103
JPCERTCC Japan Computer Emergency Response Team Coordination Center – Japan
1. About JPCERTCC 1.1. Establishment
JPCERTCC is the first CSIRT Computer Security Incident Response Team established in Japan. It is an independent non-profit organization, serving as a
national point of contact for the CSIRTs in Japan and worldwide. After its inception in 1992, JPCERTCC was officially established in 1996 and has been conducting
incident handling operations, vulnerability handling operations, engaging in malware and threat analysis, publishing security alerts and advisories to the wide
public, organizing forums and seminars to raise awareness of security issues, and supporting the establishment and operations of CSIRTs in Japan and overseas.
1.2. Constituency
JPCERTCC coordinates with network service providers, security vendors, government agencies, as well as the industry associations in Japan.
2.
Activities Operations
2.1. Incident Handling Reports
In 2014, JPCERTCC received 19,464 computer security incident reports from Japan and overseas.
1
st
Qtr 2
nd
Qtr 3
rd
Qtr 4
th
Qtr Total
Incident Reports 4,898
4,072 5,430
5,064 19,464
Figure 1. Incident reports to JPCERTCC 2014
104 Figure 2. Incident reports to JPCERTCC 1997-2014
2.2. Abuse statistics
The incident reports to JPCERTCC in 2014 were categorized as in Figure 3. About 47 of the incident reports were on scan, followed by website defacement and
phishing.
Figure 3. Abuse Statistics of 2014
2.3. Security Alerts, Advisories and Publications
2,000 4,000
6,000 8,000
10,000 12,000
01 |
03 04
| 06
07 |
09 10
| 12
01 |
03 04
| 06
07 |
09 10
| 12
01 |
03 04
| 06
07 |
09 10
| 12
01 |
03 04
| 06
07 |
09 10
| 12
01 |
03 04
| 06
07 |
09 10
| 12
01 |
03 04
| 06
07 |
09 10
| 12
01 |
03 04
| 06
07 |
09 10
| 12
01 |
03 04
| 06
07 |
09 10
| 12
01 |
03 04
| 06
07 |
09 10
| 12
01 |
03 04
| 06
07 |
09 10
| 12
01 |
03 04
| 06
07 |
09 10
| 12
01 |
03 04
| 06
07 |
09 10
| 12
01 |
03 04
| 06
07 |
09 10
| 12
01 |
03 04
| 06
07 |
09 10
| 12
01 |
03 04
| 06
07 |
09 10
| 12
01 |
03 04
| 06
07 |
09 10
| 12
01 |
03 04
| 06
07 |
09 10
| 12
01 |
03 04
| 06
07 |
09 10
| 12
1997 1998
1999 2000
2001 2002
2003 2004
2005 2006
2007 2008
2009 2010
2011 2012
2013 2014
Scan 47.2
Website defacement
23.3 Phishing
10.1 Malware
5.3 DoS
0.8 ICS
0.0 Other
13.4
Abuse Statics of 2014
105
Security Alerts https:www.jpcert.or.jpat Japanese
https:www.jpcert.or.jpenglishat English JPCERTCC publishes security alerts on widespread, emerging information
security threats and their solutions, on an as-needed basis. In 2014, 70 security alerts were published.
• Early Warning Information
JPCERTCC publishes early warning information to the Japanese government and to organizations providing national critical infrastructure services and
products. Early warning information contains reports on threats, threat analysis and their solutions.
• Japan Vulnerability Notes JVN
https:jvn.jp Japanese https:jvn.jpen English
JVN is a vulnerability information portal site that provides vulnerability information and countermeasures for software products used in Japan. JVN is
operated jointly by JPCERTCC and the Information-technology Promotion Agency IPA and provides the descriptions, solutions, and developers’
statements on each vulnerability case including information on affected products, workarounds and solutions, such as updates and patches.
JPCERTCC conducts vulnerability handling operations cooperatively with CERTCC https:www.cert.org, CPNI https:www.cpni.gov.uk and
NCSC-FI https:www.ncsc.fi. In 2014, 301 vulnerabilities coordinated by JPCERTCC were published on
JVN. 140 were cases published through the Information Security Early Warning Partnership, and 161 were published through partnerships with
overseas coordination centers or vendors. Of the 140 published through the Information Security Early Warning
Partnership, 111 were reported to IPA by researchers, security vendors, etc. 28 were reported by developers against software they develop, and 1 was reported
directly to JPCERTCC by an overseas researcher. Of the 161 published through global partnerships, 136 were reported and
published by CERTCC, 2 by NCSC-FI, 4 by ICS-CERT and 16 were reported
106 by developers against software they develop. In addition, there were 3 issues
published to serve as technical alerts, based on publicly available information. In June 2010, JPCERTCC became a CVE Numbering Authority CNA. Since
then, JPCERTCC has been releasing Japan Vulnerability Notes JVN and JVN iPedia entries that contain reserved CVE Identifier numbers.
• JPCERTCC Weekly Report
JPCERTCC publishes weekly reports on selected security information of the preceding week, including a useful tip which is relevant to current issues.
• JPCERTCC on Twitter
https:twitter.comjpcert Japanese https:twitter.comjpcert_en English
Since January 2009, JPCERTCC has been providing information security related alerts via Twitter.
• JPCERTCC Official Blog
http:blog.jpcert.or.jp English Since September 2010, JPCERTCC has been providing security news related
to Japan as well as activities happening at JPCERTCC on its English blog. In 2014, 18 articles were published.
Quarterly Activity Reports
https:www.jpcert.or.jpreport Japanese https:www.jpcert.or.jpenglishdocreports.html English
JPCERTCC publishes quarterly activity reports and studyresearch reports. Since August 2014, its English versions are also available.
2.4. Industrial Control System Security
