What Are Some External & Internal Threats to an eCommerce Website?by Gissimee Doe
E-commerce involves a business transaction over an electronic system or utilizing electronic systems. An e-commerce website involves electronic transactions over the Internet, an intranet or an extranet. E-commerce websites utilize internal networks that may interface with the World Wide Web. The nature of e-commerce introduces internal and external risks to both the website and the business systems to which it connects. External threats to an e-commerce website come from many sources, including the electronic economic environment and risks associated with the external Internet and related networks. Internal threats come from employees, the internal network and business processes, and from management.
One of the greatest internal threats to an e-commerce website is poor management. If management is not committed to ensuring security and providing budgets for purchasing antivirus software licenses and for keeping the internal networks robust, the e-commerce website is vulnerable to attack. Any internal systems to which it is connected are also vulnerable. Ideally, management should commit to regular IT security audits of the system to ensure that security is optimized and any potential problems are prevented or handled as soon as they occur. In smaller businesses, management may have other priorities and leave the e-commerce site vulnerable by default.
An e-commerce website is vulnerable to fraud from both internal and external sources. Fraudulent activities include credit card fraud, which exposes the site to threat from customers and external sources, and internal fraud, such as fraudulent transactions being entered into the system from the back-end by rogue employees. Fraudulent transactions can also be introduced into the system by hackers or Trojan horses, with such fraudulent transactions appearing identical to real customers' transactions.
E-commerce security issues relate to the internal business network and the interface between the customer’s transactions and the network. Hackers pose a threat to the security of the network with denial of service attacks, which can overwhelm a site and knock it offline or theft of customer personal financial information when they gain access to internal systems via an e-commerce website's vulnerabilities. These threats can be mitigated by using a firewall between the website and the internal network, and by encrypting the transactional data in such a way that prevents decoding.
Computer viruses and malicious software are some of the biggest threats to an e-commerce website. Viruses originate from external sources and can corrupt files if introduced into the internal network. They can completely halt or destroy a computer system and disrupt the operations of the website. Malicious software such as Trojan horses or worm-type viruses pose an even greater threat as they can destroy or capture information on the client side before any encryption software can take effect. They can also impersonate customers and pass bad or malicious codes into the server running the website, where it becomes an internal problem.
- Zinco79/iStock/Getty Images