Overall size and losses of cybercrime
unclear
Reporting issues
2013 survey: Average annualized cost of
cybercrime was $11.56 million/year
Underground economy marketplace:
Stolen information stored on underground
economy servers
What Is Good E-commerce Security?
To achieve highest degree of security
New technologies
Organizational policies and procedures
Industry standards and government laws
Other factors
Time value of money
Cost of security vs. potential loss
Security often breaks at weakest link
The Tension Between Security and
Other Values
Ease of use
The more security measures added, the more
difficult a site is to use, and the slower it
becomes
Public safety and criminal uses of the
Internet
Use of technology by criminals to plan crimes or
threaten nation-state
Security Threats in the
E-commerce Environment
Three key points of vulnerability in
e-commerce environment:
1. Client
2. Server
3. Communications pipeline (Internet
communications channels)
Most Common Security Threats in the
E-commerce Environment
Malicious code (malware) – threat at both
client and server level
Exploits and exploit kits
Drive-by downloads
Viruses
Worms
Ransomware
Trojan horses
Backdoors
Bots, botnets