CHAPTER 10 : SECURITY THREATS AND SOLUTIONS

Figure 6-1  Security threats that can affected the system

Based on figure 6-1, for customer, security threats facing by them phishing scam and computer virus. Customer at the client layer can cause harm by computer virus. A computer virus is rogue software program that attaches itself to other software program or data files in order to be executed, usually without user knowledge or permission. Sometime viruses can attack on customer e-mail. Examples of viruses are Trojan horses, email viruses, network virus.

Besides that, online fraud involves customers getting duped into giving away their personal credentials and other confidential information via a phishing scam. Phishing scams are a form of identity theft, where spam emails are sent out to entice the customers to provide their personal information. The customers are tricked to reply to a URL/Email address provided by the fraudster as long as they maintain an email account.

The solutions for these security threats of the phishing scam and computer virus Customer must never respond to emails that requires to them submit a personal information directly into the e-mail and claims that their account has won prizes or cash and requests them to enter, validate or verify their personal information like personal details, password or user ID into an email or requires to confirm, validate, verify and/or update customer info. If customer receive a suspicious email asking them to confirm the details of theirs information, please forward it to eshop@tesco.com.my to get confirmation.  Other than that, customer should check seller’s privacy and return policy so that customer aware if any suspected email address. To prevent computer virus, customer should have effective and updated antivirus/antispyware software and in a public or work environment, check computer physically for any unusual devices that may be plugged in especially on the keyboard cable.

Based on figure 6-1, for corporate server, the security threats are spoofing, sniffing and Denial-of-Service Attacks (DoS). Spoofing may involve redirecting a Web link to an address different from intended one, with the site masquerading as the intend destination. Hackers redirect customers to a Tesco fake Web site that look almost exactly like the true site, they can then collect and process orders, effectively stealing business as well as sensitive customer information from the true site.

            Other than that, a sniffer is a type of eavesdropping program that monitors information traveling over a network. When used legitimately, sniffers help identify potential network trouble spots or criminal activity on networks, but when used for criminal purpose, they can be damaging and very difficult to detect. Sniffers enable hackers to steal proprietary information from anywhere on a network including e-mail messages, company files and confidential reports.

           

Denial-of-service attack, hackers flood a network server or Web server with many thousands of false communications or requests for services to crash the network. The network receives so many queries that it cannot keep up with them and is thus unavailable to service legitimate requests. DoS attacks effectively knock the services offline, costing lost business and negative publicity. They also force IT staff to expend valuable resources defending against the attackers.

The solutions for these security threats of spoofing, sniffing and Denial-of-Service Attacks (DoS). With dotDefender web application firewall you can avoid DoS attacks because dotDefender inspects Tesco HTTP traffic and checks their packets against rules such as to allow or deny protocols, ports, or IP addresses to stop web applications from being exploited. For prevent, filter the incoming packets, which seems to come from internal IP address and the outgoing packets as well and to encrypt communications completely and using sturdy physical security and make sure that your antivirus program is updated regularly and harden your TCP/IP stack.

Based on figure 6-1, for purchase order system, the security threats are hardware failure, software failure and internal threats. System malfunctions when computer hardware breaks down, not properly or is damaged by improper use or criminal acts. Hardware faults may occur. Computers have a certain lifespan. In particular the main piece where data is stored the "hard disk” has a rotating disc that contains a very sensitive device that does about a thousand cycles per min. Drives are like old records, spinning in a magnetic vacuum. They are very sensitive instruments, suffering sudden blows while moving will greatly damage them and when the life span assigned to them is taken into account (which can be estimated by the warranty period) the possibility of losing data is a threat that cannot be ignored.

Internal threat are many employees forget their password to access computer system or allow co-workers to use them which is compromise the system. Malicious intruders seeking system access sometimes trick employees into revealing their password by pretending to be legitimate members of the company in need of information. Both end users and information systems specialists are a major source of errors introduced into the information systems. A problem with software is the presence of the hidden bugs or program code effects. It is virtually impossible to eliminate all bugs from the large programs. The main source of bugs is the complexity of decision-making code.

The solutions for these security threats of purchase order system are for internal threats by using a smart card that size of credit card that contains a chip formatted with an access permission and other data. It can replace password because users often forget password, share them or choose poor password that are easy to guess which compromises security.

For hardware failure, tidy up the server room; a neater room will increase air flow and if you have more than 1 server, arrange them in a row so that the cold air comes from the front and is expelled out the back and put the hardware in the disclosure space and clean up regularly with specific standard and also Put extra cooling parts in the hardware components and have proper maintenance to prevent bad hard disk sectors.

For software failure, the software vendor creates small pieces of software called patches to repair the flaws without disturbing the proper operation of the software .it is up to users of the software to track vulnerabilities, test and apply all patches. This process is called patch management.