IPA declares “10 major threats” to information security, which suddenly leads to an attack

On January 27, 2021, ’10 Big Challenges to Information Security 2021′ was announced by the Information Technology Promotion Agency (IPA), which summarizes the information security cases that happened in 2020 in a ranking format, taking into account social impacts. The ranking was split into “individual” and “organization”, and the first place in the individual category was “illegal use of smartphone payments”, which was the same as the previous year, and the first place in the organizational category was “damage caused by ransomware”, which was fifth in the previous year.

Unauthorized use of mobile payments”, which ranks first in each category, appears to be due to a number of incidents involving the illegal withdrawal of deposits using the “Docomo Account” electronic payment service from NTT DoCoMo. IPA pointed out that “it is necessary to take steps against unauthorized access, such as using two-factor authentication and verifying the utilization status of the smartphone payment service

The first emergence of’ threats targeted at modern standard working styles such as telework’ came in third in the organizational group.

The government suggested teleworking, with the spread of the new coronavirus, and the living climate changed entirely, such as working from home via VPN (Virtual Private Network). In August 2020, it was also found that from VPN devices such as “Pulse Connect Secure” and “MAG” of US Pulse Secure, a significant amount of authentication information such as ID and password was leaked. The IPA said, “It is important to establish telework regulations and operational rules, and to implement security education.”