Font Size Change

HOMEIT SecurityIPA:IPA/ISEC Unauthorized Access Incident Report 3rd Quarter (July September2010)

PRINT PAGE

IT Security

IPA:IPA/ISEC Unauthorized Access Incident Report 3rd Quarter (July September2010)

OCtober 15, 2010

IT Security Center
Information-technology Promotion Agency, Japan (IPA)

This is the report on unauthorized computer access for the third quarter of 2010 (from July to September), compiled by Information-technology Promotion Agency, Japan (IPA).

According to the reports filed to IPA in the third quarter of 2010, the latest trend consisted mainly of:

  • A server being penetrated by a hacker exploiting software vulnerability or carrying out  password cracking attack; its data being stolen; its files being altered; malicious code being embedded and the server being used as a stepping stone for attacking other servers
  • A members-only site being logged on and used by a hacker impersonating a legitimate user
  • A Website being defaced by Gumblar

By referring to the following sites, be sure to make appropriate security settings on your computer and to implement operational and management security measures on an ongoing basis.

1. Number of Cases Reported

The number of cases reported in the third quarter of 2010 (from July to September) was 47, up 13 cases, or 138 percent, from the previous quarter. The number of cases involving actual damages was up 3 cases, or 111 percent, from the previous quarter.


Note) The number in parenthesis is that of the cases involving actual damages.

2.Breakdown by Type

The number of cases reported to IPA in the third quarter of 2010 was 47 (34 in the previous quarter). Among them, 31 cases (28 cases in the previous quarter) involved actual damages, accounting for 66 percent of all the cases reported.  Actual damages in this context are caused by: "intrusion", "unauthorized mail relay", "Worm infection", "DoS", "spoofed address", "spoofing", "malicious code embedded" and other factors, and the number of cases involving actual damages is calculated by summing up each factor’s number of cases.

  3rd Qtr,'09 4th Qtr,'09 1st Qtr,'10 2nd Qtr,'10 3rd Qtr,'10
Intrusion 10 22.2 % 10 24.4 % 25 37.9 % 11 32.4 % 17 36.2 %
Unauthorized Mail Relay 0 0.0 % 1 2.4 % 0 0.0 % 0 0.0 % 0 0.0 %
Worm Infection 0 0.0 % 0 0.0 % 0 0.0 % 0 0.0 % 0 0.0 %
DoS 0 0.0 % 1 2.4 % 2 3.0 % 0 0.0 % 3 6.4 %
Spoofed address 1 2.2 % 0 0.0 % 1 1.5 % 0 0.0 % 1

2.1 %

Spoofing 12 26.7 % 13 31.7 % 11 16.7 % 13 38.2 % 7 14.9 %
Malicous code embedded 0 0.0 % 0 0.0 % 2 3.0 % 1 2.9 % 2 4.3 %
Other factors (with damage) 3 6.7 % 1 2.4 % 1 1.5 % 31 8.8 % 1 2.1 %
Evidence of access (failed attempt) 19 42.2 % 14 34.1 % 20 30.3 % 6 17.6 % 14 29.8 %
Evidence of Worm 0 0.0 % 0 0.0 % 0 0.0 % 0 0.0 % 0 0.0 %
Others (Not Damaged) 0 0.0 % 1 2.4 % 4 6.1 % 0 0.0 % 2 4.3 %
Total 45 41 66 34 47

Note: shaded regions indicate the causes involving actual damages. All the ratios shown in the Table above are rounded to one decimal place, so they may not add up to 100 percent.

3. Cause of Damage

Of the 31 cases involving actual damages, 4 cases were caused by "Poor ID & password management", 3 cases by "Older version used/patch not applied" and 1 case by "Inappropriate setting".


Note: If the reported damage was caused by multiple factors, one major factor is selected as representative and the count for the selected factor is incremented by 1.

4. Report Submitter

Breakdown of the report submitters is as follows:


Note:All the ratios shown in the Figure above are rounded to one decimal place, so they may not add up to 100 percent.

Inquiries to:

IT Security Center, Information-technology Promotion Agency, Japan (IPA/ISEC)
Kagaya/Hanamura
Tel:+81-3-5978-7527
Fax:+81-3-5978-7518
E-mail: