Wednesday, August 14, 2019
Internet security Essay
Modern technologies have inevitably changed the social, economic, political, and professional aspects of lives across the globe. Such technologies have brought with them reliability and efficiency of communication and execution of electronic financial transactions, evident in E-commerce. According to statistics, electronic financial transactions over the internet have grown by over 70% during the past on decade compared to its prominence during the 1990s (Ena 2008, p. 14). This has been attributed to the fact that small business are increasingly engaging in the competitive business advantage of online marketing for their products, a practice that was earlier dominated by big corporations. Nevertheless, electronic financial transactions over the internet are marked with numerous security threats. Security threats attributed to electronic financial transactions are not only a potential infringement to our right to privacy, but have been a source of economic loss for individuals and institutions. Among these threats, internet fraud, identity theft, and network hacking are the most commonly identified threats to the reliability of internet-based financial transactions (Glaessner, Kellermann, & Mcnevin, 2002). However, the government, security software scientists, and financial institutions have engaged in concerted efforts in promoting security of online financial transactions. In this essay, the author will identify and discuss the different kinds of security threats relevant to financial transactions over the internet, their nature, severity, and the actions that have been taken or can be taken to address the threats and their effectiveness. Case studies of actual security incidents will be given to support the analysis. The problem of security threats on internet-based electronic financial transactions has been identified as a major drawback to sustainable embracement of the competitive advantages brought by this unique technological advancement in the community. Although the actual economic damages caused by internet crime is hard to assert, a consensus between law enforcement and IT scientists has it that over $500 millions are lost in the USA alone due to internet related crimes (Glaessner, Kellermann, & McNevin, 2009). There are numerous security threats to electronic financial transactions over the internet. Identity theft and fraud is a quite common form of security to internet-based funds transfer. Identity theft is the act of using the identity of another person to illegally gain financial advantages (Glaessner, Kellermann, & McNevin, 2009). To achieve this, perpetuators engage in misrepresentation of information to lure their target victims to conduct a financial transaction or provide personable information such as credit card number and password. Numerous research findings have found that the process of acquiring another personÃ¢â¬â¢s details is realised through use of e-mail messages (mainly spam) or using fake websites to entice potential victims (Glaessner, Kellermann, & McNevin, 2009). Such information is used in executing activities such as conducting unauthorised emptying of the victimÃ¢â¬â¢s account and opening and operating an account in the victims name and failing to settle its associated bills. This leads not only to loss of funds by the victim but also source of debt as financial institution seek account bill charge payments from the victim. According to statistical evidence from the Internet Crime Compliant Center, of the internet crime cases reported in 2008, an estimated 13 percent involved fraud and identity theft (Maclean 2009). Further, the statistics have indicated that such a figure is quite low given that most incidences of internet crime activities go unreported. Still on fraud as a security threat to internet-based financial threats is the problem of non-delivery of goods and services. A quick browse into most websites in the internet, one finds many sites promising lucrative employment or business opportunities. However, most of these engage in dictating for payment of services that are non-existent. FBI reports have it that over 27 percent of internet fraud activities involve payments for non-existent business and employment opportunities (Ena 2008, p. 18). Another form of electronic financial transactions over the internet is the confidentiality threat brought by malicious computer programs. In the recent past, the information technology has witnessed an increase in the number and complexity of malicious computer programs. The most common types of malicious programs are virus and worms, which serve to corrupt executable computer programs (Organization for Economic Co-operation and Development 2007). Through this, the authorised suffer the costs of losing their confidential information saved in the machine or network. Moreover, distributed access denial programs are a major threat to the reliability of online financial transfer. This is because they compromise their ability of an authorised individual to access, transact, and/or monitor their electronic financial accounts. Nevertheless, Trojan horse, backdoors, and rootkits are the main threats to electronic financial transactions over the internet given their capability to gain access into personal accounts without detection by the user. Trojan horse and backdoors computing are the most destructive malicious programs to the security on internet financial accounts and networks. Trojan horse computing for example gives the capability of ensuring continued operation of the system (they prevent attempts to shutdown the system) once it has been installed in the system (Glaessner, Kellermann, & McNevin, 2009). This gives the perpetuators of the crime adequate time to execute practices such as remotely accessing personal information as well as conducting unauthorised electronic financial transfers from their accounts. On the other hand, backdoors computing serves the purpose of compromising the security of an attacked system to enhance easy unauthorised access in the future (Glaessner, Kellermann, & McNevin, 2002). To achieve this, this computing technique allows for the creation of bypass into the attacked networks to compromise its normal authentication requirements. This has been blamed for potential long-term security attacks to electronic financial transactions accounts over the internet. Rootkits are found to protect malicious computer programs from being detected or deleted by the user upon installation into the system, thus allowing for ease corrupting of personal accounts as well as the network connections (Maclean 2009). Thus malicious computer programs are a real threat to internet-based financial transactions. In addition, confidentiality fraud has gained much important as a security threat to electronic financial transactions over the internet. The right to privacy is a fundamental individual right. This is more crucial in financial transaction as it protects sustainable realisation of social and economic development among community members. On the contrary, it is estimated that an estimated 14 percent of internet based crime activities engage in privacy frauds. Such problems are instigated by hacking practices (Khosrowpour 2000, p. 76). Hacking as a threat to individual privacy involves actions that allow the remote access of confidential personal or institutional information. Thus, hacking threatens individual privacy as well as security of online financial transactions. Following the appreciation of the competitive advantage brought by electronic financial transactions over the internet compared to other modes, much concerted efforts have been engaged by the key stakeholders in the field in promoting its security. First, the government as the custodian of the social and economic aspects of its citizens has enacted and enforced numerous laws governing electronic funds transfer. Such include the Electronic Funds Transfer Act of 1978. This act defines numerous rights, responsibilities, and liabilities for participants involved in electronic funds transfer (Ena 2008, p. 9). According the law, the victims of erroneous electronic transactions should communicate with the financial institution not later than sixty day. On the other hand, the financial institutions are bound by the law to investigate and resolve such error within 45 days. In addition, customers should report loss of credit cards to their financial institutions to mitigate potential illegal transactions. To realise this, the Electronic Funds Transfer Act dictates that financial institution should provide its customers with reliable contact number for enhancing communication (Ena 2008, p. 19). Another important law in mitigating security threats on online financial transactions is the Patriotic Act which provides for increased government surveillance on the internet. The purpose of law is to mitigate terrorism activities over the internet such as communication and transfer of fund online for funding terrorism activities. This law gives the law enforcement agents the legal authority to tap internet communication between suspected crime offenders. Such has the implication that these provisions can significantly aid in promoting the war on online transaction security threats. On the other hand, commercial and constitutional laws are quite effective in prohibiting illegal electronic transaction. This is evident from the fact that fraud and identity theft activities remain a criminal act according to the commercial laws of America (Ena 2008, p. 19). Moreover, the right to privacy is sufficiently protected by the provisions of the first amendments to the civil rights bill of the American constitutions. Still, the American government has established the Internet Crime Compliant Center which is responsible for documenting incidences of internet crime activities. This body is a partnership of the FBI and the National White Collar Crime Center. In addition, the organisation works closely with local and international law enforcement agencies in qualifying the dynamic patterns internet crime activities. The security software scientist community on the other side has engaged numerous resources in the designing and production of highly reliable security safeguard software for protecting the authenticity of online financial transaction. It is worthy noting that the process of innovation in the software development has been on the hike over the past one decade (Carey 2001, p. 45). This can be evident from the numerous software outsourcing and direct investment by major software corporations across the globe. Through this, these companies enjoy the competitive advantage of tapping and taming the best brains in the IT field for promoting viable solutions to internet crime activities. Further, internet providers have employed qualified network administrators for preventing, identifying, and reporting incidences of internet related criminal activities. On the other side, financial institutions are marked with the responsibility of ensuring safety of financial transactions and storage for their customers. This is the reason behind effective monitoring practices that have been put in place by these institutions in safeguarding confidential institutional and customer information. It is a common practice for financial institutions to engage in constant changing of their network authentication codes. This serves to complicate the process of internet crime perpetuators gaining unauthorised entry into their networks. Another precaution taken by these institutions is closely monitoring financial transaction and blocking as well as reporting suspicious activities to the relevant authorities for legal actions (Glaessner, Kellermann, & Mcnevin 2009). To achieve this goal, most financial institutions engaged in electronic financial transaction over the internet contract IT professional company to manage their networks. This outsourcing practice brings with it the advantage of speciality, an element that ensures quality and reliable services in promoting online transactionsÃ¢â¬â¢ security. Nevertheless, the war against electronic financial transactions over the internet security threats remains a major concern to the reliability of this modern funds transfer technology. This has been blamed to the lack of awareness among members of the general public (Khosrowpour 2000, p. 4). True to the later, the process of qualifying the exact economic loss caused by insecurity on internet-based financial transactions is complicated by the fact that only a few cases of the incidences are reported to the relevant authority. Therefore, the war on internet security issues should ensure adequate awareness of the public on how to identify these crimes, prevent them, and/or were to report them. In addition, the global community should seek to establish a unifying law against internet crime as a way of increasing cooperation in the process through elimination of existing bureaucracies. All in all, the problem of electronic financial transactions over the internet security threats remains a major challenge to the reliability of this technological advancement in the society. This is because of the ever changing tactical attacks and innovations employed by internet crime offenders to promote their criminal interests (Carey 2001, p. 102). Some of the mostly cited instruments for promoting insecurity in internet-based financial transaction are malicious computer programs such as Trojan horses, rootkits, and backdoors. This is due to the fact that such programs are capable of hindering from the system user while still compromising the systems authentication provisions, thus allowing for remote access by unauthorised persons. Such call for the government, software scientists, and financial as well as all other stakeholders to invest more resources in the war against internet transactions insecurity. This should put into consideration the need for promoting public awareness on the nature of internet crimes and were to report them as well as viable prevention measures.