The Concern For Security On The World Wide Web

pyknicassortedSecurity

Nov 3, 2013 (3 years and 7 months ago)

61 views

ITC125 Assignment 2 Part
B


Michael Craigie



11231600



Page
1

of
7

The Concern For Security On The World Wide Web

http://athene.riv.csu.edu.au/~mcraig02/Assignment%202/Assignment%202.html


Internet security is becoming more of a problem with the growth of the internet and the World
Wide Web.
Hackers, pranksters, terroris
ts and other such threats are causing mayhem in
computer systems all over the world. Hackers and those alike can shut down large systems
and networks all over the world, crippling businesses, educational facilities, personal systems
etc. This threat is r
eal and there needs to be more done about preventing it from ever
happening.


The Internet and the World Wide Web are growing at a fast rate and becoming more
woven into the fabric of society. Security is always an issue in every niche of
everyday life.
As the electronic world grows, the security issues associated with grow
with it. It grows in not only size but also sophistication. The concern for such
security issues will be shown to be nowhere near great enough. The problem is great
and security at
a premium. It will also be shown that companies and individuals now
go about doing their business electronically and theft of information and breaches of
privacy are an issue in this field. Also that this is where the concern for security
should be at it
s greatest. After concern for the problems plaguing the new world we
live in becomes sufficient, then the online world can start to take different steps to
prevent such threats.


Internet security is becoming more of a problem with the growth of the inter
net and
the World Wide Web. With IT getting more complex
,

the threat to security is
growing at a rapid rate and these threats are also growing in sophistication.
A man by
ITC125 Assignment 2 Part
B


Michael Craigie



11231600



Page
2

of
7

the name of Thomas Rona wrote a paper predicting this scenario. Rona commented
tha
t in a war, with the growth of IT, the most successful form of attack would be on
the opponents’ information systems. And this is true with the world now. It might be
concerning in a war between nati
ons, but now more recently, the concern
is
in
a new
war

being fought. Hackers, pranksters, terrorists and other such threats

are causing
mayhem in computer systems all over the world.

As these computer systems are
becoming more entwined into our society, the attacks on them are becoming better
known. These
attacks can generally be put into four types, denial, deception,
destruction and exploitation.

Denial attacks, often called Denial of Service, DOS
attacks, are attacks in which someone stops a system from working. Deception
attacks are those where someon
e leaves false data to make you system produce
incorrect results
. Destruction attacks, as the name suggests, can destroy a system
physically
or even electronically. Attacks of the exploitation type are used to steal
dat
a from a computer system.


M
ore o
ften than not, attacks are mainly from pranksters causing more annoyance than
any real threat, but the fact that they can do this is, gain access to our systems, is a
threat in itself. The real threat is those who know how to cause more trouble than just
annoyance. Hackers and those alike can shut down large systems and networks all
over the world, crippling businesses, educational facilities, personal systems etc. This
threat is real and there needs to be more done about preventing it from ever
happenin
g. Viruses such as the Melissa and Love Bug viruses hit the world through
email attachments and caused not only a major concern, but also widespread damage.
Email viruses are now a common occurrence and email users are warned not to open
ITC125 Assignment 2 Part
B


Michael Craigie



11231600



Page
3

of
7

any emails from
persons unknown to them or suspicious attachments
.
The level of
threat is here, but the level of concern to match this threat is not.


A
field,

in
which its own
security
is probably the largest

need for concern
,

is E
-
Commerce
,

or E
-
Business.
The indust
ry growth, as previously mentioned, has also
led to a growth in this field and has allowed many businesses to trade electronically.
Trading online is not only faster and more efficient, but also allows a more effective
way to sell products to consumers, t
hus increasing profit. It allows the consumer an
ease of browsing and easier purchasing processes.
But this new way of doing
business, whilst creating new opportunities

and more effective trading
,
it
also pose
s

great new risks.
Consumers can’t be sure t
hat their details and transactions are being
dealt with by genuine business or person, or whether their transaction will be
modified somewhere along the process. There are a growing number of cases of
credit card fraud, credit card information theft, and
breaches of personal information

on the World Wide Web than ever before
. Not only does this pose a threat to
sensitive information but also a threat to the security of cash flow and how
businesses
run their commerce.


Hackers can cause a lot of damage and

irreparable loss to a

company trading
electronically,

b
y
, for example,
gain
ing

access to
their

site and
having the ability to
ch
ange its content, and even purchase products for less than a staggering 90% of its
selling price.
These and other

hacking
thre
ats can in fact cost a company a huge
amount in lost revenue.
Scott Wright, director of information security services for
The Netplex Group, an e
-
business solutions provider
, stated:

A lot of retail companies end up losing millions of dollars every year b
ecause
they chose not to protect their sites
.
The costs to protect an information
ITC125 Assignment 2 Part
B


Michael Craigie



11231600



Page
4

of
7

security site are miniscule compared to what might happen if it is left
unprotected.

(Wright n.d., cited in Adams 2001, para.
6)


This alone is a need for concern. The fact

that companies trading on the World Wide
Web would rather risk an attack from hackers than spending a little extra money to
secure their site(s) and their consumers’ sensitive information would be concerning to
anyone.
In January of 2003, a virus called
“The SQL Slammer” attacked the internet.
It attacked computers and networks so fast, that in under half an hour, over 75,000
systems from all over the world were affected. This caused considerable damage to
businesses and billions of dollars of business
revenue was lost. No one was ready for
it.
Businesses in a web
-
based environment will suffer losses like this if not properly
protected. It’s not only those hit by a powerful virus created to spread devastation
throughout the web, but also those under i
ndividual attack by hackers that need to be
concerned about their security.
Like a food chain, if one link of a trading web has its
security breached, it not only means losses to that business, but also losses to other
businesses involved in trading with
that breached business, breaking the chain apart.
This leads to n
ot only financial losses but also losses in consumer trust

and a
degrading of the consumer perceived perception of online trading
.
Both of these
types of attacks

can

be devasta
ting to world

economy and trade and could plunge

the
electronic and ultimately, the physical world into an economic dark age,
which is
definitely a need for concern.


The problem now, is so big and hackers are so sophisticated that
the
problem of
securing the web canno
t be entirely solved.
However,

as the age old saying goes,
prevention is better than cure. Businesses, companies, traders, governments and even
personal computer owners can help prevent security b
reaches happening to them.
T
aking a proactive
and
pre
-
emp
tive approach to the security issues concerning
the
ITC125 Assignment 2 Part
B


Michael Craigie



11231600



Page
5

of
7

industry will put prevention of such attacks in sight.
Currently, networks and systems
around the world are using a reactive approach to web security; dealing with the
problems after the damage has alrea
dy been done.


A proactive approach has many advantages over a reactive one.
By analysing the
weaknesses in a system, they can be eliminated before they are exploited
.

With the
IT
world operating so fast, attacks last only seconds, so reacting to an at
tack would be
too late as there is no reaction quick enough to stop it. Pre
-
emptive security on the
other hand does not need to react as it stops the threat before it gets the chance to hit
the system or network.

Not only can pre
-
emptive solutions to thr
eat control be more
effective, but it also reduces a business’ costs. The cost of repair every time a breach
is made or a vulnerability is either found or exploited far outweighs that of
preventative measures as it requires less work and labour. However,

action against
these security issues can’t even be considered
and solutions theorised until the
concern for the issue reaches a point at which the IT world stands up and decides to
be proactive rather than reactive.


It is obvious that IT and the World Wi
de Web is becoming more woven into the fabric
of society day by day.
The way the world
goes about its

business and trading is now a
part of this fabric.
With this expansion of this new way of life
come security issues

in
need of much concern.
Hackers an
d alike are becoming more sophisticated in their
attacks and are capable of causing more trouble than ever before. Breaches of
privacy, theft of information and the causing of major economic losses are only a few
of the major security problems thrown out
by these attackers.
There needs to
be
a
solution to solve this widespread
and ever growing
problem.

Before a solution can be
ITC125 Assignment 2 Part
B


Michael Craigie



11231600



Page
6

of
7

found, the concern for it needs to grow. Once the concern for these issues are great
enough can then policies be drawn up, pre
-
e
mptive preventative measures be taken
and threats kept ahead of. Then, and only then can the world consider what needs to
be done and think about be proactive rather than reactive. The World Wide Web will
then be safer for not only indivi
duals, but also
companies using the web for online
trading and the everyday running of their business.

ITC125 Assignment 2 Part
B


Michael Craigie



11231600



Page
7

of
7


Reference List


Adams, C 2001,
Security on the Web: Businesses take proactive approach to securing
web sites,
Access Control & Security Systems Integration, vol. 44, i
ss. 6.


Bushong
,

J
, Helms, G & Nelms, L 2002,
Security

in Internet E
-
Commerce,
Ohio

CPA
Journal, vol. 61, iss. 3, pp. 12
-
15.


Forchte, K & Fore R 1995,
Security Issues and Concerns with the Internet,
Internet
Research, vol. 5, iss.
3, pp 23
-
31.


Hahn, R &
Berkowitz, B 2003,
Cybersecurity: Who’s watching the store?,
Issues in
Science and Technology, vol. 19, iss. 3, pp. 55
-
62.


Internet
Security Systems, 2004,
Pre
-
e
mptive Protection: Changing the Rules of
Internet Security,
Internet Security Systems

Executiv
e Briefing, viewed 12
th

May
2004.


Miller, D, Pearson, A, Pearson, R & Salisbury, W

2001,
Per
ceived security and World
Wide Web purchase intention,
Industrial Management & Data Systems, vol. 101, iss.
3/4
, pp. 165
-
176.