Information-technology Promotion Agency (IPA/ISEC)
Tel:+81-3-5978-7527

Fax:+81-3-5978-7518

E-mail:





Term of Use


Copyright(c) Information-technology Promotion Agency, Japan. All rights reserved 2005