Assume you are the owner of an e-commerce Web site. What are some of the signs that your site has been hacked? Discuss the major types of attacks you could expect to experience and the resulting damage on your site. Prepare a brief report based on your findings.
QUESTION 2
You are required to propose web site development to one of the IT entrepreneurs in your area. Consider there are two options for building the site in-house with existing staff, or outsourcing the entire operation. Discuss which options are in the company's best interest and the reason for choosing that option. Provide pros and cons for each option. Prepare a report based on your findings.
TABLE OF CONTENT
NO
CONTENT
PAGE
1
Introduction
4
2
Answer For Question 1
5 - 8
3
Answer For Question 2
9 - 13
4
Conclusion
14
5
Bibliography
15 - 16
6
Appendix
17 - 22
INTRODUCTION
The concept of e-commerce is about using the Internet to do business better and faster. It is about giving customers controlled access to your computer systems and letting people serve themselves. It is about committing your company to a serious online effort and integrating your web site with the heart of your business. The Internet's role in business can be compared to the telephone. It is a way for people to communicate with each other. It is also a way for a consumer to communicate with a company's computer systems without human intervention. In fact, the Internet is a communication medium like many others we use in business every day. The first question is to discuss about the signs that an e-commerce web site has been hacked and the major attacks that the web site was damage. The second question to be discussed is to build a web site with in-house existing staff or outsourcing. We will choose one of the option and discuss the pros and cons for the entire operation.
Main Body
There are few signs that a website has been hacked. There are few types of threats that can affect the website. Consider all of the possible threats that cause attacks on systems. These will include malicious attackers, non-malicious threats, and natural disasters. The figure below classifies the various threats to systems. There are possible damages can range the gamut from minor computer glitches to catastrophic data loss. Moreover the damage caused to the system will depend on the type of attack. Lab tutors can use a test or lab environment to clarify the damages resulting from different types of attacks, if possible. This test will enable security personnel to see the physical damage caused by an experimental attack. Not all attacks will cause the same damage at the same time. To recover the malicious attack we can simulate the malicious virus attack, note the time required to recover one computer and multiply that by the number of computers infected in the system to ascertain the amount of downtime or loss of productivity. The most famous attack is if visitors report to you that they get viruses or antivirus alerts from browsing your pages, it usually means your site has been hacked. Google and Yahoo will soon start displaying malware warnings about your site. It is, however, possible for your pages to deliver viruses even if your site hasn't been hacked. This can occur when your pages pull some of their content from third parties such as advertisers, and they got hacked or someone slipped a malicious advertisement into their lineup. Above are the examples that a website has been hacked.
More to the point, if you or other people try to visit your website but get automatically taken to some other website in its place, it's another symptom of being hacked. It's a similar situation to the two described above and will finally earn a Google or Yahoo. The next sign is your traffic decreases suddenly and dramatically, most web surfers stay away from sites that have the warning "This site may harm your computer". Those who continue to the site and get a virus or antivirus alert will leave without delay and not browse around. Either way, you'll see a drop in traffic. Anytime your traffic drops suddenly, we have to investigate. If your pages suddenly be full of links, text, or other objects you didn't put there, it's an indication you've been hacked. The source code of your pages the text in your htm, html, or php files, for example should always stay the same as it was when you created it. If it changes, it's a sign someone figured out how to break into your site and change it. That should never happen. One exemption is that free webhosts sometimes require that you allow them to put ads into your pages. Infrequently someone thinks they've been hacked when it's really just the webhost's advertising code. If so you are in doubt and you use free hosting, read the Terms of Service of your hosting plan and get rid to solve the problem.
This is just like the signs above, except there are entire new files. It can be harder to make a decision about new files because a site usually does contain files you didn't put in your website many of them necessary for proper functioning, although most are in folders whose names are an indication of what they're for. You can study text files to see if their contents look suspicious. We must not delete files just because we don't be familiar with them. Once you're afraid you might have been hacked, everything can look suspicious, even things that were always there that you just never noticed before. Additionally when your site appears in search result listings, the pages listed should be pages that you know really exist, and the text shown should be related to what your site is about, if the listings suddenly show weird-named pages or text about topics unrelated to your site's content, it's also the sign that your website is been hacked. The important aspect of monitoring your site is to notice unusual changes, things that are different from normal, so make a habit of paying attention now to what is normal and usual, while your site is not hacked. In order to launch an attack, a malicious attacker needs a method, tool or technique to exploit various vulnerabilities in systems, security policies, and controls. A malicious attacker can use different methods to launch the same attack. Therefore, the defence strategy must be customized for each type of method used in each type of threat. Once more, it is important that security professionals keep current on the various methods, tools, and techniques used by attackers. A detailed discussion of these can be found in "Security Threats." Following are the examples of social attack of the website: Denial of service attacks, Viruses, Worms and Trojan horses.
Types Of Social Attack
Definition
Denial of service attacks
A denial-of-service attack is categorized by an explicit attempt by attackers to prevent lawful users of a service from using that service. There are two common forms of DoS attacks: those that crash services and those that flood services. Attacks can be concentrating at any network device, plus attacks on routing devices and web, electronic mail, or Domain Name System.
Viruses
A computer virus is a computer program that can copy itself and transmit a disease to a computer. The term "virus" is also usually but used to refer to other types of malware, together with but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another in some form of executable code when its host is engaged to the target computer for illustration because a user sent it over a network or the Internet, or passed it on a removable medium such as a floppy disk, CD, DVD, or USB drive.
Worms
A computer worm is a self-replicating malware computer program, which uses a computer network to post copies of itself to other nodes computers on the network and it may do so without any user interference. This is due to security shortcomings on the target computer. Dissimilar a computer virus, it does not need to attach itself to an existing program. Worms nearly always cause at least some harm to the network, even if only by consuming bandwidth.
Trojan Horse
Trojan horse is software that appears to perform a desirable function for the user prior to run or install, but possibly in addition to the expected function steals data or harms the computer system.
Sensation Enterprise is a company that is going on very well in furniture business. The company was doing on well by their branches. But the company needs a website that customers can purchase or choose their preferred furniture and start their online purchasing system as well. Therefore, the company has taken a decision to hire a programmer to build a website for them instead of building the web site with their own existing staff.
As we know there are some reasons why we hire others to build a web site instead of doing it by our own to make our business grow well. The first reason that we're going to talk about is superiority of the work. If you hire someone that is an expert in a given field you should be getting expert results which means high quality. This type of quality is something that you almost certainly can't do yourself. Let's go through a quick example here to help make this a bit clearer for you. In the online business world websites are very important. Now you can go out there and build your site yourself or you could use up the money and hire someone that has built a couple of hundred sites. Odds are the site that you would have hired someone to build for you will look and operate much better than the one that you would have built. Timeframe for results is the second thing that we're going to talk about here. What's the timeframe means is the length of time that it takes to get a project done. The fast projects get done, the faster your business starts making more money. So by hiring an specialist that already knows what they're doing, the project that you hired them for will get complete much quicker than if you tried learning and doing it on your own.
So let's look at getting a site built. Chances are you've never built a website before so it could easily take you a month or more to figure out what to do and then get a site up onto the internet. But if you hire someone that builds sites for a income, they could probably build and launch the site in the matter of a week or two depending upon how big the site is. That's a enormous difference in time for you and for your business. The third point that we're going to get into is really spawned off of the first two points. What I'm talking about it your time. See when you hire someone to do work for you it means that you don't need to do it anymore and you now have that time that you would have spent on it to do other things. Now with an online business this is really important because you most disobediently have lots of things to do like product development, relationships to form, marketing research, structuring the business as a whole. All of these things are very important to your businesses income.
So don't be afraid to take that choice and master the skill of outsourcing tasks for your business. The quicker that you do this the quicker your business will be able to rapidly expand and engender more income for you.
The pros and cons is more to the advantages but not the disadvantages. It cannot be denied that outsourcing web development has some disadvantages that lead to some lack of confidence in the companies setting up to adopt this system. There could be security issues, communication problems, cultural hurdles and bitterness among employees and local service providers. But in spite of these initial drawbacks, outsourcing web development has emerged as a viable substitute. In these difficult times, it is a solution that cuts down on capital investment, which is a great benefit for most companies. It is also incontestable that the developing nations like India and others have an excellent skill-driven professionals and an efficient IT infrastructure. When the initial hiccups are dealt with and overcome, there is a marked upgrading in productivity and speedy turnaround time. All the web development applications are carefully modified to needs and the in-depth knowledge of scripting languages and diverse platforms work to the advantage of the customer.
Web developing in outsourcing.
Advantages
Disadvantages
Outsourcing your non-core activities will give you more time to think on your core business processes.
When you begin to outsource your business processes, you might find it difficult to manage the offshore provider when compare to managing processes within your business.
With outsourcing your organization can experience increased good organization and productivity in non-core business processes.
Off shoring can create prospective redundancies for your organization
Outsourcing can help you make more efficient your business operations.
The employees in your organization might not like the idea of you outsourcing your processes and they might state lack of interest or lack of quality at work.
Your organization can save on investing in the latest technology, software and infrastructure as your outsourcing colleague would be investing in these.
In outsourcing, you may mislay your control over the process that is outsourced.
Outsourcing can assist your organization to free up its cash flow.
With outsourcing, your organization might undergo from a lack of customer focus
Outsourcing can give your business a spirited advantage as you will be able to increase productivity in all the areas of your business.
At times, it is more cost-effective to carry out a particular business process, rather than outsourcing it.
In-House And Outsource Web Development Graph From Year 2007 To 2010.
Conclusion
At the end of the project we have discussed about the signs that a web site has been hacked, the major attacks that can affect the web site caused damage. We have also discussed the examples of the threats. Furthermore we have gone through the advantages of using outsource to build a web site for business. Therefore we have learned and get more knowledge by discussing all those question regarding IT. The company should start earning more fast by using outsource to build their web site. We can conclude that the discussion above is a part of knowledgeable outcomes that can be used as reference for the third party.
Bibliography
Wikipedia.com
Google images
Electronic Commerce: The New Business Platform for the InternetElectronic Commerce: The New Business Platform for the Internet
by Debra Cameron
This excellent report provides critical information for developing an effective E-commerce strategy, addresses both business to business and consumer driven E-commerce, and explains how a business of any size can achieve cost savings - and expand their base of trading partners and customers - through E-commerce.
The Consultant's Guide to Getting Business on the InternetThe Consultant's Guide to Getting Business on the Internet
by Herman Holtz
To independent consultants and freelancers, the Internet is opening up almost limitless networking possibilities--quickly and economically. In this hands-on resource, Herman Holtz shows consultants in every field just where on the Internet they'll find a market for their specific services.
E-Commerce in the Asian Context : Selected Case Studies ebrary Reader
Author: Lafond, Renald Sinha, Chaitali
Publisher: IDRC Books
Original Publication Date: 2005
Subjects: Electronic commerce -- Asia -- Case studies.
Show Table of Contents Find Similar EndNote & Citavi RefWorks Add to My Bookshelf
Author: Emerald Insight Staff
Publisher: Emerald Group Publishing Ltd
Original Publication Date: 2005
Subjects: Commerce. Electronic commerce.
Show Table of Contents Find Similar EndNote & Citavi RefWorks Add to My Bookshelf
Control and Security of E-Commerce ebrary Reader
Author: Smith, Gordon E.
Publisher: Wiley
Original Publication Date: 02/2004
Subjects: Electronic commerce -- Security measures. Business enterprises -- Computer networks -- Security measures.
Show Table of Contents Find Similar EndNote & Citavi RefWorks Add to My Bookshelf
