Today's threats to e-commerce systems include:
- Physical threats - threats posed to the IT infrastructure by, for example, fire or flood.
- Data threats - threats posed to software, files, databases, etc by viruses, Trojans and so forth. For more information on data threats and how to avoid them, see our guide on securing your e-commerce systems.
- Errors by people - eg employees clicking on links within messages received on social networking websites that are found to be malicious or the accidental deletion of data by an employee.
- Hoaxes - eg warnings about non-existent viruses circulated by email. Although these are relatively harmless in themselves, they can spread rapidly and cause as many problems as a genuine virus by clogging up email systems.
- Technical failure - eg software bugs.
- Infrastructure failures - eg server crashes.
- Credit card and payment fraud.
- Malicious attacks from inside or outside your business.
- Hacker threats should your computers become part of a larger group of infected, remote-controlled computers known as a botnet. Read the page on risks from viruses, Trojans, worms and botnets in our guide on securing your e-commerce systems.
- Risk to corporate information and intellectual property from internal staff and trading partners. It is difficult to control how sensitive information will be handled by third parties or contract workers. Few organisations have systems in place to ensure common standards in vetting staff and security between trading partners.
- Hacker exploitation of errors in software application design, technical implementation or systems operation. In addition, vulnerabilities are widely published for anyone to read or experiment with.
- Website defacement - where the corporate image or web messages are changed - and virus attacks can lead to commercial embarrassment and damage to a business' corporate image.
- Denial-of-service attacks - which use a flood of false messages to crash or slow down a business' systems - can have a devastating impact on communications and e-commerce activity. There are increasing opportunities for individuals to mount such an attack with a low risk of traceability. Hackers are increasingly using botnets - a group of computers infected with malicious software and controlled remotely - to cause these attacks.