Internet Security Essay

During the past ten years, the intensiveness and var. of electronic fiscal transactions have accessiond dramatic in ally. The last decade was characterised by the rapid spreading of monetary transactions involving the manipulation of online and/ or remote tools. E- helpings and e-transactions have become an essential subdivision of the postmodern expert reality. As the number of online monetary services increases, so do the number and variety of protection threats. Small and large companies are equally vulnerable to the risks of guarantor br to each onees in variant types of financial transactions.These threats are becoming more and more complex and rear take full advantage of the existing net bleed and application vulnerabilities. The current state of technology provides numerous bases to the existing and emerging security threats however, the advantage of the proposed countermeasures will depend on how well personal credit linees realise the knockoutness of th e major security threats and are fain to invest additional resources in the development and implementation of the complex security strategies. Security threats and statistical breeding The current state of literatureA wealth of literature was written about the most serious security threats and the financial losses which security breaches and various types of dodging vulnerabilities cause to large and small businesses. The percentage point between 2006 and 2008 was marked with the slight decrease in the number of financial frauds and security breaches in financial operations U. S. Federal Trade Commission asserts that frauds as a percentage of online revenue in the joined States and Canada has decreased slightly over the past few years and stabilised at 1. 4 percent in 2008 (Paget 2009).Meanwhile, the losses caused by security breaches and financial fraud display a marked increase in 2008 alone, the American market lost over $4 billion due to security breaches and financial fra uds (Paget 2009). This is a 20 percent increase compared with 2008 (Paget 2009). habituated the new trends in technology-related financial services and businesses endeavour to reduce their transaction costs, the development of new methods of e-payment and the use of open architectures will create new technological challenges for professionals and new fraud opportunities for hackers (Glaessner, Kellermann & McNevin 2002).The current state of literature provides the basic overview of the most serious security threats and proposes singular solutions businesses and individuals can take to address these threats. Financial transactions and security threats what literature says The discussion of security threats in the context of e-financial transactions is one of the most popular topics in scholarly literature. Today, the rapid growth of wireless technology and the increasing role of wireless solutions in day-to-day financial operations turn electronic security into the issue of the major public concern.Numerous authors tried to identify the most important security threats and to categorise them according to their severity and define the risks they pose to the stability of the financial e-flows. For example, Glaessner, Kellerman and McNevin (2002) state that the most snitch problems in the financial transactions arena include (a) insider abuse, (b) identity theft, (c) fraud, and (d) hacking. Cate (2005) concentrates on the discussion of identity-based fraud and suggests that posting fraud, true identity fraud and synthetic identity fraud are the three most browse forms of security threats in online financial transactions.In this context, Keller et al. (2005) seem the most objective and detailed in their observation of the existing security threats and financial transaction issues. According to Keller et al. (2005), the first generation of vulnerabilities started in the middle of the mid-eighties and took a form of boot viruses that affected computers and n etworks over the course of weeks the next generation of viruses was spread by means of macros and e-mails. Denial-of-service attacks became prevalent in the middle of the 1990s and still present one of the basic problems in financial transactions domains (Keller et al. 2005).New types of threats include worms that affect individual and multiple computers and networks, and can easily self-replicate to sully large number of users (Keller et al. 2005). Trojans are used extensively to err passwords or create back doors on computers, compromising network security (Keller et al. 2005). Keller et al. (2005) believe that the rapid expansion of spyware and malware are of particular concern to IT specialists and business people these programmes are downloaded into computers without users knowledge or consent, typically run in the background, track personal information and execute damaging commands.Statistically, every PC contains approximately 27. 5 pieces of various malicious programmes ( Keller et al. 2005). Fortunately, IT professionals actively work to develop effective countermeasures against the most sophisticated security threats. Financial transactions and security threats Potential solutions Given that malware presents one of the most serious issues in the field of electronic financial transactions, numerous authors sought to scissure their solutions to the problem.Vlachos and Spinellis (2007) provide an overview of the alleged(prenominal) Proactive malware identification system, which is based on the computer hygiene principles and demonstrates relative strong suit in combating the risks of malware in financial transactions. Vlachos and Spinellis (2007) call the proposed algorithm PROMIS and base it on a peer-to-peer architecture the pick of the P2P architecture is justified by the fact that P2P networks often become a propagation vector for various types of malicious software.The P2P architecture used by Vlachos and Spinellis (2007) contains two types of nodes, the member and the super nodes, and all nodes wishing to participate in the discussed P2P networks must authenticate themselves to the super nodes. PROMIS nodes generally fulfill the two basic types of operations a Notifier daemon regularly checks the log files on the security applications, while a Handler daemon analyses the first appearance rates from other peers of the group and computes a global malicious activity rate (Vlachos & Spinellis 2007).The researchers use observational design to prove that the performance of the P2P group improves proportionately to the number of P2P members. Extensive simulations suggest that PROMIS has a electromotive force to protect the operating networks from known and unknown worm activity (Vlachos & Spinellis 2007). That during virus epidemics PROMIS exploits sole(prenominal) specific vulnerabilities and leaves all other systems intact is considered as one of the basic systems benefits (Vlachos & Spinellis 2007). However, Vlachos an d Spinellis (2007) are not the only professionals in the field of financial security.The fact is in that malware is often associated with denial-of-service attacks, which continue to plague the Internet. Malware substantially start out the bar for massive distri buted denial-of-service attacks (Wang & Reiter 2008). Unfortunately, the current state of protection against DoS attacks is passive by nature and does not offer incentives to the owners of the Internet networks to protect their computers from the risks of malware (Wang & Reiter 2008). Wang and Reiter (2008) suggest that client teases be a electric potentially effective mechanism against DoS attacks in financial transactions.Client puzzles imply that a client solves a computational puzzle for requesting service before the server commits resources, thereby imposing a massive computational burden on adversaries bent on generating legitimate service requests to consume substantial server resources (Wang & Reiter 2008). End-to -end puzzles imply that each client bidding for a financial service from the Internet server must present his solution to a puzzle meanwhile, the server will allocate its limited resources to the bidders who solve the most difficult puzzles (Wang & Reiter 2008).In this system, an adversary cannot seize the financial and informational resources of a victim without committing its own resources first (Wang & Reiter 2008). These systems are effective in mitigating DoS threats at all application layers and can be readily interoperable with various bequest systems (Wang & Reiter 2008). These, however, are unique technological solutions to the existing security threats. Other authors offer less sophisticated but no less effective ideas of how to deal with security threats in financial transactions.According to Corzo et al. (2008), Automated Banking Certificates ( rudiment) can be readily used to timely identify unauthorised financial transactions. In the current system of electronic transa ctions, a financial transaction is considered authentic if it (a) is performed by an authorised entity (b) has not been altered since the piece it was generated and (c) is not a replay of another valid transaction (Corzo et al. 2008).Unfortunately, current depository financial institutioning systems can identify non-valid and unsound transactions only by means of audit after the transaction took place as a result, there is an urgent need to develop a mechanism which will trace and identify double-dealing transactions before and while they are taking place (Corzo et al. 2008). An ABC is a data complex body part which allows monitoring the relationships between various transactions within one workflow (Corzo et al. 2008).A complete ABC allows tracing operations within workflows that go beyond the boundaries of one financial institution, as long as their tasks are related (Corzo et al. 008). The use of ABCs in the current system of financial transactions proves that the task of id entifying an unauthorised user is absolutely achievable. The use of network briskness cards is another potential solution to the existing and emerging security threats. A network smart card is a smart card that is an Internet node and is accessible from the Internet (Lu & Ali 2006). The Smart Card stores user information and provides this information only to the trusted client or server, as soon as the user authorises the service or transaction (Lu & Ali 2006).Smart cards are beneficial in the sense that they can create and uphold prepare Internet connections with another Internet node, a blade server or a web browser (Lu & Ali 2006). As long as the smart card sends selected user information directly to the service provider, this information does not go through the local computer and the threats of identity theft or corresponding security breaches becomes minimal (Lu & Ali 2006). Unfortunately, the effectiveness of these developments is yet to be discovered. Meanwhile, companie s continue using more traditional solutions to their security issues.The current research suggests that AdAware and Spybot are the most common tools used by businesses to deal with such threats (Keller 2005). Moreover, patronage the availability of effective tools that cost little or nothing at all, many businesses recognise that they do not use any spyware at all (Keller 2005). As a result, businesses either lose portentous material resources or fail to timely identify the emerging threats. The case is particularly difficult with the so-called insider threats, when security threats are being born from within the business entity.For example, in 2008, the FBI alleged that a originator Intel employee copied top secret documents that posed a threat to the future of the whole company and its business projects (Patel 2009). The cases when bank workers become the basic sources of the security threats and the initiators of the complex financial frauds are not rare. As a result, the mast ery of financial transactions, their security, and the technical safety of consumers depends on how well companies realise the seriousness of the security threats and whether they are fain to deal with them.The current state of technology provides numerous solutions to the security issues in financial transactions, and businesses can secure themselves from the potential risks and failures by using the proposed technological Internet solutions at low or no cost. oddment The past years have been marked with the rapid increase in electronic financial transactions. The use of online and/ or remote mechanisms in financial operations has already become an essential element of the daily business routine.Financial transactions are associated with numerous security threats, including identity fraud, insider abuse, and the use of malware and denial-of-service attacks to access and steal personal user information. The current state of literature provides numerous solutions and ideas, which b usinesses could use to address the existing and emerging security threats. Smart cards, automated banking certificates, and the use of client puzzles are just some out of many ways to address security threats in financial transactions.Unfortunately, businesses often neglect the existing technological opportunities and do not deem it necessary to use effective protection from the real security threats. As a result, the effectiveness and safety of financial transactions largely depends on how well businesses realise the seriousness of the discussed threats and are prepared to invest additional material resources in the development of effective security strategies and solutions.