Panama Papers Leak and Precautions Law firms should take
E commerce
1. E-Commerce
Security Issues
Threats and Challenges on the Internet
Presented By Humayun Khalid
2. Threats and Challenges
• There are many ways of attacking a website,
online software applications, and any online
system that is connected to internet.
• Four basic ways of threats
– Loss of data integrity
– Loss of data privacy
– Loss of service
– Loss of control
Presented By Humayun Khalid
3. Loss of data integrity
• Information is created, modified, or deleted
• Example {HTML page coding changes}
• Write the coding of html page
Loss of data privacy
• Information is made available to unauthorized
persons.
• Hacking
Presented By Humayun Khalid
4. Hacking
• Hacking is unauthorized
use of computer and
network resources. (The
term "hacker" originally
meant a very gifted
programmer (claver
programmer). In recent
years though, with easier
access to multiple White Hat Hackers
systems, it now has
negative implications.)
Presented By Humayun Khalid
5. Hacking continue
• Sometime hacker gain full
access of computer
system and sometime
don’t get full access but
use DoS.
• Dos is denial-of-service
attack (DoS attack) or
distributed denial-of-
service attack (DDoS
attack) is an attempt to
make a computer or
network resource
unavailable to its
intended users.
Presented By Humayun Khalid
6. DoS attack continue
• In DoS the hackers attacks the website and
server components and damage the coding
and access programming of the system due to
this the program refuses to give access to
authorized access.
• It creates financial loss and also system,
softwares and databases loss for the
organization
Presented By Humayun Khalid
7. Ways of attacking
• One way is to monitor the communication
b/w two persons. It is unsecure because the
communication is done through text format,
when one enter communication, the hacker
change the text and creates conflicts b/w
parties
Presented By Humayun Khalid
8. Phishing
• Phishing is a way of attempting to
acquire information such as
usernames, passwords, and credit
card details by masquerading as a
trustworthy entity in an electronic
communication.
Define phishing procedure
Hackers can change, delete and modified the
information and the web server, owner and
even the person or customer don’t know that
which information is being changed.
Presented By Humayun Khalid
9. Software theft
• A biggest problem that the hackers can damage the softwares
coding contains on the data of customers, personal
information and user name, login details, passwords etc.
Sniffing
• Sniffing is a possibility to intercept the traffic on a network.
• Text log remain active on internet
• Hackers damage the output device e.g. monitor that show the
results by using remote assistance that is done by using these
text logs files
Presented By Humayun Khalid
10. Trojan Horse
• A Trojan horse, or Trojan, is software that appears to perform
a desirable function for the user prior to run or install, but
(perhaps in addition to the expected function) steals
information or harms the system. The term is derived from
the Trojan Horse story in Greek mythology.
• Trojan horse transfer the information from one system to
another system, by this the hacker can use system remotely
without any problem.
Presented By Humayun Khalid
11. Spoofing Attack
• In the context of network security,
a spoofing attack is a situation in which
one person or program successfully
masquerades as another by falsifying
data and thereby gaining an illegitimate
advantage.
• The hacker can take the control of the
network through hacking of one
system.
– Network configuration is badly
affected by hacking.
– IP address spoofing (control of IP
addresses)
• IP1,IP2, IP3, IP4
• Hackers attacks on the 1 IP and by using
administrative controls all IP’s By Humayun Khalid
Presented
12. IP Spoofing
• Hacker destroy the information and
also present false information to
customers that create conflicts,
problems for customers.
• Used by competitors to destroy the
image and goodwill of the online
business.
• So, keep you websites secure by
purchasing the online security
services such as VERISIGN, NORTON
SYMANTEC,WATCHBOX, @SEC
Presented By Humayun Khalid
13. Floppy Bribe the
hacking Programmers
• An old and know way by offering the amount to get
• Hacker is easily locate required information
Fake Website Pages
Hacker create a new page of the index page of
the website and the link it up with a wrong
webpage address, that create the problem for
customers. Customer don’t get their orders and
in case the firm’s sales decreases day by day,
when it comes in the knowledge of owner , he
surely loose its many potential customers. It is
called DNS hacking
Presented By Humayun Khalid
14. DNS hacking
• Domain Name System (DNS) is a hierarchical
distributed naming system for computers,
services, or any resource connected to
the Internet or a private network.
• So just security provided systems should to be
visible on the internet. (firewall)
Presented By Humayun Khalid