Top Page
Site Map
News at a Glance Member Services AsiaBizTech Resources

Advanced Search

(Nikkei BP Group)

(No.1 High-Tech News Site in Japanese)

  • Network Security Inspection Services Debut in Response to Crisis
  • August 17, 1998 (TOKYO) -- The sense of crisis over system security is growing among Japanese corporate network system administrators following a series of unauthorized accesses via the Internet since mid-1997.
    The number of reports received at the Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has been soaring, including unauthorized access to Information and Communication Systems Laboratories of Nippon Telegraph and Telephone Corp. (NTT), and an incident in which a mail server at the Ministry of International Trade and Industry was used as a relay for mail to solicit money-making activities (See chart).

    Domestic network users have been heretofore lacking a sense of impending crisis over the system security since many believe that even if corporate data are seen by intruders from the United States and Europe, there is no need to worry because they cannot read data written in Japanese language.

    However, such users are compelled to change their view that Japanese system networks are safe following the successive incidents involving unauthorized access over the system network.

    In response to the move, some tools and services for network security inspections and monitoring have been released and an increasing number of network users started to use them.

    Reactions from Corporate Users Mixed

    Reactions from domestic corporate users to unauthorized access by hackers mix. Some companies are becoming highly cautious of such illegal acts, while others care less, saying they will have no problems even if hackers obtain some of their internal information.

    Many companies cannot spend much on the Internet because they use it simply to obtain information and exchange mail. They tend to lack any day-to-day security measures other than building a firewall.

    According to a survey conducted by the Metropolitan Police Department, many companies disregard even fundamental security measures such as management of passwords, applications of revised software and monitoring of logs.

    Incidents of damage from unauthorized access over the Internet reported to JPCERT/CC in the January-March period in 1998 show that many hackers attacked widely known security holes. There were 110 cases of unauthorized use of anonymous FTPs, 38 unauthorized log-ins to servers and other machines, 30 cases involving spam mail and 22 attacks taking advantage of the common gateway interface (CGI) at World Wide Web servers.

    Basically, most of the cases could have been avoided if corporate users paid attention to the latest information released by JPCERT/CC and information on products they use.

    In fact, a growing number of corporate users started using one of security inspection services which have come out since the latter half of 1997. In such services, simulated attacks are made to a corporate network to confirm whether there is any problem with its safety. Some services even conduct an inspection every few months to confirm if the safety is maintained after the system is secured.

    There is also a new service to provide 24-hour remote monitoring of intrusions to internal networks. If any attempt at unauthorized access is detected, the service system will report it to a person in charge immediately for quick action.

    Economical, Easy One-Time Services

    There are different types of security inspection services. One-time inspection services are inexpensive and easy. Many current users adopt such services.

    Most vendors of the services use a commercial security inspection tool which searches any security holes on each a firewall, an operating system, a Web server and a mail server. If there is any problem, it will show how to cope with the problem.

    Some vendors use their own expertise in the security in combination with a commercial inspection tool. Nihon ICSA KK, a Japanese arm of International Computer Security Association (ICSA) of the United States, collects underground information over the Internet on its own to conduct inspections. LAC Co., Ltd. and some other vendors use a self-developed inspection tool. LAC's inspection fees start from about 600,000 yen (US$410).

    Fujitsu Ltd. provides a service in which the manufacturer actually logs into an open service of a corporate user to inspect the security. The corporate user needs to inform Fujitsu of its network system configuration and the ID and password of a system administrator beforehand.

    IBM Japan Ltd. and General Accounting & Business Consulting Inc. offer a different type of service in which a corporate user informs them only of an IP address and confirms if the user can make any unauthorized access to its own network system.

    In many services, vendors point out issues detected in detail by server. Although most reports of inspection results automatically printed out by an inspection tool are written in English, those submitted to users are translated into Japanese.

    Some Vendors Offer Countermeasures

    Services provided under an annual contract usually offer inspections on a regular basis. The inspections are made two to 12 times a year for an annual fee of around 4 million yen (US$27,400).

    Some vendors regularly send corporate users the latest information on network security. The Japanese arm of ICSA offers such information to its users twice a month. IBM Japan translates information collected by IBM Corp. of the United States into Japanese and sends its users almost every week.

    Regarding ways to handle problems, vendors fall into two categories: those which take measures on the issues by themselves and those which leave the issues to others. NEC Corp., Hitachi Ltd. and NTT provide a security inspection and setting up of the security system altogether. The Japanese arm of ICSA, LAC and General Accounting & Business Consulting focus solely on a security inspection and monitor the issues as the third party.

    The Japanese arm of ICSA issues a certification logo mark to corporate users after it confirms the safety of the internal system. ICSA of the United States currently issues the same logo mark when it certifies a firewall and encrypted products of users. The Japanese arm applies the same certification system in Japan. In an annual contract service, the organization evaluates its users' daily security operations, including security policies. Nippon Computer Security Corp. and Hucom Inc. serve as the group's domestic agents.

    Chart: The number of unauthorized accesses over the Internet in Japan

    The number of reports that JPCERT/CC received from corporate users.
    A relatively large number of incidents during January and March 1997
    indicates wide-ranging attacks to mail server software send mail.

    (return to news)

    Related stories:
    MITI Mail Server Used to Relay Overseas Junk Mail
    Network Security Services Gain Ground in Japan

    (Nikkei Communications)

    Copyright © 1997-98
    Nikkei BP BizTech, Inc.
    All Rights Reserved.
    Updated: Fri Aug 14 18:24:27 1998 PDT