The Threat of Online Security: How Safe is Our Data?

Nowadays, most businesses have move towards to online system. They have experienced some kind of security threat to their business.Since the Internet is a public system in which every transaction can be tracked, logged, monitored and stored in many locations, it is important for businesses to understand possible security threats to their business.

Security can divided to three concept.First is confidentiality.Confidentially allows only authorized parties to read protected information.Second is integrity.Integrity make sure that the data remains as is from the sender to the receiver.Third is availability which can ensures you have access and are authorized to resources.

There are many threats to e-commerce that may come from sources within an organization or individual. The followings are some of the potential security threats that can be found:

1. Tracking the shopper - It is one of the easiest and most profitable attacks, another name is social engineering techniques. These attacks involve observation of the shopper’s behavior, gathering information to use against the shopper.

2. Inquiring the shopper’s computer - Most of the users are no understand about the system that they are using. Additionally, software and hardware vendors, they want to ensure that their products are easy to install, then they will ship products with security features disabled. The confused user does not attempt to enable the security features.

3. Sniffing the network - Here, the attacker monitors the data between the shopper’s computer and the server. He collects data about the shopper or steals personal information, such as credit card numbers.

4. Using known server bugs - The attacker analyzes the site to find what types of software are used on the site. Then, the attacker proceeds to find what patches were issued for the software. In addition, he searches on how to utilize a system without the patch. He proceeds to try each of the exploits.Finally, the attacker finds a weakness in a similar type of software, and tries to use that to exploit the system. This is a simple, but effective attack.