In association with heise online

23 July 2007, 13:27

Police officer dismissed for leaking information to P2P net in Japan

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A computer in the care of an officer of the Tokyo Metropolitan Police Department has been found to have leaked around 6,600 sensitive case-related documents as a result of installing an unauthorised P2P package. The leaked documents included personal details of several hundred members of a prominent yakuza clan (ouch!). The officer has been dismissed, but that may be the least of his worries. Apparently, the documents were leaked via Winny, a Japanese P2P package that has become notorious as the source of confidential information leaks from government agencies including the Maritime Self Defence Force, All Nippon Airlines and more than one police department.

Winny, a distinctly Japanese product, is apparently not an intentional culprit, although it may contain a bug that has been exploited by a parasite. Released for P2P file sharing in 2003 by Isamu Kaneko, then a research assistant at Tokyo University, it rapidly attracted a quarter of a million users. Although the author was prosecuted in 2004 for conspiracy to commit copyright violations by releasing the program, there was no suggestion that the software itself had any malicious capabilities. However, almost immediately Winny took off, a worm (Antinny) that infects Winny networks was released by others unknown and the two seem to have developed a symbiotic relationship. Antinny is another Japan-specific beast (to the extent of using Japanese language and character set throughout its visible components) but sadly this one is malicious: performing key stroke logging and file upload via the Winny network.

Despite, or possibly due to, Winny's popularity, Antinny seems to have stolen its thunder, and to have penetrated deep into the Japanese national infrastructure. Several major incidents have been traced back to its activities. In the current case it not yet clear whether the leaks were due to Antinny or to human error (although the former is probable), but it is already certain that the presence of Winny on the culprit's computer contributed to the leaks.

One wonders why it is still possible for people in such sensitive positions to install P2P software (infected or not) on their work-related computers. The lack of awareness seems comparable to that which lead to the recent American exposures of classified material. In the UK the potential for such problems is well recognised: for example, even in local police forces, forensics officers are allocated only the minimum required resources; often not even external email accounts. It would also be nice to know how Antinny remains active in these government agencies four years after antivirus signatures were released by mainstream vendors.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit