E COMMERCE SECURITY AND PRIVACY

Ecommerce is the activity of buying or selling of products on online services or over the Internet. Electronic commerce draws on technologies such as mobile commerce, electronic funds transfer, supply chain management, Internet marketing, online transaction processing, electronic data interchange (EDI), inventory management systems, and automated data collection systems.

Table of Contents

I)Abstract ……….01

1 Introduction ……….02

2 The Threats to E-Commerce……… 03

3.Privacy Issues……….06

4.The Distributed Denial of Service Attacks (DDOS)……… 09

5 Conclusions……… 12

II) WHY WEB SECURITY IS IMPORTANT? 20

1.LIST OF TYPES OF CYBER ATTACKS……… 22

2.PHYSICAL SECURITY FOR SERVERS……… 24

3.Protecting Computer Hardware ……… 28

4.Protecting Your Data……….30

5.ABOUT SSL………35

6.What Does SSL Really Protect? 38

III) E-COMMERCE WEBSITE SECURITY ISSUES……… 39

1.Privacy……… 40

2.Integrity, Authentication & Non-Repudiation……… 41

3.Technical Attacks……… 43

4.Non-Technical Attacks……… 43

5.Conclusion……… 44

6.15 Ways to Protect Your Ecommerce Site From Hacking and Fraud……….46

IV) SECURITY THREATS OF E-COMMERCE……….51

1.What is an e-commerce threat? 51

2.Distributed Denial of Service or DDoS Attacks………55

3.Man in the Middle Attacks……….59

V) E-COMMERCE: SECURITY AND PRIVACY……… 60

*INTRODUCTION………60

1.What is Security in E-Commerce ? 61

2 PUBLIC CONCERNS REGARDING E-COMMERCE………64

3.Privacy in E-Commerce……… 66

3.1 Main factors of distrust – security and privacy………69

3.2 Contradictory feelings about privacy………70

4 PRIVACY ISSUES……….71

5 E-commerce Security Tips……….77

6 GUIDELINES FOR COMPANIES……… 83

7.Conclusion………85

Reference………86

I)Abstract

Without trust, most prudent business operators and clients may decide to forgouse of the Internet and revert back to traditional methods of doing business Tocounter this trend, the issues of network security at the ecommerce and customersites must be constantly reviewed and appropriate countermeasures devised Thesesecurity measures must be implemented so that they do not inhibit or dissuade theintended e-commerce operation This paper will discuss pertinent network andcomputer security issues and will present some of the threats to e-commerce andcustomer privacy These threats originate from both hackers as well as theecommerce site itself A straightforward comparison could be made of the securityweaknesses in the postal system vs security weaknesses on the Net Thevulnerable spots in both cases are at the endpoints – the customer’scomputer/network and the business’ servers/network Information flowing in theconduit (trucks/planes and wires) is relatively immune to everyday break-ins.Privacy issues are amongst the major drivers for improved network security alongwith the elimination of theft, fraud and vandalism Two major threats to customerprivacy and confidence come from sources both hostile to the environment as well

as sources seemingly friendly Coordinated attacks on Yahoo, eBay, ZDNet,Buy.com (on their IPO day) and amazon.com generated a huge amount of publicityand a federal government response A brief description of these attacks will begiven in this paper Another threat may originate at ostensibly friendly companiessuch as DoubleClick, MemberWorks and similar firms that collect customerinformation and route it to other firms Much of this transaction information is able

to be associated with a specific person making these seemingly friendly actionspotential threats to consumer privacy

Many of the issues and countermeasure discussed here come from experiencesderived with consulting with clients on how to maintain secure e-commercefacilities These methods and techniques can be useful in a variety of client andserver environments, also serving to alert ecommerce users of potential threats

convenience and ease-of-use vs security has always been resolved in favor ofconvenience However, recent virus attacks against Microsoft Outlook (TheNIMDA, Code Red worms, the "ILOVEYOU", "Resume" and KAK viruses) havedemonstrated that convenience allows the rapid proliferation of viruses and wormsthroughout the Internet Microsoft released a patch that disabled the feature thatallows the “ILOVEYOU” virus to work This is the first time a software vendorhas released a patch that restricted a feature Further, the success of the DistributedDenial of Service (DDOS) attacks against major e-commerce sites pointed out theimportance of maintaining adequate security at sites not even remotely associatedwith the targeted e-commerce sites.

Not all of this is bad news The majority of security breaches on the Internet occur

at the endpoints, i.e., the local network, rather than the main "backbone" of theInternet This situation allows us to make a comparison of the security weaknesses

in the postal system and the Internet The most vulnerable spots of the postalinfrastructure are at the endpoints: the mailboxes at the sender and recipient sites

An example of abuse in the postal system was reported in a Roanoke Timesnewspaper reprint of a Los Angeles Times article that describes a thief stealingpostal mail from mailboxes The thieves were stealing bills, paychecks and otherconsumer identity related mail from the victim’s home mailboxes or from thepostal system’s street mailboxes This type of security breach happens much moreoften than one in which a thief steals directly from inside a post office Securitystandards, controls and practices have been developed within the main trunks ofthe postal infrastructure to monitor and hopefully prevent mail interception ortampering when the letter is in the system Similar controls are in place at theequivalent Internet network level Controls at the endpoints on the other hand varywidely from very good (usually at the originating business) to non-existent (usually

at the home computer)

Consumer privacy is becoming the most publicized security issue replacing theftand fraud as top concerns in e-commerce The DDOS attacks demonstrated thatbusiness sites did not maintain adequate security protection and intrusion detectionmeasures Some of the sites did not detect the compromise, which occurred monthsbefore the DDOS attacks The hackers who penetrated these sites had the ability todeliver a data integrity attack on the compromised business for the same amount oftime Businesses were spared simply because the hackers chose not to attack them

in that manner The recent NIMDA and Code Red worms succeeded in penetratingsystems because sysadmins failed to installed vendor patches No customer will

want to use a business that distributes sensitive customer data such as credit cardinformation, SSN information or credit limits without the knowledge or permission

of the customer Is this situation different from similar abuse in the phone or mailorder business model? Not really but the major difference has to do with the speed

of access to and dissemination of the sensitive data

User and system administrator awareness is becoming more important in the effort

to counter e-commerce attacks Consumers are slowly becoming aware of somesecurity features such as encrypted WEB transactions, privacy statements bycompanies, etc Internet service providers are becoming more responsive tocomplaints about Internet abuse originating from their sites

E-commerce security needs to be addressed not only at the business site with itsservers/network but also on the client side, which includes direct connected homecomputers It is this group of computers that are the most vulnerable to attackbecause the level of user security training or awareness is not high at all

2 The Threats to E-Commerce

The standard client server model has three components: the server system, thenetwork and the client system In the past, server systems were typicallymainframes running operating systems such as MVS, VM, VMS or Unix Window

NT and Windows 2000 (W2K) are now making inroads into this arena Thenetwork component includes the internal business network, the path between thebusiness and the customer through various ISPs and the customer’s internalnetwork Client systems are usually PC or Macintosh systems running theirrespective Window 9x, NT, W2K or MacOs operating systems although Unixsystems do serve as client systems

2.1 E-commerce Security Components

E-commerce security strategies deal with two issues: protecting the integrity ofthe business network and its internal systems; and with accomplishingtransaction security between the customer and the business The main toolbusinesses use to protect their internal network is the firewall A firewall is ahardware and software system that allows only those external users withspecific characteristics to access a protected network The original design wassupposed to allow only specific services (e.g., email, web access) between theInternet and the internal network The firewall has now become the main point

of defense in the business security architecture However, firewalls should a

small part of the business security infrastructure There are hacker tools such asSMTPTunnel and ICMPTunnel that allow hackers to pass information throughthe allowed ports The “ILOVEYOU” virus successfully penetrated firewallednetworks because inbound and outbound email is allowed to pass through thefirewall The Code Red and NIMDA worms passed through firewalls becausethey accessed systems through the standard WEB server ports.

Transaction security is critical to bolstering consumer confidence in a particulare-commerce site Transaction security depends on the organization’s ability toensure privacy, authenticity, integrity, availability and the blocking of unwantedintrusions Transaction privacy can be threatened by unauthorized networkmonitoring by software devices called sniffer programs These programs aremost likely found at the endpoints of the network connection There are anumber of defenses against this threat such as encryption and switched networktopologies Transaction confidentiality requires the removal of any trace of theactual transaction data from intermediate sites Records of its passage are adifferent thing and are required to verify the transaction actually took place.Intermediate nodes that handle the transaction data must not retain it exceptduring the actual relaying of the data Encryption is the most common method

of ensuring confidentiality Transaction integrity requires methods that preventthe transactions from being modified in any way while it is in transit to or fromthe customer Error checking codes are an example of such a method

Encryption techniques such as secret-key, public-key and digital signatures arethe most common method of ensuring transaction privacy, confidentiality andintegrity The common weakness of these techniques is that they depend on thesecurity of the endpoint systems to protect the keys from modification ormisuse The following paragraphs will discuss the vulnerabilities of this client-server model

Early hacker attacks were directed at the server systems because that’s wherethe access or data lived As server system administrators became moreexperienced, it became harder for hackers to successfully penetrate the servers.The hackers then shifted their focus to the network feeding into the server Theywere able to continue subverting the servers by intercepting the cleartext trafficflowing in and out the server Encrypting network traffic, converting thenetwork to a switched topology and filtering unknown access were some of thecountermeasures to this “sniffer” attack In response to this, the hackers simplyshifted to the client side and this is where most network security architectures

collapse Why? Looking at the OS architectures prevalent in the client side, weobserve: an OS used in a server is also used on the client system or thePC/Macintosh OS is used on the client If the client OS is the same as theserver, then the same server defense mechanisms can be used on the clientsystem However, if the client OS architecture is based on Windows 9x orMacOs then there is no effective defense available These OS platforms have nobuilt-in security designed into them and allow anyone with access to the system

to be able to gain control of it These OS architectures will continue to besusceptible to virus and Trojan horse program attacks

The two main threats to the e-commerce client-server model are viruses andTrojan horse programs Viruses are simply disruptive in nature but the Trojanhorse programs are the more serious threat because they not only facilitatebreaking into another system, they also permit data integrity attacks

2.2 Viruses

Viruses are the most publicized threat to client systems They are effective because

of the built-in insecurity of client systems (PC/Mac) Subverting a PC/Mac systemrequires access to the system and no special privilege is needed to write code ordata into sensitive system areas This operating system design issue is evident inolder versions of Windows 9x or MacOs 8.x Operating systems such as Windows

NT, Windows 2000, while still vulnerable to this type of attack, do have thecapability of restricting who can activate the virus The more publicized virusessuch as Melissa, ILOVEYOU, Resume, KAK and IROK have no effect on Unixsystems Viruses need “system privilege” in order to be effective In general, themultiple privilege access schemes present in Unix, VMS and other multi-useroperating systems prevents a “virus” from damaging the entire system It will onlydamage a specific user’s files

2.3 Trojan Horses

The BackOrifice, Netbus, BO2K hacker tools allow a remote user to control,examine, monitor any information on the target PC What makes them especiallybeguiling is that they are also capable of using the target PC to send information tothe net as if the legitimate user had done so There are commercial tools likeCUCme, VNCviewer that perform the same function There are numerous hackerexploit web sites such as www.portwolf.com/trojans.htm, www.cultdeadcow.com,www.rootshell.com, http://thc.pimmel.com and www.insecure.org where anyonecan download a copy of the abovementioned Trojan horse programs The good side

of the Force allows system administrators to use these tools to remote managelarge numbers of workstations This is the typical sysadmin support tool since thereare many more machines than sysadmins However, the dark side of the Forceallows a malicious user to install these tools for nefarious purposes such as forgery,data modification and eavesdropping.

2.4 Which is the Bigger Threat to E-commerce?

Viruses are a nuisance threat in the commerce world They only disrupt commerce operations and should be classified as a Denial of Service (DoS) tool.The Trojan horse remote control programs and their commercial equivalents arethe most serious threat to e-commerce Trojan horse programs allow data integrityand fraud attacks to originate from a seemingly valid client system and can beextremely difficult to resolve A hacker could initiate fraudulent orders from avictim system and the ecommerce server wouldn’t know the order was fake or real.Password protection, encrypted client-server communication, public-private keyencryption schemes are all negated by the simple fact that the Trojan horseprogram allows the hacker to see all cleartext before it gets encrypted

e-3 Privacy Issues

The abuse of consumer privacy is becoming a concern at the consumer, businessand government level There will be resistance to participating in certain types ofecommerce transactions if the assurance of privacy is low or non-existent

3.1 Abusing Customer Privacy

The government (Big Brother) isn't the biggest threat to privacy anymore.Businesses are! US Bankcorp was sued for deceptive practices in 1999 The banksupplied a telemarketer, MemberWorks, with sensitive customer data such asname, phone #, bank account and credit card numbers, SSN, account balances andcredit limits MemberWorks used these customer lists to sell dental plans,videogames, and services US Bankcorp settled out of court Well Fargo, Bank ofAmerica and other financial institutions announced they were discontinuing thepractice after the US Bankcorp settlement was announced Many banks still dealwith MemberWorks today Jane Bryant Quinn’s essay on Privacy Issues lists acouple of items of concern:

1 No Federal law shields “transaction and experience” information

2 Social Security Number information is periodically disclosed eitherintentionally or not.

3 Self-regulation by business doesn’t work Obviously, not all businessesare dens of information disclosure However, most businesses do not treat theinformation security cycle as a high priority until an event happens Theyconsider a firewall to be the best line of defense and pay not enough attention tosecuring the internal net

3.2 1984 or Lord of the Flies?

Firms like the Internet advertising firm DoubleClick collect customer informationand route it to other firms for use in creating customer profiles Doubleclickrecently acquired a direct marketing company, Abacus, Inc., is an effort to linkanonymous hits on Web sites with actual names and addresses of Web surfers Thefirm backed off this effort after the Federal Trade Commission launched aninvestigation In another example of a consumer privacy threat, grocery storechains offer discount cards to its customers Swipe the card through their readerand the customer gets discounts on food items This service allows the business todetermine the buying habits of the customer and perhaps better stock the store withthe items the customers buys frequently The store is free to sell this data tomarketing firms without notifying the customer This Personal Service vs.anonymity conundrum represents the major issue with E-commerce privacy If themajority of businesses are not considered to be secure, the confidentiality andintegrity of the customer information is suspect This may be a bold statement tomake about most business network security but the DDOS attacks, the results ofthe Internet Audit Project shown and the Top Ten Vulnerabilities list compiled bySANS demonstrated this lack of security at thousands of sites This lack of security

is the biggest threat to consumer privacy from external sources Selling consumerdata without the customer knowledge or permission is the major internal threat toconsumer privacy

Consumer information integrity is the clearly a problem if sites fail to secure thecustomer data at the server or the client It is just as easy to modify customer data,

as it is to publish it This ability to instantly rewrite a consumer’s history with aparticular business is quite possible and certainly easy to do with the BO2K styleTrojan horse programs installed on an unsuspecting client

The US Federal Trade Commission is urging the US Congress to pass legislation tobolster online privacy because it has doubts about whether companies can or will

self-regulate The FTC conducted a survey of 335 commercial Websites and 91 ofthe 100 most popular sites to determine their information gathering practices.Almost all the sites in both groups collected email address information fromvisitors but only 88% of the 335 sites had posted privacy policies Twenty percent

of these sites had policies “that reflect the fair information principles of notice,choice and access security” The FTC lists four types of privacy protection that itconsiders essential:

1 A notice defining privacy policies

2 A choice of how the user information collected by the site is used

3 Access to that data by the individual

4 Assurances that the data is secure

The same FTC survey found that 42% of the most popular web sites and only 20%

of the 335 sites offer consumers the above types of protection The sameComputerworld article made the observation that “the FTC applied very easygrades to the Web sites it investigated… For instance, if a Web site offered anytype of access, such as allowing consumers to update their email addresses, thesurvey scored the Web site as having access ‘And the majority of them stillflunked’ ” A recent commentary by William Safire pointed out that e-commerce is

“an industry busily compiling dossiers on every American.” These sites collectinformation about web browsers by using web “cookies” to track your movementsaround their web site One can certainly see the merits of this action; however, it’snot quite apparent why the organization is allowed to sell that data to otherbusinesses

Appendix 1 shows some of the user data that can be gleaned from a simple access

to a web site One of the authors visited www.anonymizer.com to generate thefigure The information shown in the appendix is accurate Even more detail can beobtained from the www server logs One of the issues raised at www.glr.com isthat a composite profile can be constructed about a user from seemingly disparatedatabases For example, one can look up a person at www.switchboard.com to getthe address and phone number of an individual Accessing www.mapquest.comand entering the address from the previous query to get a map and drivingdirections to the person’s address could pose a threat to the individual’s privacy.Access the person’s personal web page and you most likely can get a photograph

of the individual This is an example of data residing in completely different and

geographically separate sites being used to build a composite about a person Thedanger is that the access security is different at the sites and is not coordinated atall

E-commerce sites have the capability of assembling an incredible amount ofinformation about consumers and disseminating this information with or withoutthe individual's permission The absence of privacy regulations will continue until

a major privacy failure happens The failure of a site to maintain adequate securityallows someone to rewrite the consumer history of an individual with very littlemechanisms for verifying the accuracy of the information

4 The Distributed Denial of Service Attacks (DDOS)

Businesses that rely on web-based transactions are and will continue to bevulnerable to Denial of Service (DoS) attacks DoS attack scripts are the mostcommon, effective and easiest to implement attacks available on the WEB Noactual damage is done to the victim site The access paths to it are simplyoverwhelmed with incoming packets It would be every businessman's dream to be

in this situation if the incoming packets were legitimate customer orders However,

it can be their worst nightmare if they are the targets of a DoS attack Early DoSattacks were triggered by one internal machine against another The DistributedDenial of Service (DDOS) attacks are the latest evolution of DoS attacks and theirsuccess depends on the inability of intermediate sites to detect, contain anderadicate the penetration of their network The more intermediate sites arecompromised, the more sites are available to launch a DDOS attack against avictim site The 1999 DDOS attack against the University of Minnesota generatedover 2 billion packets sent from under 300 systems in 10 minutes The DoS attack

is diabolically simple Every packet transmitted on the Internet contains a sourceand destination address The simplest example is that of a ICMP ping transaction.The basic transaction is:

1 Source system sends a "ping" packet to the target This is anICMP_ECHO_REQUEST packet containing the source address of the sender andthe target address of the receiver

2 If the target system is able to respond, it sends a response back to thesource address listed in the "ping" packet This is anICMP_ECHO_REQUEST_REPLY packet

A ping packet is used to determine if a target site is online The original attack wascalled Smurf and simply replaced the source address of theICMP_ECHO_REQUEST packet with the address of a host other than the originalsender This new and unaware source site would receive the REPLY packet andignore it This process does consume some processing time The DoS occurs whenthe source site receives hundreds of thousands of these packets.

DDOS took the original Smurf attack one step further Entire networks werecompromised and slave daemons were installed on the individual machines Theseslave daemons can launch an ICMP, SYN, UDP or smurf flood attack but do soonly at the command of master systems that were also compromised The hackersends the attack command to the masters, each of which relays the command to theslave daemons It is quite possible to have tens of thousands of machines launchingthe attack against a single site The success of a DDOS depends on the failure ofthe compromised networks to detect and eradicate the master and slave programs.This failure could be caused by a number of reasons: lack of system administratorexperience, lack of base security standards for each machine, lack of intrusiondetection software to notify the admins or a management decision to not getinvolved The DDOS programs are called TFN, Trinoo, Win-trinoo, Stacheldrachtamong others There are numerous variants of these original programs but theconcept is the same The most dangerous of these is the Windows 9x variant calledwin-trinoo because there are millions more Windows systems than servers

4.1 The E-commerce Site’s Security Responsibility

DDOS attacks worked because sites failed to detect the initial compromise of theirsystems The compromises could have been prevented if standard systemmaintenance had been performed Had the sites detected the compromises, theywould have eliminated themselves as unwitting accomplices in the attack Propersystem administration training is the easiest method of countering this and othertypes of attacks The security of a site depends on the security of the internalsystems and the security of external networks

E-commerce sites need to tailor their security architecture to meet the demands ofensuring consumer data privacy and that company resources are not used to attackother Internet sites A business can certainly survive the publicity generated if theirnetwork is used to attack another site It most certainly wouldn't survive if wordgets out that customer credit, purchase, or personal data is stolen or copied withouttheir knowledge or permission For example, a hacker broke into an Internet music

store, CD Universe, and published 300,000 customer credit card numbers when thestore refused to meet his extortion demands This action prompted major creditcard companies to issue replacement cards for the customers affected by the attack.The ecommerce industry suffered a major setback in its effort to allay consumerfears about security when it was revealed that CD Universe's site was open tohackers for a few hours before the attack was discovered It suffered another blowwhen the security investigation revealed that the security hole was well known andthat a vendor patch was available to close the hole The hacker could have easilymounted a data integrity attack on CD Universe's customer database instead ofdemanding a ransom The company was spared only by the whim of the hacker Jim Seymour stated in a recent article at The.Street.com that the "last-inch"problem entails a horrendous cost if the e-commerce site is always up andavailable He claims e-commerce won't be crippled by the DDOS attacks E-commerce as an overall business factor won't be crippled but individual e-commerce sites will be affected

Software developers need to design software that is engineered for safety andsecurity It is still possible to add ease-of-use features but they should be initiallyturned off Automated security updates are another feature that could be used tohelp limit the scope of these attacks Microsoft released a patch that disabled some

of the features of its Outlook/Exchange tool This was most certainly due to thenegative publicity the company was getting about their product but it demonstratedthe power of that negative publicity

Proper training programs for the system administrators are the easiest and mosteffective way to prevent major security compromises The Audit group needs toreview the security methods to ensure their compliance with company policy andgeneral Internet security standards

4.2 The Client Responsibility

Cable modems, DSL connections and other high speed direct connect mechanismsfor connecting to the Internet create an entirely different set of security issues Themigration of DDOS attack tools to the Windows OS now allows a hacker to usethese direct connect systems as another base of operation The ISP’s responsibility

to maintain network integrity and create a model for containing any attack withtheir domain is paramount There are a number of documents available to theseISPs that provide guidelines for securing their networks The estimated number ofsystems used in the original DDOS attacks of early 2000 is thought to be less than

1000 There are certainly orders of magnitude more direct connect systems withminimal security tools installed Certainly, the system administration expertise ofthese systems is not very high.

The client's main responsibility deals with requiring ecommerce sites acknowledgethe right of the customer to examine their credit history and to be provided withinformation about who gets that information Ecommerce businesses shoulddevelop orientation programs for their customers that teach about basic securitypractices This certainly helps ensure confidence in the business' ability to secureand protect the customer information

5 Conclusions

The e-commerce industry is slowly addressing security issues on their internalnetworks There are guidelines for securing systems and networks available for theecommerce systems personnel to read and implement Educating the consumer onsecurity issues is still in the infancy stage but will prove to be the most criticalelement of the e-commerce security architecture

Trojan horse programs launched against client systems pose the greatest threat toe-commerce because they can bypass or subvert most of the authentication andauthorization mechanisms used in an e-commerce transaction These programs can

be installed on a remote computer by the simplest of means: email attachments Training programs, orientation programs will become more critical in order toincrease the general populace's awareness of security on the Internet

IT and financial control/audit groups within the ecommerce site should form analliance to overcome the general resistance to implementing security practices atthe business level

Industry self-regulation of consumer privacy appears to be ineffective The FTCprivacy survey and its recommendations to Congress may result in the introduction

of legislation on privacy issues

Importance of Cyber Security for Ecommerce Businesses in 2018

By 2020 the Internet of Things is on route to connect 200 billion objects, and thatincludes you and me, our pets and all the technological marvels that make our lives

easier Software is everywhere, but it’s also prone to failure and attacks, leaving usvulnerable.

If the battery on your smartphone runs out you realize how helpless you arewithout your contacts, social media and GPS To avoid undesirable consequences,

we must maintain 24/7 access to technology, upgrade our software, and firewallpersonal information Check out this infographic for a visual guide toCybersecurity in 2018:

The Cybersecurity Threat Is More Pervasive Than We May Think:

Ethical hackers are disappointed that growing technological innovation is notcreating secure homes and safer work-spaces Glitches and problems we’d solvedand buried are resurfacing The more innovative we are, the more insecure webecome

Technology is more vulnerable than ever to external attack It is disturbing that aheart pacemaker, a dam, the grid supplying power to a city or even a traffic system

is open to hacking Companies at the cutting edge of technology are neck deep incyber security threat assessment and damage control

Cyber-Attack Threat Levels Are Escalating:

In businesses that are aware of growing cyber security problems and privacyissues, an astonishing 70% of device communication remains unencrypted.Concerns are clear but nobody’s listening

It appears that the cyber security threat is a three-headed serpent

First, cyber security issues remain within the domain of engineers and softwarepros Other employees know nothing or have no idea what to do Second, manylayers of technology (old, obsolete and new) exist in an organization, and patchingupdates to the new systems don’t resolve vulnerability of older systems Third,companies are not prioritizing time, money and personnel for cyber securitybecause they remain focused on the production line, and bottom line

The Cyber Threat Emanates From Many Sources:

Who sources the attack, and what motivates them?

Cyber-criminals are in the business of stealing data (contact numbers, credit cardinfo, and bank account details, for example) that they sell to third parties for profit

Malicious hackers harboring personal enmity or criminal mentality hack intosystems to expose the host’s vulnerability

The hacktivists inspired by political and social activism hack systems opposed totheir ideology or mindset

The cyber terrorists representing a growing fringe element threaten to unleashchaos and disrupt the societies they target Beyond these individuals or groups,there are nation states coordinating cyber-attacks aimed at weakening opposingstates.

The Fallout Of a Cyber-Attack Can Be Devastating Personally And Economically:

SimpliSafe’s unencrypted air communications enabled hackers to access home userPINs to deactivate alarms As there’s no patch for this, more than 300,000SimpliSafe devices went the replacement route

The British company TalkTalk spent £50 million recovering from a cyber-attackthat compromised customer personal info, addresses, emails, bank details andpasswords The collateral damage was huge – a loss of 100,000 customers and adecline in share value by 20%

In 2015, Chrysler had to recall 1.4 million cars because a glitch in the softwareenabled hackers to control the car’s braking system, engine, electronics anddrivability

Hackers calling themselves “Guardians of Peace” (GOP) hacked Sony Pictures.The leakage of personal information and studio gossip compromised employeeprivacy and company strategy

As we grow more dependent on technology, we are navigating a cyber-securityminefield Safety depends a lot on how proactive we are in becoming security andrisk-conscious

Why Is Security Important For E-Commerce?

Customer information, business data and payment details are all highly sensitive,confidential commodities that are traded or shared as part of an e-commercetransaction

As the popularity of shopping online continues to grow exponentially, security hasbecome paramount, not only for retailers but for any business that operates via theinternet, in an attempt to inspire trust and confidence in customers This can beachieved predominantly through minimising the risks that customers are faced withonline

The press often reports on businesses that have fallen victim to hacking and data breaches, due to insufficient security measures, leading to sometimes irreparable reputation and financial consequences As such, online security is vital in helping businesses both reduce threats to their site and avoid compromising sensitive data

It also promotes sales, too, as consumers would naturally choose to make

purchases from a website that they believe is totally secure In order to make their store a secure place to shop, businesses should be aware of several security

services that can ensure their e-commerce site is protected and consumer

confidence is high

Authentication

Authentication is the process of identifying that both the store and the customer arelegitimate As a result, both parties can rest easy in the knowledge that there are genuine buyers and sellers Acquiring a digital certificate is one way of

authenticating a merchant This way, the customer knows that the website to whichthey submit sensitive information is actually the merchant, rather than a third party posing as the store

Secure Socket Layers (SSL) – which encrypts data from the customer to the server and prevents third party interference – uses these digital certificates, along with Public Key Infrastructure (PKI), to ensure privacy and integrity

Safety of the web host

Credit card details can be sent safely using SSL but many customers worry about what happens with the information once a transaction is completed As the

submission of payment details is necessary for e-commerce, it’s important that merchants safely store such information in a secure place This can be on the web hosting supplier’s server, on a separate PC or on disks Alternatively, intrusion detection services – a staple of top quality web hosting providers – can identify anymalicious patterns or attacks that more traditional security software might fail to detect

Be the customer

Another way for a business to check the security of their e-commerce site is to go through the buying process, selecting a product and making a payment, as if they were the customer This will give businesses the opportunity to create a ‘security checklist’ to ensure all services are in order

For example, when entering credit card data, make sure the browser is

communicating with the server using SSL If the browser does not recognise the server’s SSL certificate, rectify immediately as customers may not consider the sitetrustworthy enough to complete the transaction

The requirement for secure usernames and passwords comprising a combination ofnumbers, letters and lower/upper cases might be obvious but forms the very

foundation of a secure store If a customer fails to type the correct password after five attempts, then the account in question can be ‘locked’ and the attempts logged

– another benefit of a highly-rated web hosting service After all, a system is only

as secure as its user

II) WHY WEB SECURITY IS IMPORTANT?

 What is the #1 reason most people don’t lock up their website?

Lack of awareness of the risks and consequences, and the belief especiallyamongst small business owners that they’re too small to be noticed by hackers.They’re not aware that most hackers use automated tools to find vulnerable sites.Most small business owners are too busy to think about security in any depth.While they’re often aware generally of security issues, they often don’t connectthose threats with their own business So they don’t set aside the time andresources need to make sure even the most basic website security precautions arefollowed

 Why is website security so important?

Your website is your brand, your storefront, and often your first contact withcustomers If it’s not safe and secure, those critical business relationships can becompromised The threats can come in many forms – infecting a website withmalware in order to spread that malware to site visitors, stealing customerinformation, like names and email addresses, stealing credit card and othertransaction information, adding the website to a botnet of infected sites, and evenhijacking or crashing the site

A single security breach could be a death-knell for a small business Moststates now have strict data breach laws, and many come with stiff fines, penalties,and other costs Even if a security breach at a small business website doesn’ttrigger a data breach, it can still have a huge impact on customer trust if customersfind out about it

An unprotected website is a security risk to customers, other businesses, andpublic/government sites It allows for the spread and escalation of malware, attacks

on other websites, and even attacks against national targets and infrastructure Inmany of these attacks, hackers will try to harness the combined power of thousands

of computers and sites to launch this attacks, and the attacks rarely lead directlyback to the hackers.

 Some people may not think of web security as a way to build trust with customers They may think that it’s simply a way to prevent malicious attacks While prevention is important, how does web security build trust with customers?

Consumers are nervous about the security risks of the internet For example,identity theft has been the number one consumer complaint to the Federal TradeCommission every year for the last thirteen years Consumers seem to sense,because it’s common sense, that most small businesses can’t afford the bestsecurity and therefore it’s more likely their website presents a higher risk –whether it’s purchasing or just browsing

The more a small business can do to build trust in the security of their website,the more likely customers are to visit, stay, buy, return, and recommend That’swhy security seals are important Not only do they provide reassurance tocustomers that the website is secure and the business is aware of the risks, butcustomers are also so used to seeing these seals on websites, they tend to noticewhen a site has none

 What industries need to be particularly careful about securing their website?

No industry is immune Hacking is not just about stealing data Hackers want

to create watering holes where they can hide malware as a way to spread themalware to any visitors to that site They also want to enlist those compromisedsites in Distributed Denial of Service (DDS) attacks on other sites Any site canserve that function When it comes to data theft, financial services, healthcare, andretail seem to be especially popular

 What’s the most important step that business owners should do today to protect their website?

It’s tough to pick just one Some easy steps are to create a security plan, even asimple one, share it with everyone involved, and stick to it Manage your

passwords carefully, especially website access And keep all computers and mobiledevices free from malware so they’re not used as a launchpad for a website attack.

 Does choosing the right hosting provider make a difference for web security?

Of course, the hosting company is a key to website security The host providesthe infrastructure upon which the site will be built Just like building a house, youneed a strong foundation in order to be safe It also matters how you go aboutbuilding the house, which is an important piece that website owners sometimesdon’t fully understand While the host provides the infrastructure, the site needs to

be secure as well In fact, websites are now a much more popular entry point thanservers or networks, accounting for up to 80% according to a recent report fromVerizon We often use the analogy of an apartment complex The host providesthe security for the building, so if the front door hangs open and there is no buzzersystem, that is the host’s responsibility If you leave your apartment door open,though, it is still your responsibility This is the same way with a web host andwebsite owner

 Anything else business owners should know about web security?

Be proactive It is much easier to build in security right from the start than it is

to clean up after a compromise All too often, we work with website owners whodid not think about security until it is too late The resulting downtime, reputationdamage, and clean-up are much more difficult and can be much more expensivethan starting with security in mind This is definitely a case where an ounce ofprevention is worth a pound of cure

LIST OF TYPES OF CYBER ATTACKS

Malware

Starting with the malware So, what is malware? Malware is the short form

of malicious software Malware can be classified as the computer virus, Trojan,and Worm Malware can capture your device once it’s active, it can steal anddestroy information Malware spreads through email attachments, online sites,downloaded files, software and weak operating system So, how to prevent it?

Well, you can use anti-virus or antimalware tools for your device as a preventivemeasure Malware can attack your smartphone too So, you can also useantimalware tools for your smartphone.

Phishing

Those who know about cyber attacks, also know what phishing is Phishing

is a very disturbing and one of the most dangerous cyber threats of all time Thesole purpose if phishing is to fool the victim and to steal all the confidentialinformation such as address, bank account, password, card number and so on.Phishing spreads via email or even phone calls If you still aren’t really sure how it

can access any device, I would highly recommend you to get known with the cyber security tips which will learn you a lot and enable you a good night sleep The

hacker will send a fake link or webpage of your bank or any other companies or aperson you know When you’ll click on the link, or you’ll provide the information.You’re under the complete mess Maybe a ransomware will take over your device

or something else So, many virus tools provide scamming and phishing facilities

anti-Password Attack

Hackers don’t need any email messaging, code or fake links to make thisattack They can do it by cracking your password Hackers will use any specificpassword cracking tool to initiate this attack They will combine words, numberand other codes to break down any password Most of the time brute force attackhelps a hacker to gain any password So, always try to keep a complicatedpassword such as the alphanumeric password with upper and lower case letter It’squite tough to crack

DoS or Denial of Service

DoS attack is mainly used to disrupt the network connection The attackerwill keep sending the high volume of data or lots of connection request to make thenetwork overloaded DoS attack can make the service of a network dysfunctional

To prevent this attack, your service provider must have some plans to resolve theproblem Anyone can fall victim to this attack

Man in the Middle

MITM or the Man in the middle is the method by which a hacker will beable to impersonate the endpoint connection between you and a website or aserver A hacker can obtain any personal information such as messages, personalconversations, files, sensitive data and much more To prevent this attack, youmust update all the software and operating system on your device.

Malvertising

Malvertisement means malicious advertisement on the internet Hackers putsome malicious code inside the ad, and when you click on the malicious ad, themalware inside will start to download itself to your device Malvertising attack can

do serious harm to your device Ignore any disturbing, useless and unauthorized ad

Drive-by Download

You can face this problem just by visiting a website! An unusual downloadwill start automatically even without an action by the users Malware will beinstalled on your device, and you know what will happen next So, keep yoursoftware and operating systems updated

Rogue Software

This one kind of phishing technique Some unauthorized company willcreate some useful software, and they will put some malware inside Let’s make itclear, a malware masquerading as the software you use or you know is safe So, donot buy any software from unauthorized dealers or vendors

PHYSICAL SECURITY FOR SERVERS

“Physical security” is almost everything that happens before you start typingcommands on the keyboard It’s the alarm system that calls the police departmentwhen a late-night thief tries to break into your building It’s the key lock on yourcomputer’s power supply that makes it harder for unauthorized people to turn offthe machine It’s the locked computer room with the closed-circuit camera thatprevents unauthorized physical access to your servers and communicationsinfrastructure And it’s the uninteruptable power supply and power conditionersthat help to isolate your computers from the vagaries of the power grid

This part discusses basic approaches to physical security It is written forpeople who think that this type of security is of little or no concern—unfortunately,the majority of system administrators Despite the fact that physical security isoften overlooked, it is extraordinarily important You may have the best encryptionand security tools in place, and your systems may be safely hidden behind afirewall However, if a janitor working late at night for your cleaning servicedecides to steal a laptop or server that’s been left out on a table in somebody’scubicle, those other fancy defenses aren’t going to be much help.

Planning for the Forgotten Threats

Physical security is one of the most frequently forgotten forms of securitybecause the issues that physical security encompasses—the threats, practices, andprotections— are different for practically every different site and organization.Physical security resists simple treatment in books on computer security, asdifferent organizations running the identical system software might havedramatically different physical security needs To make matters worse, manypopular books on computer system security do not even mention physical security!Because physical security must be installed on-site, it cannot be preinstalled by theoperating system vendor, sold by telemarketers, or downloaded over the Internet aspart of a free set of security tools

Anything that we write about physical security must therefore be broadlystated and general Because every site is different, this chapter can’t give you a set

of specific recommendations It can only give you a starting point, a list of issues

to consider, and a suggested procedure for formulating your actual plan

The Physical Security Plan

The first step to physically securing your installation is to formulate awritten plan addressing your current physical security needs and your intendedfuture direction Ideally, your physical plan should be part of your site’s writtensecurity policy This plan should be reviewed by others for completeness, and itshould be approved by your organization’s senior management Thus, the purpose

of the plan is both planning and political buy-in

Your security plan should include:

• Descriptions of the physical assets that you are protecting

• Descriptions of the physical areas where the assets are located

• A description of your security perimeter—the boundary between the rest of theworld and your secured area—and the holes in the perimeter

• The threats (e.g., attacks, accidents, or natural disasters) that you are protectingagainst and their likelihood

• Your security defenses, and ways of improving them

• The estimated cost of specific improvements

• The value of the information that you are protecting

If you are managing a particularly critical installation, take great care informulating this plan Have it reviewed by an outside firm that specializes indisaster recovery planning and risk assessment Consider your security plan asensitive document: by its very nature, it contains detailed information on yourdefenses’ weakest points

A detailed security plan may seem like overkill for smaller businesses,some educational institutions, and most home systems Nevertheless, simplyenumerating the threats and the measures that you are using to protect against themwill serve you well in understanding how to protect your informational assets Isfire a possibility? If so, you may wish to invest in a fireproof safe for backups(cost: as little as $200), or you may wish to contract with an off-site backupprovider (cost: approximately $20/month per PC) Is theft a possibility? If so, youmay wish to purchase a lock for your computer (cost: approximately $30) Do youback up your server but not your desktop PCs? If so, you may wish to make surethat people in your organization know this, so that they store files on the fileserver, and not on their computer’s “desktop.”

If the very idea of planning is repulsive to you, then this aspect should bedelegated to someone in your organization who is more suited to the task At thevery least, you should ask yourself these five questions:

1 Does anybody other than you ever have physical access to yourcomputers?

2 What would happen if that person had a breakdown or an angry outburstand tried to smash your system with a hammer?

3 What would happen if someone in the employ of your biggest competitorwere to come into the building unnoticed?

4 If there were a fire in your building and the computers were renderedunusable, would the inability to access these systems cripple or destroy yourorganization?

5 If some disaster were to befall your system, how would you face yourangry users?

The Disaster Recovery Plan

You should have a plan for immediately securing temporary computerequipment and for loading your backups onto new systems in case your computer

is ever stolen or damaged This plan is known as a disaster recovery plan

Other Contingencies

Beyond the items mentioned earlier, you may also wish to consider theimpact on your computer operations of the following:

Loss of phone service or network connections

How will the loss of service impact your regular operations?

Vendor continuity

How important is support?

Can you move to another hardware or software system if your vendor goesout of business or makes changes you don’t wish to adopt?

Significant absenteeism of staff

Will this impact your ability to operate?

Death or incapacitation of key personnel

Can every member of your computer organization be replaced?

What are the contingency plans?

Protecting Computer Hardware

Physically protecting a computer presents many of the same problems thatarise when protecting typewriters, jewelry, and file cabinets As with a typewriter,

an office computer is something that many people inside the office need to access

on an ongoing basis As with jewelry, computers are valuable and generally easyfor a thief to sell But the real danger in having a computer stolen isn’t the loss ofthe system’s hardware but the loss of the data that was stored on the computer’sdisks As with legal files and financial records, if you don’t have a backup—or ifthe backup is stolen or destroyed along with the computer—the data you have lostmay well be irreplaceable Even if you do have a backup, you will still need tospend valuable time setting up a replacement system.Finally, there is always thechance that the stolen information itself, or even the mere fact that information wasstolen, will be used against you Your computers are among the most expensivepossessions in your home or office; they are also the pieces of equipment that youcan least afford to lose

To make matters worse, computers and computer media are by far the mosttemperamental objects in today’s homes and offices Few people worry that theirtelevision sets will be damaged if they’re turned on during a lightning storm, but a

computer’s power supply can be blown out simply by leaving the machine plugged into the wall if lightning strikes nearby Even if the power surge doesn’t destroy

the information on your hard disk, it still may make the information inaccessibleuntil the computer system is repaired

Power surges don’t come only during storms: one of the authors once had aworkstation ruined because a vacuum cleaner was plugged into the same outlet asthe running workstation When the vacuum was switched on, the power surgefatally shorted out the workstation’s power supply Because the computer was anaging Digital Pro 350 workstation with a proprietary disk interface and filesystem,

it proved to be cheaper to throw out the machine and lose the data, rather thanattempt to salvage the hardware and information stored on the machine’s disk Thisproved to be an expensive form of spring cleaning!

There are several measures that you can take to protect your computersystem against physical threats Many of them will simultaneously protect thesystem from dangers posed by nature, outsiders, and inside saboteurs.

Preventing Theft

Because many computers are relatively small and valuable, they are easilystolen and easily sold Even computers that are relatively difficult to fence havebeen stolen by thieves who thought that they were actually stealing somethingfungible As with any expensive piece of equipment, you should attempt to protectyour computer investment with physical measures such as locks and bolts

Physically secure your computer

A variety of physical tie-down devices are available to bolt computers totables or cabinets Although they cannot prevent theft, they make it more difficult

RAM theft

In past years, businesses and universities have suffered a rash of RAMthefts Thieves enter offices, open computers, and remove some or all of thecomputer’s RAM (see Figure 14-1) Many computer businesses and universitieshave also had major thefts of advanced processor chips RAM and late-model CPUchips are easily sold on the open market They are virtually untraceable And,when thieves steal only some of the RAM inside a computer, weeks or months maypass before the theft is noticed High-density RAM modules and processor cardscan be worth their weight in gold If a user complains that a computer is suddenlyrunning more slowly than it did the day before, check its RAM, and then check tosee that its case is physically secured

Encryption

If your computer is stolen, the information it contains will be at the mercy ofthe equipment’s new “owners.” They may erase it or they may read it Sensitiveinformation can be sold, used for blackmail, or used to compromise other computersystems You can never make something impossible to steal But you can makestolen information virtually useless—provided that it is encrypted and the thiefdoes not know the encryption key For this reason, even with the best computer-security mechanisms and physical deterrents, sensitive information should be

encrypted using an encryption system that is difficult to break We recommend youacquire and use a strong encryption system so that even if your computer is stolen,the sensitive information it contains will not be compromised.

Laptops and portable computers

Laptops and other kinds of portable computers present a special hazard.They are easily stolen, difficult to tie down (they then cease to be portable!), andeasily resold Personnel with laptops should be trained to be especially vigilant inprotecting their computers In particular, theft of laptops in airports has beenreported to be a major problem.* One way to minimize laptop theft is to make thelaptops harder to resell You may do this by engraving a laptop with your nameand telephone number (Do not engrave the laptop with your Social Securitynumber, as this will enable a thief to cause you other problems!) Alternatively, youmay equip your laptop with a property tag, such as those sold by Secure Tracking

of Office Property (see Figure 11-3) Laptop theft may not be motivated by resalepotential Often, competitive intelligence is more easily obtained by stealing alaptop with critical information than by hacking into a protected network Thus,good encryption on a portable computer is critical This can be accomplished usingbuilt-in software, such as the Windows 2000 Encrypted File System, or using anadd-on product, such as PGP Disk by Network Associates

Protecting Your Data

There is a strong overlap between the physical security of your computersystems and the privacy and integrity of your data After all, if somebody stealsyour computer, they probably have your data Unfortunately, there are manyattacks on your data that may circumvent the physical measures mentioned inearlier sections

This section explores several different types of attacks on data and discussesapproaches for protecting against these attacks It recapitulates some advice givenelsewhere in the book in a slightly different manner

Protecting Backups

Backups should be a prerequisite of any computer operation—secure orotherwise— but the information stored on backup tapes is extremely vulnerable.When the information is stored on a computer, the operating system’s mechanisms

of checks and protections prevent unauthorized people from viewing the data (andcan possibly log failed attempts) After information is written onto a backup tape,anybody who has physical possession of the tape can read its contents

For this reason, protect your backups at least as well as you normally protectyour computers themselves

Here are some guidelines for protecting your backups:

• Don’t leave backups unattended in a computer room that is generally accessible.Somebody could take a backup and then have access to all of the files on yoursystem

• Don’t entrust backups to a messenger who is not bonded

• Sanitize backup tapes before you sell them, use them as scratch tapes, orotherwise dispose of them (See the section called “Sanitizing Media BeforeDisposal” later in this chapter.)

• Most backup programs allow you to encrypt the data before it is written to abackup Encrypted backups dramatically reduce the chances that a backup tape orCD-ROM, if stolen, will be usable by an adversary If you use a cryptographicbackup system, it is important that you protect your key—both so that an attackerwill not learn the key, and so that your key will not be lost in the event that youhave a change of staff

Key Switches

Some kinds of computers have key switches that can be used to prevent thesystem from being rebooted in single-user mode Some computers also have ROMmonitors that prevent the system from being rebooted in single-user mode without

a password For instance, all new Macintosh systems have support in their OpenFirmware for a password to control boot configuration access

Key switches and ROM monitor passwords provide additional security andshould be used when possible However, you should also remember that any

computer can be unplugged The most important way to protect a computer is torestrict physical access to that computer.

Personnel

The people who have access to your system may not all have your bestinterests in mind We’ve heard stories in home environments where playmates ofchildren have introduced viruses into home office systems, and where spouseshave scoured disks for evidence of marital infidelity—and then trashed systemswhere they have found it In business environments, there are stories of cleaningstaff and office temps who have been caught sabotaging or snooping on companycomputers

You may not be able to choose your family, but you can have some impact

on who accesses the computers at your company location You can do this withbackground checks (it is amazing how many people don’t adequately checkreferences) and periodic rechecks Depending on the nature of your business andthe laws in place governing employment law, you may also be able to executecredit checks, lie detector tests, and criminal background checks You may even beable to execute a security clearance requirement You can also require thatpersonnel be bonded—special assurance from a third party that the individual istrusted, in which the third party performs the background investigation

Examples of people whose backgrounds should be examined include:

• System operators and administrators

• Temporary workers and contractors who have access to the system

• Cleaning and maintenance personnel

• Security guards

• Delivery personnel who have regular or unsupervised access

• Consultants

The personnel who do have access should be trained about security and lossprevention and periodically retrained Personnel should also be briefed on incidentresponse procedures and on the penalties for security violations.

What We Found

After a brief, three-hour inspection, the company had some secondthoughts about its security Even without a formal site audit, the followingitems were discovered during our short visit

Fire hazards

• All of the company’s terminal and network cables were suspended from hangersabove false ceilings throughout the buildings Although smoke detectors andsprinklers were located below the false ceiling, none were located above, where thecables were located If there were a short or an electrical fire, it could spreadthroughout a substantial portion of the wiring plant and be very difficult, if notimpossible, to control No internal firestops had been built for the wiring channels,either

• Several of the fire extinguishers scattered throughout the building had noinspection tags or were shown as being overdue for an inspection

Potential for eavesdropping and data theft

• Network taps throughout the buildings were live and unprotected An attackerwith a laptop computer could easily penetrate and monitor the network;alternatively, with a pair of scissors or wirecutters, an attacker could disableportions of the corporate network

• An attacker could get above the false ceiling through conference rooms,bathrooms, janitor’s closets, and many other locations throughout the building,thereby gaining direct access to the company’s network cables A monitoringstation (possibly equipped with a small radio transmitter) could be left in such alocation for an extended period of time

• Many of the unused cubicles had machines that were not assigned to a particularuser, but were nevertheless live on the network An attacker could sit down at a

machine, gain system privileges, and use that machine as a point for further attacksagainst the information infrastructure.

• The company had no controls or policies on modems, thus allowing any user toset up a private SLIP or PPP connection to bypass the firewall

• Several important systems had unprotected backup tapes on a nearby table orshelf

• Strangers walking about the building were not challenged Employees did notwear tags and apparently made the assumption that anybody on the premises wasauthorized to be there

Physical access to critical computers

• Internal rooms with particularly sensitive equipment did not have locks on thedoors

• Although the main computer room was protected with a card key entry system,entry could be gained from an adjacent conference room or hallway under theraised floor

• Many special-purpose systems were located in workrooms without locks on thedoors When users were not present, the machines were unmonitored andunprotected

Possibilities for sabotage

• The network between two buildings consisted of a bidirectional, fault-tolerantring network But the fault tolerance was compromised because both fibers wererouted through the same unprotected conduit

• The conduit between two buildings could be accessed through an unlockedmanhole in the parking lot An attacker located outside the buildings could easilyshut down the entire network with heavy cable cutters or a small incendiary device

Nothing to Lose?

Simply by walking through this company’s base of operations, wediscovered that this company would be an easy target for many attacks, bothcomplicated and primitive The attacker might be a corporate spy for a competingfirm, or might simply be a disgruntled employee Given the ease of stealingcomputer equipment, the company also had reason to fear less-than-honestemployees Without adequate inventory or other controls, the company might not

be able to discover and prove any wide-scale fraud, nor would they be able torecover insurance in the event of any loss Furthermore, despite the fact that thecompany thought that it had “nothing to lose,” an internal estimate had put the cost

of computer downtime at several million dollars per hour because of its use incustomer-service management, order processing, and parts management Anemployee out for revenge or personal gain could easily put a serious dent into thiscompany’s bottom line with a small expenditure of effort, and with little chance ofbeing caught Indeed, the company had a lot to lose

ABOUT SSL

SSL is the Secure Sockets Layer, a general-purpose protocol for sending

encrypted information over the Internet Developed by Netscape, SSL was firstpopularized by Netscape’s web browser and web server The idea was to stimulatethe sales of the company’s cryptographically enabled web servers by distributing afree client that implemented the same cryptographic protocols

Since then, SSL has been incorporated into many other web servers andbrowsers, and by now support for SSL is no longer a competitive advantage but anecessity SSL has gone through two major versions In 1996 the InternetEngineering Task Force Transport Layer Security (TLS) was established to create

an open stream encryption standard The group started with SSL 3.0 and, in 1999,published RFC 2246, “TLS Protocol Version 1.0.” RFC 2712 adds Kerberosauthentication to TLS RFC 2817 and 2818 apply to TLS using HTTP/1.1 Thischapter introduces SSL and TLS Appendix B provides detailed technicalinformation

What Is SSL?

SSL is a layer that exists between the raw TCP/IP protocol and theapplication layer While the standard TCP/IP protocol simply sends anunauthenticated, error-free stream of information between two computers (orbetween two processes running on the same computer), SSL adds numerousfeatures to that stream, including:

• Authentication of the server, using digital signatures

• Authentication of the client, using digital signatures

• Data confidentiality through the use of encryption

• Data integrity through the use of message authentication codes

Cryptography is a fast-moving field, and cryptographic protocols don’twork unless both parties to the communication use the same algorithms For thatreason, SSL is an extensible and adaptive protocol When one program using SSLattempts to contact another, the two programs electronically compare notes,determining the strongest cryptographic protocol that they share in common Andthis exchange is called the SSL Hello

SSL was designed for use worldwide, but it was developed in the UnitedStates when the U.S restricted the export of strong cryptography For this reason,SSL was designed with many features intended to conform with the U.S.government’s older, more restrictive policies on the export of cryptographicsystems (described in Chapter 4)

SSL Versions

The SSL protocol was designed by Netscape for use with NetscapeNavigator Version 1.0 of the protocol was used inside Netscape Version 2.0 ofthe protocol shipped with Netscape Navigator Versions 1 and 2 After SSL 2.0 waspublished, Microsoft created a similar secure link protocol called PCT, whichovercame some of SSL 2.0’s shortcomings The advances of PCT were echoed inSSL 3.0 The SSL 3.0 protocol is the basis for the TLS protocol developed by theIETF Implementations of SSL 3.0/TLS are present in Netscape Navigator,Microsoft Windows, and the open source OpenSSL library

SSLv3 and TLS allow for connections that are not encrypted but areauthenticated and protected against deliberate tampering by a sophisticatedattacker This might be useful in circumstances where encryption is forbidden orseverely restricted by law

The choice of algorithms and key lengths is determined by the SSL server,but is limited by both the server and the client

Using SSL to Send Credit Card Numbers Securely

One of the most common questions asked by people new to SSL is, “How

do I use SSL to send a credit card number securely?” The answer to this question issurprisingly straightforward—assuming that you have a web server that iscryptographically enabled

The whole point of SSL is to hide the complexities of cryptography fromboth users and developers If your users are using an SSL-aware web browser, such