This document discusses risks associated with electronic commerce. It identifies intranet risks like intercepting messages and accessing databases. Internet risks to consumers include theft of credit cards, passwords, and privacy issues. Internet risks to businesses include IP spoofing, denial of service attacks, and other malicious programs like viruses and worms. Denial of service attacks can prevent businesses from processing transactions.
This document discusses risks associated with electronic commerce. It identifies intranet risks like intercepting messages and accessing databases. Internet risks to consumers include theft of credit cards, passwords, and privacy issues. Internet risks to businesses include IP spoofing, denial of service attacks, and other malicious programs like viruses and worms. Denial of service attacks can prevent businesses from processing transactions.
This document discusses risks associated with electronic commerce. It identifies intranet risks like intercepting messages and accessing databases. Internet risks to consumers include theft of credit cards, passwords, and privacy issues. Internet risks to businesses include IP spoofing, denial of service attacks, and other malicious programs like viruses and worms. Denial of service attacks can prevent businesses from processing transactions.
Group 6 – Elijah Alvin Danseco RISK ASSOCIATED WITH ELECTRONIC COMMERCE
1. INTRANET RISK 2. INTERNET RISKS 3. RISKS TO CONSUMER
RELIANCE ON ELECTRONIC COMMERCE POSES CONCERN
ABOUT UNAUTHORIZED ACCESS TO CONFIDENTIAL INFORMATION INTRANET RISK Intercepting network message Accessing corporate databases Privileged employees Reluctance to prosecute INTERNET RISKS TO CONSUMER How serious is the risk?
National Consumer League: Internet fraud rose by
600% bet ween 1997 and 1998 SEC: email complaints alleging fraud rose from 12 per day in 1997 to 200-300 per day in 1999
Major areas of concern:
• Theft of credit card numbers
• Theft of passwords
• Consumer privacy
• Cookies and consumer security
INTERNET RISKS TO BUSINESS IP Spoofing: masquerading to gain access to a web server and/or to perpetrate an unlawful act without revealing one's identity
Denial of service (DOS) attacks: assaulting a
web server to prevent it from servicing users particularly devastating to business entities that can not receive and process business transactions
Other malicious programs: viruses, worms,
logic bombs, and trojan horses pose a threat to both internet and intranet users THREE COMMON TYPES OF DOS ATTACK Syn flood - when the three-way handshake needed to establish an internet connection occurs, the final acknowledgement is not sent by the DOS attacker, thereby tying-up the receiving server while it waits Smurf - the DOS attacker uses numerous intermediary computer to flood the target computer with test messages, "pings“ Distributed DOS (DDOS) - can take the form of Smurf or SYN attacks, but distinguished by the vast number of "zombie" computers hijacked to launch the attacks INTERNET RISKS TO BUSINESS Motivation behind Dos Attacks. The motivation behind Dos attacks may originally have been to punish an organization with which the perpetrator had a grievance or simply to gain bragging rights for being able to do it.
OTHER MALICIOUS PROGRAMS.
Viruses and other forms of malicious programs such as worms, logic bombs, and Trojan horses pose a threat to both Internet and intranet users.