Font Size Change

HOMEIT SecurityIPA/ISEC in JAPAN:Reports for Unauthorized Computer Access for the 3rd-Quarter (July September2009)

PRINT PAGE

IT Security

IPA/ISEC in JAPAN:Reports for Unauthorized Computer Access for the 3rd-Quarter (July September2009)

October 9, 2009

IT Security Center
Information-technology Promotion Agency, Japan (IPA)

This is the unauthorized computer access report for the 3rd Quarter of 2009 (July – September) compiled by IPA.

According to the current reports (July – September) summarized by IPA, following tendencies are identified:

  • Someone who spoofing to be a legitimate user logs in to use the member only service (s) fraudulently.
  • By exploiting vulnerability (ies) in software and/or by Password Cracking attack, someone intruded in server (s) alters the file (s) and embeds malicious codes to make that server exploitable to attack to the other servers.
  • By SQL injection attack, proprietary information such as private information, credit card information, etc. within a database is stolen.

Please refer to the following URLs for your adequate security configuration/thorough security measures by daily operational management.

1. Reported Number

The total reported number for the 3rd Quarter of 2009 (July – September) was 45: increased 21 (previous Qtr.: about 188%).  The reports actually damaged was 8 (previous Qtr.: about 144%).

Chart1
Note) Numbers in parenthesis are of the numbers actually damaged against gross reported numbers.

2. Reports By Damege

The gross reported number filed by IPA was 45 (previous Qtr.: 24): of the reports for actually damaged was 26 (previous Qtr.: 18) taken over about 58% against the whole.  The reports for actually damaged included: “Intrusion”, “Unauthorized Mail Relay”, “Infection w/Worms), “DoS”, “Source Address Spoofing”, “Masquerading”, “Embedding of Malicious Codes”, and “Others (damaged).

Chart2

  3rd Qtr,'08 4th Qtr,'08 1st Qtr,'09 2nd Qtr,'09 3rd Qtr,'09
Intrusion 16 33.3
%
16 35.6
%
8 20.5
%
8 33.3
%
10 22.2
%
Unauthorized Mail Relay 0 0.0
%
0 0.0
%
0 0.0
%
1 4.2
%
0 0.0
%
Infection w/Worm 0 0.0
%
0 0.0
%
0 0.0
%
0 0.0
%
0 0.0
%
DoS 4 8.3
%
1 2.2
%
2 5.1
%
2 8.3
%
0 0.0
%
Source Address Spoofing 4 8.3
%
1 2.2
%
1 2.6
%
0 0.0
%
1 2.2
%
Masquerading *   *   3 7.7
%
4 16.7
%
12 26.7
%
Embedding of Malicious Codes *   *   10 25.6
%
2 8.3
%
0 0.0
%
Others (Damaged) 16 33.3
%
13 28.9
%
2 5.1
%
1 4.2
%
3 6.7
%
Access Attempt (Probe) 2 4.2
%
14 31.1
%
13 33.3
%
6 2.5
%
19 42.2
%
Worm Probe 0 0.0
%
0 0.0
%
0 0.0
%
0 0.0
%
0 0.0
%
Others (Non- Damaged) 6 12.5
%
0 0.0
%
0 0.0
%
0 0.0
%
0 0.0
%
Total 48 45 39 24 45

Note: Damages shaded are the actually caused damages.  Since respective ratios are rounded at the 2nd arithmetic points so that they may not make 100% sharp, accordingly.

(*); Up until the 4th Qtr. of 2008, numbers relevant to “Masquerading” and “Embedding of Malicious Codes” were included in “Others (damaged)”.

3. Damage Cause

The reports for actual damage was 26: of 1 was for insufficient ID/password management, 4 was for use of older version of patches/patches has not yet applied, and 2 was for insufficient configuration.

Chart3
Note: Such report which has several causes was aggregated as 1 case/report under the major cause.

4. Classification by Reporters

The breakdown for the reporters is as follow.

Chart4
Note) Since ratios are rounded at the 1st arithmetic point so that the total may not make 100% sharp, accordingly.

Contact

IT Security Center, Information-technology Promotion Agency, Japan (IPA/ISEC)
Tel:+81-3-5978-7527
Fax:+81-3-5978-7518
E-mail: Please feel free to call at +81-3-5978-7517.