Avoiding Cyber Threats in E-Commerce - Essay Example

Avoiding Cyber Threats in E-commerce s Avoiding cyber threats in e-commerce Introduction The global security technology and services were estimated to be $67.3 billion as of 2013. This was an increase of 8.9 % from $61.9 billion in 2012 (Clarke, 2010). Electronic commerce uses the cyberspace to connect to the rest of the world, and attacks across the border are at a lightening speed (Palmer, 2010). Business organizations face millions of cyber attacks daily. Research has shown that protection and ensuring the resilience of the critical infrastructure is very important to the country’s public health and safety, security, and economic vitality. About 52% of the UK consumers use online shopping as an opportunity to save cash. In 2009, an estimated 608 million card payments were made online, with £47.2 billion being spent in 2011 around 74% of UK homes have internet access (Government of the United Kingdom, 2011). The cyber security departments need to have strategies that balances resiliency with focused, protection, risk-informed prevention and preparedness activities in order to manage and reduce the most deleterious risks in e-commerce. E-commerce is regarded as the wave of the future. However, as organizations come up with new web-based strategies so as align themselves with the future commerce, problems are expected on the way inform of cyber attacks. Cyber security is at a sensitive stage in the evolution of e-commerce. A major attack at this particular time, if successful, could significantly affect the future development of the e-commerce business model. This could result to harsh ramifications for the victimized organization(s) in particular. The paper will highlight the strategies used by cyber security in order to avoid the hackers prevailing users of e-commerce websites. Thesis statement: e-commerce is safe from cyber attacks because it has sufficient mechanisms to defend critical attacks and respond to any cyber attacks. Discussion The ever increasing roles of information technology as well as the growth of the e-commerce sector have made cyber security be very important essential to the economy. The cyber security standards are prevailing security standards that enable various organizations to practice safe security techniques so as reduce the number of successful cyber security attacks (Amoroso, 2012). The misuse of the online environment through hacking, fake websites and other means have threatened to undermine the social and economic benefits of the online environment by eroding confidence and trust in the security and safety of the online environment (Shoemaker & Conklin, 2011). This is what has necessitated the e-commerce industry to come up with strategies that will boost customer confidence in engaging in online transactions. These developments have ensured that there is a safe and reliable online environment. Maintaining confidence is crucial in e-commerce as a viable way of doing business. The businesses, government investors, and particularly customers each need to be confident internet networks are safe to use. Since the major threat to e-commerce relates to security of transactions and information, the recent advances in security has significantly enhanced the level of protection that surrounds transmitted information especially personal information from the consumers. So as to have an understanding of the various ways of securing a computer system, it is crucial that one first comprehends that different types of attacks that may be launched against it. In relation to e-commerce, these attacks can be categorised as backdoors, denial-of-service attacks, exploits, and indirect attacks (Awan & Blakemore, 2012, p.54-56). In order to ensure security and safety of the online transactions, the e-commerce industry has come up with various cyber security strategies in order to avoid the hackers prevailing users of e-commerce websites. One strategy used is the development of partnerships among industry, governments, academicians, researchers and others that recognise the crucial roles that each one of them plays in ensuring a secure, trusted and secure sustainable online environment. This is attained through developing, implementing and reviewing the internet security guidelines and best practices. Besides, strategic summits are held with professional business services such as auditors, lawyers and insurers to establish the role they may play in promoting better management of cyber risks. Consequently, it improves the conduction of e-commerce (Andress & Winterfeld, 2011). The e-commerce users are also educated so as to raise their awareness of online security. This will help the e-consumers to have trust and confidence in using the e-commerce websites. Through this awareness, it also helps them to comprehend and fulfil the responsibility and role in contributing to a secure, trusted and sustainable online environment (Brenner, 2009). With regard to secure coding practices, it can make an application that is more resistant to malicious subversion. In e-commercial environments, most of the software subversion vulnerabilities originate from a few known types of coding defects including integer flow, format string vulnerabilities, buffer flows and code/command injection. Data that contains executable instructions are the ones that allow gaining control of the processor. Therefore, secure coding practices prevents hackers from gaining control of the computer. The other strategy that e-commerce industry uses to protect its websites from hackers is through secure operating systems (Government of the United Kingdom, 2011). The strategy entails coupling special microprocessor hardware features. It often involves management of the memory unit to a specially- correctly implemented operating system kernel. As a result, this forms the basis for a secure and safe operating system ensuring absolute impossibility of penetration by the hostile elements (Brenner, 2009). Computer security may be compromised by hardware failure. Hardware-based computer security provides an alternative to the software only computer security (Kalakota & Whinston, 2010, p.21). Making use of methods and devices such as trusted platform modules, dongles, drive locks, disabling the USB ports, intrusion-aware cases and mobile-enables are regarded as being more secure as a result of the physical access. First, the USB dongles are used on software licensing schemes so as to unlock software capabilities. They can also be used to prevent the unauthorised access to a computer. The dongle creates a secure and safe tunnel that is encrypted between the software application and the key. Moreover, the USB dongle can also be configured to unlock and lock a computer (Kalakota & Whinston, 2010, p.34). Secondly, the trusted platform modules usually secure the devices by integrating crytopgraphic abilities into the access devices by making use microprocessors. The trusted platform modules when used together with serve-side software provide a way of detecting and authenticating hardware devices, thus preventing unauthorised data and network access (Armstrong, 2000). Thirdly, the computer case intrusion case intrusion detection actually refers to a certain type of push button that is usually triggered if the case of the computer is opened. Next, drive locks are software tolls that encrypt hard drives making them inaccessible to thieves (Shoemaker & Conklin, 2011). Lastly, disabling of the USB ports is a security option that prevents malicious and unauthorised access to a secure computer. It is also very possible to protect messages in transit through cryptography. For instance, the one-time pad is unbreakable when correctly used. The method entails matching a pair of codes, securely distributed that are used only once to decode and encode a single message (Ventre, 2009). The other security measure employed in the e-commerce industry so as enhance customer trust and confidence is the system design. This implies that the software is designed from ground to its use to be secure. For instance, in the principle of least privilege, if an attacker gains access to any part, they only have limited access to the whole system (Peikari and Chuvakin, 2011, p.45). The e-commerce industry is seeking agreements with internet service providers on the support they may provide to the internet users to assist then determine, address and protect themselves malicious activities on their systems (Kalakota & Whinston, 2010, p.33). As cited by Denning (2008), the industry is also making attempts to respond to the cyber threats that are regarded as ‘new normal’ making use of the social media to warn the consumers in relation to the online threats. This results to a wider consumer audience being reached to become aware of the threats. The most secure computers are ones that are not connected to the internet and have been shielded from any interference (Amoroso, 2012). The perpetrators of the e-crimes against the organisation or an individual are pursued to the fullest extent of the law. Lastly, the industry ensures that it turns off unrequired services running by default after installation on the network servers to make sure that all the servers are operating with up-to-date security patches so as to limit exploitation (Government of the United Kingdom, 2009). Conclusion Viruses and Trojan horse programs are regarded as the greatest threat to the e-commerce world. The other significant threats to e-commerce include worms, phishing, control system attacks, denial of service (DOS) attacks, and unauthorized access through stealing intellectual property or confidential information. These attacks threaten the future development of e-commerce. This is because the interrupt the e-commerce operations and are categorised as denial-of-service tools. Most of the clients who engage in e-commerce usually want an assurance that the online transaction they are engaging in safe. Most of the e-commerce industries are progressively addressing the issues of security in their networks. The industry is offering guidelines for security systems and networks that are available for the e-commerce personnel to read and go ahead implement. Educating consumers is another crucial strategy of curbing internet attacks. Besides, training and orientation programs are regarded as crucial in enhancing the awareness of the e-commerce consumers of security on the internet. Other measures available to prevent cyber-attacks include intrusion detection prevention systems, firewalls, encryption, anti-virus software, and login passwords. However, industry self regulation of consumer privacy has been found to be ineffective. Reference List Amoroso, E. (2012). Cyber Attacks: Protecting National Infrastructure. Burlington: Elsevier Publishers. Armstrong, I. 2000. “Computer Crime Spreads,” SC Magazine, April 2000. Andress, Jason., & Winterfeld, S. (2011). Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners. Syngress. Awan, I., & Blakemore, B. (2012). Policing cyber hate, cyber threats and cyber terrorism. New York: Ashgate Publishers. Brenner, S. (2009). Cyber Threats: The Emerging Fault Lines of the Nation State. Oxford: Oxford University Press. Clarke, Richard A. 2010. Cyber War, New York: HarperCollins. Conklin, W. A. (2011). Cybersecurity: The Essential Body of Knowledge. Belmont: Cengage Learning. Denning, D. E. (2008). The ethics of cyber conflict. The Handbook of Information and Computer Ethics. London: Prentice-Hall. p.407–429. Government of the United Kingdom. (2009). Cyber Security Strategy of the United Kingdom: safety, security and resilience in cyber space. London: Government of the United Kingdom. Government of the United Kingdom. (2011). The UK cyber security strategy protecting and ptomoting the UK in a digital world. London: Cabinet Office Government of the United Kingdom. Kalakota, & Whinston. A. 2010. Electronic Commerce: A Manager’s Guide, Addison-Wesley. Keen, Peter. 2000. Ensuring E-Trust. ComputerWorld, 3/13/2000 issue Shoemaker, D., & Peikari, C., & Chuvakin Anton, 2011. Security Warrior, Cengage Learning: London. Ventre, D. (2009). Information Warfare. New York: John-Wiley. Read More