Font Size Change

HOMEIT SecurityMeasures for Information Security VulnerabilitiesIPA/ISEC:Vulnerabilities:IS White Paper 2011, Part 2 “10 Major Security Threats” Released


IT Security

IPA/ISEC:Vulnerabilities:IS White Paper 2011, Part 2 “10 Major Security Threats” Released

Aug 23, 2011

Information-technology Promotion Agency, Japan (IPA, Chairman Kazumasa Fujie) released the 擢or the Year 2011: 10 Major security Threats - Attacks are fast evolving�Is Your Security Good Enough?�, a report that addresses the information security trends based on the vulnerability information reported to IPA and the public media reports in 2010.


The 2011 edition of the 10 Major Security Threats was produced by the 10 Major Security Threats Committee of 127 members, from information security researchers to practitioners, based on the vulnerability information reported to IPA in 2010 and the public media reports. The 10 Major Security Threats have been published annually since 2005. They have hit more than a million download in total and been used in the training programs and security education by the organizations. The English version is also available for foreign engineers.

Some security incidents in 2010, where the insiders intentionally took out and disclosed the internal information, have given the great impact to the society, and information leakage was voted top threat by the 10 Major Security Threats Committee members. In the second place was 殿ttacks through websites� and the third was 殿ttacks exploiting vulnerability in standard softwares� � both of which were also observed a number of times in 2010. Furthermore, new threats, such as the new type of attacks that combines multiple attacking methods, viruses targeting smartphones and attacks targeting the users of microblogging services, have emerged. These threats received a lot of media coverage and were also selected as the top 10 security threats.

10 Major Security Threats for the Year 2011 by the 10 Major Security Threats Committee

Information Leakage Caused by "People"
Unstoppable! Attacks via Websites
Attacks Exploiting Vulnerability in Standard Softwares
Attacks Targeting Smartphones on the Rise
New Type of Attack That Combines Multiple Attacking Methods
Troubles Caused by Inadequate Security Measures
Security Issues in Mobile Phone Websites
Hard-to-Detect Targeted Attacks
Security Issues in Cloud Computing
Attacks Targeting Users of Microblogging Service and SNS

This report consists of 3 chapters. Chapter 1 looks at the business impact on organizations that were caused by the actual security incidents during the year 2010. Chapter 2 presents summary and impact of the 10 major security threats for the year 2010 voted by the 10 Major Security Threats Committee in terms of the threat痴 great social impact, distinctive nature and strong impression. Chapter 3 presents the points and approaches towards information security.


This document can be downloaded at:


IT Security Center,
Information-technology Promotion Agency, Japan (ISEC/IPA)