Common Types Of Threats Related To E-Commerce
One type of threat the organisation may face are malicious threats causing damage to the website, costing money. Malicious damage can happen externally, an example of an external threat to a website would be a DDOS attack, this is when an individual uses many different sources such as different PC’s to send too much data to the websites server, this then overloads the websites connection or CPU stopping normal users using the website meaning the website stops making money. DDOS attacks work by sending many packets with no instructions so the server becomes overwhelmed and as the packets are coming from lots of different sources it’s difficult to stop. In the modern era of networking there are lots of affordable options to stop DDOS attacks, an example to stop these attacks would be a web filter to filter out unwanted traffic at the cost of slower loading times, another way to stop these attacks is by using Cloud Flares anti DDOS protection, this works by sending all traffic through a third party network (cloud flare) who then checks the IP’s and data the IP is requesting and checks that its legitimate.
Website defacement is an external attack when hackers gain unauthorised access to the servers HTML code and files, they then change the look of the website to confuse visitors or just promote other competitors, this can cause an e-commerce to lose mass amounts of customers and money depending on how long the defacement goes on for. An example of when a website defacement happened was in 2015 when popular PC manufacture “Lenovo” had their website compromised through a “DNS hijack” from popular hacking group “Lizard Squad”, the website was replaced with a slide show of bored teenagers and a link to the hacker groups twitter. At the time Lenovo’s reputation was already bad due to them selling laptops pre-installed with the malware “Super fish” which broke users encrypted connections to deliver custom adverts to the users. Third party suppliers to an organisation usually need access to customer data to help them supply the correct items, it is important for an e-commerce site to control this access and make sure the third-party suppliers don’t have any more information than they need because this could be sold on for extra profit at the expensive of customer privacy.
Another issue is assessing how secure a third-party supplier is, usually these are smaller companies, so they don’t have extensive security within their network, so the data could easily be stolen by hackers, therefore its important for the main e-commerce business to make sure the third-party supplier they are partnering up with has the correct standards in place.