Security threats in E-Commerce Environment
In the past few years it’s seemed like there has been a new widespread security breach every other week. High profile incidents such as Heartbleed and WannaCry and hacks of notable entities including Sony Pictures and the Democratic National Committee have brought cyber security to the front of people’s minds. The magnitude of Distributed Denial of Service (DDoS) attacks has risen with the increased number of devices connecting to the internet, and as more of the population engages with these devices the risk of sensitive information being taken advantage of continues to rise.
Some of the common security threats we may come across:-
Malware, or malicious software, is any program or file that is harmful to a computer user. Malware includes computer viruses, worms, Trojan horses and spyware. These malicious programs can perform a variety of functions, including stealing, encrypting or deleting sensitive data, altering or hijacking core computing functions and monitoring users’ computer activity without their permission.
A computer virus is a type of malicious software program (“malware”) that, when executed, replicates itself by modifying other computer programs and inserting its own code. When this replication succeeds, the affected areas are then said to be “infected” with a computer virus.
Computer viruses currently cause billions of dollars’ worth of economic damage each year, due to causing system failure, wasting computer resources, corrupting data, increasing maintenance costs, etc. In response, free, open-source antivirus tools have been developed, and an industry of antivirus software has cropped up, selling or freely distributing virus protection to users of various operating systems. As of 2005, even though no currently existing antivirus software was able to uncover all computer viruses (especially new ones), computer security researchers are actively searching for new ways to enable antivirus solutions to more effectively detect emerging viruses, before they have already become widely distributed.
Spam is the electronic equivalent of the ‘junk mail’ that arrives on your doormat or in your postbox. However, spam is more than just annoying. It can be dangerous – especially if it’s part of a phishing scam.
Spam emails are sent out in mass quantities by spammers and cybercriminals that are looking to do one or more of the following:-
(a) Make money from the small percentage of recipients that actually respond to the message.
(b) Run phishing scams – in order to obtain passwords, credit card numbers, bank account details and more
(c) Spread malicious code onto recipients’ computers,
(IV) Spyware threats
Spyware is generally loosely defined as software that’s designed to gather data from a computer or other device and forward it to a third party without the consent or knowledge of the user. This often includes collecting confidential data such as passwords, PINs and credit card numbers, monitoring keyword strokes, tracking browsing habits and harvesting email addresses. In addition to all of this, such activities also affect network performance, slowing down the system and affecting the whole business process. It is generally classified into four main categories: Trojans, adware, tracking cookies and system monitors.
(V) Trojan Horse
A Trojan horse is a destructive program that masquerades as a benign application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses into your system.
A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.