An unauthorized access prevention system that includes a search unit searching the flowing-in path of the unauthorized access to the services by a Web system disclosed by a user's ISP, a determination unit determining the place to implement a countermeasure for protecting the services from the unauthorized access based on the result of the search, and a notification unit notifying, according to a determination that that the countermeasure is implemented in the flow source that makes the unauthorized access flow into the user's communication network, the determination to the flow source.