Promotion Agency,

TOP|Aplication|Contact us|Sitemap

Information-technology Promotion Agency, Japan
-japanese charactor-

IT Security Center

The Information-technology SEcurity Center (ISEC) is the center for promoting information security in Japan.



Information Service Activities

Security Software Development Activities


IT SecurityAssurance


PGP key


Mission Statement



IPA TOP>IT Security Center Japanese TOP>IT Security Center English TOP>information


Unauthorized Computer Access Incident Report for First Quarter

(January - March) of 2008

May 9, 2008
IT Security Center
Information-technology Promotion Agency, Japan (IPA)


This is the summary of unauthorized computer access for the First Quarter (January to March) of 2008.

According to the reporting status for the First Quarter of 2008 (January to March), there realized:

-   Number of intrusions by attacking to the port used by SSH

-   Number of file alteration and exploitation as a steppingstone server to attack to the other sites intruded by the server that has vulnerability in software

-   Logged in to a membership site spoofing to be a legitimate user for fraudulently use, etc.

Please refer to the following URLs to conduct thorough security configuration and daily operational security measures for continual secure and safe computer use for all users.

IPA Security Center – Pages for Individual Users (in Japanese)

Enlightenment Materials for Information Security (in Japanese)


1. Reported Number

The gross reported number for unauthorized computer access for the Fist Quarter (January to March), 2008 was 31; about 20% lowered from the previous Quarter (October to December ’07).  The number actually damaged was also lowered about 10% from the previous Quarter.

Reported Number for Unauthorized Computer Access

Note: Of the gross reported number, the numbers in the parenthesis presents the number actually damaged. .


2. Reported Number Classified by Type

Of 31, the reported number filed by IPA (previous Quarter: 39), the reported number actually damaged counted 24 (previous Quarter: 27), 77.4% against entire reported number.  The number actually damaged included “Intrusion”, “Infection w/Worm”, “Source Address Spoofing”, “Unauthorized Mail Relay”, “DoS” and “Others (Damaged)”.

Type of Repprts fpr Unauthorized Computer Access

Type of Repprts fpr Unauthorized Computer Access

Note:      the shaded types presented the types actually caused damage.  Since number in ratio is rounded at the 2nd places of arithmetic points, so thatthe number totaled may not make 100% sharp, accordingly.


3. Damage Cause

Of 24, the reports actually caused damage, ID/insufficient password management with 9, use of older version/patches are not yet installed with 1 were the major causes of damage.

Damage Cause of Unauthorized Computer Access (Aggregated only for those actually damaged)

Note:      The report that had multiple causes was counted as 1 case aggregated by its major cause.


4. Reporters by Type

As for the breakdown for the reporters by type, individual users are taking over 65% against entirely.

Classification by Filers

Note:      the number in ratio above is rounded at the 2nd place of arithmetic point so that the total number may not make 100% sharp, accordingly.

IT Security Center, Information-technology Promotion Agency (IPA/ISEC)



Term of Use

Copyright(c) Information-technology Promotion Agency, Japan. All rights reserved 2005