Different types of threat in e-commerce.

-

Security Threats in the E-commerce Environment 


Vulnerabilities In E-commerce

Vulnerability is a weakness that allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, an attacker's capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness

From a technology perspective, three key points of vulnerability in the e-commerce environment when dealing with e-commerce:

  •  Client,
  •  Server and 
  • Internet communications channels


                                          OR,

 Four key points of vulnerability threat: 

  • Intellectual property threats -- use existing materials found on the Internet without the owner's permission, e.g., music downloading, the domain name (cybersquatting), software pirating

  • Client computer threats. The customer machine may be compromised due to Trojan horse, Active contents, Viruses

  • Communication channel threats can occur due to the Sniffer program, Backdoor, Spoofing, Denial-of-service

  • Server threats may be caused due to – Privilege settings, Server Side Include (SSI), Common Gateway Interface (CGI), File Transfer, Spamming

    • Most common threats:

    1.  Malicious code 
    2. Adware
    3. Spyware
    4. Social Engineering
    5. Phishing 
    6. Hacking
    7. Credit card fraud and Identify theft
    8. Spoofing and Pharming


     Malicious Code
    • Viruses: computer programs that as the ability to replicate and spread to other files; most also deliver a “payload” of some sort (maybe destructive or benign); include macro viruses, file-infecting viruses, and script viruses 
    • Worms: designed to spread from computer to computer 
    • Trojan horse: appears to be benign, but then does something other than expected
    •  Bad applets (malicious mobile code): malicious Java applets or ActiveX controls that may be downloaded onto the client and activated merely by surfing to a Website

                                 OR,

     Malicious Code
    • these code threats typically involve viruses, worms, Trojan horses.
    •  viruses are normally external threats and can corrupt the files on the website if they find their way into the internal network. They can be very dangerous as they destroy the computer systems completely and can damage the normal working of the computer. A virus always needs a host as it cannot spread by itself.
    •  worms are very much different and are more serious than viruses. It places itself directly through the internet. It can infect millions of computers in a matter of just a few hours. 
    • A Trojan horse is a programming code that can perform destructive functions. They normally attack your computer when you download something. So always check the source of the downloaded file
                                                 Or,
     Malicious Code:
    •  the term is used to describe any code in any part of a software system that is intended to cause undesired effects, security breaches, or damage to a system.
    • Drive-by downloads: Malware that comes with a downloaded file that a user requests.
    • Viruses: A computer virus is a malware program that, when executed, replicates by inserting copies of itself into other computer programs, data files, or the boot sector of the hard drive; when this replication succeeds, the affected areas are then said to be "infected".
    • Worms: A computer worm is a standalone malware program that replicates itself to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it
    • Trojan Horse: Appears to be harmless, but then does something other than expected. It is not itself a virus because it does not replicate, but is often a way for viruses.
    • Bots (short for Robots): A type of malicious code that can be covertly installed on computers when attached to the Internet. When installed, the bot responds to external commands sent by the attacker; the computer can be controlled by a third party.

    POTENTIALLY UNWANTED PROGRAMS: programs that install themselves on a computer, typically without the user’s informed consent. These programs are increasingly found on social networking sites and user-generated content sites where users are fooled into downloading them.

     Adware:Typically used to call for pop-up ads to display when the user visits certain sites; while annoying, adware is not typically used for criminal activities 

                                               OR

     Adware: Adware is not exactly malicious but they do breach privacy of the users. They display ads on computer’s desktop or inside individual programs. They come attached with free to use software, thus main source of revenue for such developers. They monitor your interests and display relevant ads. An attacker can embed malicious code inside the software and adware can monitor your system activities and can even compromise your machine.

     

    Browser Parasite: Program that can monitor and change the settings of a user’s browser, for example, changing browser’s homepage or sending information about the sites visited to a remote computer
    Spyware: Program used to obtain information such as a user’s keystrokes, , instant messages, screenshots and so on.

                                                 OR,

    Spyware:

    • It is a program or we can say software that monitors your activities on a computer and reveal collected information to the interested party. Spyware is generally dropped by Trojans, viruses, or worms. Once dropped they install themselves and sits silently to avoid detection. 
    • One of the most common examples of spyware is KEYLOGGER. The basic job of a keylogger is to record user keystrokes with timestamps. Thus capturing interesting information like username, passwords, credit card details, etc. 


     PHISHING:
    •  Phishing is the act of sending an to a user falsely claiming to be a legitimate enterprise in an attempt to cheat the user into surrendering private information that will be used for identity theft 
    • Phishing is a common method of tricking 
    • Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication


     IDENTITY THEFT: IDENTITY THEFT is the fraudulent practice of using another person's name and personal information in order to obtain credit, loans, etc.

     

     Social Engineering:
    • Relies on human curiosity as well as greed to trick people into taking an action that will result in the downloading of malware.
    • Phishing attacks do not involve malicious code but instead rely on straightforward misrepresentation and fraud, so-called social engineering techniques.
    • Most popular is the scam (fraudulent in computing) letter.
    • Some pretending to be eBay, PayPal, or others writing to you for “account verification”
    • Click on a link the will take you to a website controlled by the scammer and where you enter your confidential details such as account number and PIN codes, etc.
                                             OR,
     Social Engineering:
    • It is the art of manipulating people so that they give up their confidential information like bank account details, passwords, etc. These criminals can trick you into giving your private and confidential information or they will gain your trust to get access to your computer to install malicious software- that will give them control of your computer.
    •  For example email or message from your friend, that was probably not sent by your friend. Criminal can access your friend's device and then by accessing the contact list, he can send infected emails and messages to all contacts. Since the message/ email is from a known person recipient will definitely check the link or attachment in the message, thus unintentionally infecting the computer.
                                                                  OR,
    Tricking the Shopper/ Social Engineering Techniques
    • These attacks involve surveillance of the Shoppers' behavior and gathering information to use against the shopper.
    • E.g. the attacker may contact the shopper pretending to be a representative from a site visited and extract information.

     HACKING 
    • HACKING is gaining unauthorized access to data in a system or computer and CYBER-VANDALISM is intentionally disrupting, defacing, or even destroying a site.
    • Hacker: individual who intends to gain unauthorized access to a computer system. 
      • Types of hackers include:
    • White hats are good hackers who help organizations locate and fix security flaws, they do their work with agreement from clients. 
    • Black hats are hackers who act with the intention of causing harm. 
    • Grey hats discover weaknesses in a system’s security and then publish the weakness without disrupting the site; their only reward is the prestige of discovering weakness.

      •                                  

                        

    CREDIT CARD THEFT/Credit Card Fraud/Theft
    • Stolen credit card incidences about 0.9% on the Web and about 0.8% of mobile transactions
    • Hacking and looting of corporate servers are the primary cause
    • Central security issue: establishing customer identity
    • E-signatures
    • Multi-factor authentication
    • Fingerprint identification
    • It is one of the most feared occurrences on the Internet. 
    • Fear that credit card information will be stolen prevents users from making online purchases.
    • Hackers target credit card files and other customer information files on merchant servers; use stolen data to establish credit under a false identity 
    • One solution: New identity verification mechanisms


    Identity Fraud/Theft
    • Unauthorized use of another person's personal data for illegal financial benefit
    - Social security number
    - Driver's license
    - Credit card numbers
    - Usernames/passwords

    • 2016: Over 15 million U.S. consumers suffered identity fraud


    SPOOFING (PHARMING) AND SPAM (JUNK) WEBSITES. Spoofing is misrepresenting oneself by using fake addresses or masquerading (pretend) as someone else. Spam websites promise to offer some product or service but in fact are a collection of advertisements for other sites, some of which contain malicious code. These websites appear in search results and cloak their identities by using domain names similar to legitimate firm names.
                                             
                                                    OR,
     Spoofing 
    It is the creation of messages with a forged sender address. It is easy to do because the core protocols do not have any mechanism for authentication. It can be accomplished from within a LAN or from an external environment using Trojan horses. Spam and phishing typically use such spoofing to mislead the recipient about the origin of the message. Misrepresenting oneself by using fake e-mail addresses or masquerading as someone else

    Snooping the Shopper’s Computer
    Millions of computers are added to the Internet every month. Most users' knowledge of the security vulnerabilities of their systems is vague at best. Additionally, software and hardware vendors, in their quest to ensure that their products are easy to install, will ship products with security features disabled. In most cases, enabling security features requires a non-technical user to read manuals written for the technologist

    DENIAL OF SERVICE (DoS) ATTACK: Flooding a website with useless traffic to drown and overwhelm the network. DoS attacks typically cause a website to shut down, making it impossible for other users to access the site.
     Distributed denial of service (DDoS) attack: hackers use numerous computers to attack target networks from numerous launch points 
               
                                                          OR,

     A denial-of-Service attack (DOS)
    In computing, a Denial Of Service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.

    A Distributed Denial of Service(DDoS) is where the attack source is more than one–and often thousands– of unique IP addresses. Criminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks, credit card payment gateways; but motives of revenge, blackmail, or activism  can be behind other attacks

    Pharming: re-directing you to a hacker's site when you type in a company's Web address
                                                         Or,
    Pharming: Pharming attacks focus on DNS systems. This type of attack affects the routing system of the internet by interfering in the lookup process of the domain name. 
    For example, the customer enters desired site name such as www. eBay. in and gets diverted to a similar look and feel site without realizing it.

    SNIFFING: Sniffer is a type of eavesdropping program that monitors information traveling over a network. It enables hackers to steal proprietary information from anywhere on a network 

     Sniffing the Network
    In this scheme, the attacker monitors the data between the shopper's computer and the server.
    He collects data about the shopper or steals personal information, such as credit card numbers. A practical location for sniffing the network is near the shopper's computer or near the server.

    INSIDER ATTACKS:
    • The largest financial threats to business institutions come not from robberies but from misappropriation of funds by insiders.
    • Largest threat to business institutions come from insider embezzlement
    • Employee access to privileged information
    • Poor security procedures
    • Insiders are more likely to be a source of cyberattacks than outsiders

    POORLY DESIGNED SERVER AND CLIENT SOFTWARE: 
    • Many security threats prey on poorly designed server and client software, sometimes in the operating system and sometimes in the application software including browsers.
    • An increase in complexity of and demand for software has led to increasing in flaws and vulnerabilities
    • S Q L injection attacks
    • Zero-day vulnerability
    • Heartbleed bug; Shellshock (BashBug); F R E A K

    SOCIAL NETWORK SECURITY ISSUES: 
    • Social network sites like Facebook, Twitter, and LinkedIn provide a rich and rewarding environment for hackers. 
    • Viruses, identity theft, phishing, etc. are all found on social networks.
    • Social networks an environment for:
    - Viruses, site takeovers, identity fraud, malware-loaded apps, click hijacking, phishing, spam
    - Manual sharing scams
    - Sharing of files that link to malicious sites
    - Fake offerings, fake Like buttons, and fake apps


    MOBILE PLATFORM SECURITY ISSUES: Mobile users are filling their devices with personal and financial information making them excellent targets for hackers.

    CLOUD SECURITY ISSUES: the move of so many Internet services into the cloud also raises security risks. Safeguarding data is maintained in a cloud environment is also a major concern.

    Guessing passwords
    Another common attack is to guess a user's password. This style of attack is manual or automated. Manual attacks are laborious, and only successful if the attacker knows something about the shopper.
    For example, if the shopper uses their child's name as the password. Automated attacks have a higher likelihood of success because the probability of guessing a user ID/password becomes more significant as the number of tries increases. Tools exist that use all the words in the dictionary to test user ID/password combinations, or that attack popular user ID/password combinations. The attacker can automate to go against multiple sites at one time.

     Man-In-The-Middle (MITM) Attacks
    • A Man-in-the-middle attack is known to occur when someone with malevolent intent enters into a discussion among two parties, imitates both of them, and gets information these two parties are sending each other. The exciting feature of this situation is that maybe both parties are not aware of the man-in-the-middle.
    • If in case a man-in-the-middle situation occurs to your site, the man in the middle can send you an email, that would look genuine. It is also probable that the man-in-the-middle has made a site that looks very similar to the website of your bank, so you would not falter to enter your authorizations and confidential information. There are various kinds of man-in-the-middle attacks, such as DNS spoofing, IP spoofing, stealing browser cookies, SSL hijacking, HTTPS spoofing, and email hijacking.
     
                                           OR,
    Security Threats in the E-commerce Environment

     Three key points of vulnerability:
    • Client 
    • Server 
    • Communications channel



     Most common threats:
    1. Malicious code
    2.  Hacking and cyber vandalism 
    3. Credit card fraud/theft 
    4. Spoofing 
    5. Denial of service attacks
    6. Sniffing 
    7. Insider jobs


    1. Malicious code
    •  Viruses: computer programs that as the ability to replicate and spread to other files; most also deliver a “payload” of some sort (maybe destructive or benign); include macro viruses, file-infecting viruses, and script viruses  Worms: designed to spread from computer to computer 
    • Trojan horse: appears to be benign, but then does something other than expected 
    • Bad applets (malicious mobile code): malicious Java applets or ActiveX controls that may be downloaded onto the client and activated merely by surfing to a 

    2.Website Hacking and cyber vandalism 
    • Hacker: Individual who intends to gain unauthorized access to computer systems 
    • Cracker: Used to denote hacker with criminal intent (two terms often used interchangeably) 
    • Cybervandalism: Intentionally disrupting, defacing, or destroying a Web site
    •  Types of hackers include:
    •  White hats – Members of “tiger teams” used by corporate security departments to test their own security measures 
    • Black hats – Act with the intention of causing harm 
    • Grey hats – Believe they are pursuing some greater good by breaking in and revealing system flaws

    3.Credit Card Fraud 
    • Fear that credit card information will be stolen deters online purchases 
    • Hackers target credit card files and other customer information files on merchant servers; use stolen data to establish credit under a false identity
    •  One solution: New identity verification mechanisms

    4.  Spoofing: Misrepresenting oneself by using fake e-mail addresses or masquerading as someone else

     5. Denial of service (DoS) attack: Hackers flood Web site with useless traffic to inundate and overwhelm the network 

     Distributed denial of service (DDoS) attack: hackers use numerous computers to attack target networks from numerous launch points

    6. Sniffing: type of eavesdropping program that monitors information traveling over a network; enables hackers to steal proprietary information from anywhere on a network 

    7. Insider jobs: 
    • single largest financial threat
    • The largest threat to business institutions come from insider embezzlement
    • Employee access to privileged information
    • Poor security procedures
    • Insiders are more likely to be a source of cyberattacks than outsiders

    Comments

    Post a Comment

    Popular posts from this blog

    Suppose that a data warehouse for Big-University consists of the following four dimensions: student, course, semester, and instructor, and two measures count and avg_grade. When at the lowest conceptual level (e.g., for a given student, course, semester, and instructor combination), the avg_grade measure stores the actual course grade of the student. At higher conceptual levels, avg_grade stores the average grade for the given combination. a) Draw a snowflake schema diagram for the data warehouse. b) Starting with the base cuboid [student, course, semester, instructor], what specific OLAP operations (e.g., roll-up from semester to year) should one perform in order to list the average grade of CS courses for each BigUniversity student. c) If each dimension has five levels (including all), such as “student < major < status < university < all”, how many cuboids will this cube contain (including the base and apex cuboids)?

    -
    Image
    a) A Snowflake Shema is shown in figure below: b) The specific OLAP operations to be performed: 1. Roll-up on course from course_id to department. 2. Roll-up on a student from student_id to university. 3. Dice on course, student with department ="CS" and university = "biguniversity" 4. Drill-down on a student from the university to student_name. c) N = 4 dimensions The cube will contain 54 = 625 cuboids.
    Read more

    Pure Versus Partial EC

    -
    Image
    Pure Versus Partial EC EC takes several forms depending on the degree of digitization (the transformation from physical to digital). Companies utilizing pure EC conduct all of their business online. Businesses utilizing partial EC conduct a portion of their business online and a portion of their business off-line OR,    Pure E-electronic commerce refers to a situation where a business transacts its business activities PURELY online. that is, the goods or services sold do not have any physical presence. take a business that sells software, for example, you just pay and download, or one that sells music files online. Partial E-Commerce on the other hand refers to a slightly opposite situation where a business has an online presence, but still has a physical location for the goods and services it sells. For example, Amazon, Walmart, and any other you can think of. you buy the goods online but receive them physically.                   ...
    Read more

    Discuss classification or taxonomy of virtualization at different levels.

    -
    Image
    Taxonomy of virtualization Virtualization is mainly used to emulate the execution environment, storage, and networks. The execution environment is classified into two: – Process-level – implemented on top of an existing operating system.  – System-level – implemented directly on hardware and does not or minimum requirement of the existing operating system. OR,  Virtualization covers a wide range of emulation techniques that are applied to different areas of computing. A classification of these techniques helps us better understand their characteristics and use  V irtualization is mainly used to emulate  ● Execution Environments: To provide support for the execution of the programs eg. OS, and Application.  ○ Process Level: Implemented on top of an existing OS that has full control of the hardware  ○ System Level: Implemented directly on Hardware and do not require support from existing OS.  ● Storage: Storage vi...
    Read more