E-commerce involves a business transaction over an electronic system or utilizing electronic systems. An e-commerce website involves electronic transactions over the Internet, an intranet or an extranet. E-commerce websites utilize internal networks that may interface with the World Wide Web. The nature of e-commerce introduces internal and external risks to both the website and the business systems to which it connects. External threats to an e-commerce website come from many sources, including the electronic economic environment and risks associated with the external Internet and related networks. Internal threats come from employees, the internal network and business processes, and from management.
One of the greatest internal threats to an e-commerce website is poor management. If management is not committed to ensuring security and providing budgets for purchasing antivirus software licenses and for keeping the internal networks robust, the e-commerce website is vulnerable to attack. Any internal systems to which it is connected are also vulnerable. Ideally, management should commit to regular IT security audits of the system to ensure that security is optimized and any potential problems are prevented or handled as soon as they occur. In smaller businesses, management may have other priorities and leave the e-commerce site vulnerable by default.
An e-commerce website is vulnerable to fraud from both internal and external sources. Fraudulent activities include credit card fraud, which exposes the site to threat from customers and external sources, and internal fraud, such as fraudulent transactions being entered into the system from the back-end by rogue employees. Fraudulent transactions can also be introduced into the system by hackers or Trojan horses, with such fraudulent transactions appearing identical to real customers' transactions.
E-commerce security issues relate to the internal business network and the interface between the customer’s transactions and the network. Hackers pose a threat to the security of the network with denial of service attacks, which can overwhelm a site and knock it offline or theft of customer personal financial information when they gain access to internal systems via an e-commerce website's vulnerabilities. These threats can be mitigated by using a firewall between the website and the internal network, and by encrypting the transactional data in such a way that prevents decoding.
Computer viruses and malicious software are some of the biggest threats to an e-commerce website. Viruses originate from external sources and can corrupt files if introduced into the internal network. They can completely halt or destroy a computer system and disrupt the operations of the website. Malicious software such as Trojan horses or worm-type viruses pose an even greater threat as they can destroy or capture information on the client side before any encryption software can take effect. They can also impersonate customers and pass bad or malicious codes into the server running the website, where it becomes an internal problem.
- Photo Credit Zinco79/iStock/Getty Images
Types of Internet Security Threats
The Internet can be a dangerous place, with threats lurking around every virtual corner. These malicious programs and individuals can compromise your...
eCommerce Website Security Analysis
E-commerce is when goods or services are purchased using the Internet. As e-commerce grows with many online retailers and stores, hackers and...
The Steps for Overcoming Threats in a Business
For strategic planning and development, a business analyzes its strengths, weaknesses, opportunities and threats known as, "SWOT." A business developing a plan...
Internal & External Security Monitoring Activities
Security monitoring activities help protect a business from threats within the company, as well as from external threats. Internal security activities focus...
Administration Audit Checklist
Internal audits are an important part of business operations. The Institute of Internal Auditors defines them as an evaluation function that examines...
Risks of Internal Control in eCommerce
Technology has greatly changed the way companies operate in today’s business world. Many companies have started eCommerce websites via the Internet to...
External Threat Examples
Businesses have two types of environments: internal and external. Internal environments are controlled by the company, and may include elements such as...