(Nikkei BP Group)
(No.1 High-Tech News Site in Japanese)
| Japan's MPT to Develop Technology to ID Internet Hackers
November 4, 1998 (TOKYO) -- Japan's Ministry of Posts and Telecommunications
said it will develop technology to track and identify illegal intruders
to corporate computers over the Internet.
|Development work is to begin in April 1999. With this tracking program,
a third party will be able to issue a warning on behalf of an attacked
company to someone who has tried illegally accessing the company.
Currently, the only measure an invaded company can take is to send a
warning to the invader after identifying that individual based on historical
data prepared by the company's firewall and monitoring software.
MPT will develop the tracking program, taking into consideration the
liaison with such off-the-shelf security products.
In the procedure to identify the intruder, a company damaged by an illegal
access first must send information necessary for tracking the access
to an information collecting management server equipped with the tracking
The server then traces back the transmission route used for the illegal
access in order to identify where the access originated. When the hacker
is identified, the server sends a warning message to stop further access.
However, it is not yet decided who will be in charge of running the information
collecting management server. Therefore, the impact a warning message
might have on a hacker's conduct is unknown.
The MPT plan is positioned as one of measures to prevent illegal access
through administrative guidance. It is due to be conducted from fiscal
1999 for three years. MPT is at present working on the budget for fiscal
1999 with the Ministry of Finance, which is expected to conclude the
work by the end of 1998 at the earliest.
If MPT's request is granted, private corporations will be publicly invited
to offer the tracking technology through the Telecommunications Advancement
Organization of Japan (TAO), an MPT authorized body.
The success in the MPT plan depends on how to interpret current laws
that may impose restrictions. What most concerns MPT is the issue of
secrecy of communications.
"In the present state, even a company attacked by a hacker might not
be eligible to be informed of identity of the hacker, but the tracking
program can identify the hacker," MPT said.
Depending on how the secrecy of communications is applied, even a hacker
can claim the right to prevent his or her communications history from
being spread via notification such as the MPT plan.
In addition, there are no regulations to keep control over hacking itself.
Even if an illegal online invader to a computer is pinpointed, he or
she can evade punishment unless the victim can prove actual damages
such as obstruction of business due to falsification of records.
� Damage from Unauthorized Computer Access Reported as High
� Network Security Inspection Services Debut in Response to Crisis
<Visit News Center for more Asian news.>