Cybersecurity Threats and Prevention Measures for Lelong.my
Added on 2023-06-11
9 Pages3232 Words419 Views
Political Science
|
|
|
Table of Contents
INTRODUCTION................................................................................................................................1
INTERNAL ATTACKS.......................................................................................................................1
Information leakage.........................................................................................................................2
Downloading malicious internet content........................................................................................2
Malicious cyberattacks.....................................................................................................................3
EXTERNAL ATTACKS......................................................................................................................4
Rogue Software.................................................................................................................................4
Man in the Middle (MITM).............................................................................................................5
Denial-of-Service (DoS) Attacks......................................................................................................6
Conclusion.............................................................................................................................................6
References.............................................................................................................................................7
INTRODUCTION................................................................................................................................1
INTERNAL ATTACKS.......................................................................................................................1
Information leakage.........................................................................................................................2
Downloading malicious internet content........................................................................................2
Malicious cyberattacks.....................................................................................................................3
EXTERNAL ATTACKS......................................................................................................................4
Rogue Software.................................................................................................................................4
Man in the Middle (MITM).............................................................................................................5
Denial-of-Service (DoS) Attacks......................................................................................................6
Conclusion.............................................................................................................................................6
References.............................................................................................................................................7
LELONG.MY
INTRODUCTION
Lelong.my is an e-commerce online market located in Malaysia. It provides customers
with the experience of shopping online that besides supporting transactions of customer to
customer, it also supports relationships of business to business. Lelong.my also provides
several categories of products which customers can choose when buying products such as
watches, electronics, books, cameras among others from a several stores that sell online and
sellers in Malaysia. This is carried out in a safe and convenient environment. The market is
always working throughout and is open to everyone. Lelong.my also offers sellers a platform
whereby they are able to own a store that is personalized using a cost that is low. They also
offer lessons to sellers on becoming successful in selling online. Customer care team of
support is also provided in case of any enquiries.
Lelong.my has implemented principles of compliance and personal data protection
which is according to the PDA (Personal Data Protection Act 2010) which is meant to protect
the personal information of the customer. SSL Certificates are also employed to provide
strong encryption on the customer data which makes it secure as it becomes difficult for the
attackers to penetrate though it. Firewalls are also another aspect that ought to be considered
on the network of the Lmall. They offer protection to the network against any kind of threats
and malware that is advanced, malicious traffic of the internet and viruses. They continuously
scan the activities of the server and they are also designed in a manner that they are able to
adapt to the threats introduced through intrusion prevention that is based on signature without
causing the traffic to slow down.
INTERNAL ATTACKS
Some study carried out by the US Cert (Computer Emergency Response Team)
suugested that about 40% of the Security threats of IT are instigated by the employees of a
company. The attacks of the criminals are most likely to be carried out from within the
company: a study carried out recently indicated that 90% of the crimes that are criminal
performed on computers were done by the employees of the company they worked for. Either,
some carried out the attacks since they wanted to revenge for being fired or due to persinal
grudges or just lack of satisfaction in terms of the payments. Businesses that are coming up or
just small businesses are most likely to be attacked by the security breaches of IT since they
1
INTRODUCTION
Lelong.my is an e-commerce online market located in Malaysia. It provides customers
with the experience of shopping online that besides supporting transactions of customer to
customer, it also supports relationships of business to business. Lelong.my also provides
several categories of products which customers can choose when buying products such as
watches, electronics, books, cameras among others from a several stores that sell online and
sellers in Malaysia. This is carried out in a safe and convenient environment. The market is
always working throughout and is open to everyone. Lelong.my also offers sellers a platform
whereby they are able to own a store that is personalized using a cost that is low. They also
offer lessons to sellers on becoming successful in selling online. Customer care team of
support is also provided in case of any enquiries.
Lelong.my has implemented principles of compliance and personal data protection
which is according to the PDA (Personal Data Protection Act 2010) which is meant to protect
the personal information of the customer. SSL Certificates are also employed to provide
strong encryption on the customer data which makes it secure as it becomes difficult for the
attackers to penetrate though it. Firewalls are also another aspect that ought to be considered
on the network of the Lmall. They offer protection to the network against any kind of threats
and malware that is advanced, malicious traffic of the internet and viruses. They continuously
scan the activities of the server and they are also designed in a manner that they are able to
adapt to the threats introduced through intrusion prevention that is based on signature without
causing the traffic to slow down.
INTERNAL ATTACKS
Some study carried out by the US Cert (Computer Emergency Response Team)
suugested that about 40% of the Security threats of IT are instigated by the employees of a
company. The attacks of the criminals are most likely to be carried out from within the
company: a study carried out recently indicated that 90% of the crimes that are criminal
performed on computers were done by the employees of the company they worked for. Either,
some carried out the attacks since they wanted to revenge for being fired or due to persinal
grudges or just lack of satisfaction in terms of the payments. Businesses that are coming up or
just small businesses are most likely to be attacked by the security breaches of IT since they
1
may not be able to afford systems of detection of intrusion and monitoring that are
sophisticated compared to the enterprises that are already established or large enterprises. The
internal attacks comprises of the following;
Information leakage
There are numerous ways through which information can be collected from the network of
the computer that you are using and shared with the outsiders of the organization. It can be
either through the CD-ROM, USB stick of data, MP3 player or even through the digital
cameral. According to Ring (2014), the named devices are significantly highly portable and
also the hard drives contain large volumes as an employee can easily walk away with almost
60GB of data using the stick of the USB. Through that, the employees of today may easily
collect a good amount of the database of the customer outside and use it for their personal
gain. According to Troyansky (2013), one quarter of workers in a certain country who work
using PCs in an organization admitted that they usually copy data into their mobile devices for
more than once in a week. Additionally, 40% of them also admitted that they also use the
sticks of USB in circulating data and one fifth admitted that they have exposed their
passwords to outsiders or third parties. Using the data collected from those portable devices
and exposure of the credentials of the employees, they are likely to be used by the criminals in
performing the attacks on the network of a company, steal the information of the customers
and use it for fraud.
It is advisable thatcompanies implement usage of software in specifying policies on the
kind of devices which are allowed to be linked with the network of the company and the kind
of data that is allowed for downloading. The company ought to enforce that and also educate
the workers the reason as to why they are enforcing the policies, otherwise the employees
would just find a way of breaking the policies. It is also recommended that, a company ought
to consider blocking the access of the email that is web-based and services of data storage like
the Gmail since once confidential documents are stored to a storage site that is online,then, the
information turns out to be out of the control of human. Finally, networks should be locked to
prevent access of wireless thriugh the use of Wi-fi or Bluetooth apart from the users that are
authorized with devices that are authorized. (Greenemeier, 2016)
2
sophisticated compared to the enterprises that are already established or large enterprises. The
internal attacks comprises of the following;
Information leakage
There are numerous ways through which information can be collected from the network of
the computer that you are using and shared with the outsiders of the organization. It can be
either through the CD-ROM, USB stick of data, MP3 player or even through the digital
cameral. According to Ring (2014), the named devices are significantly highly portable and
also the hard drives contain large volumes as an employee can easily walk away with almost
60GB of data using the stick of the USB. Through that, the employees of today may easily
collect a good amount of the database of the customer outside and use it for their personal
gain. According to Troyansky (2013), one quarter of workers in a certain country who work
using PCs in an organization admitted that they usually copy data into their mobile devices for
more than once in a week. Additionally, 40% of them also admitted that they also use the
sticks of USB in circulating data and one fifth admitted that they have exposed their
passwords to outsiders or third parties. Using the data collected from those portable devices
and exposure of the credentials of the employees, they are likely to be used by the criminals in
performing the attacks on the network of a company, steal the information of the customers
and use it for fraud.
It is advisable thatcompanies implement usage of software in specifying policies on the
kind of devices which are allowed to be linked with the network of the company and the kind
of data that is allowed for downloading. The company ought to enforce that and also educate
the workers the reason as to why they are enforcing the policies, otherwise the employees
would just find a way of breaking the policies. It is also recommended that, a company ought
to consider blocking the access of the email that is web-based and services of data storage like
the Gmail since once confidential documents are stored to a storage site that is online,then, the
information turns out to be out of the control of human. Finally, networks should be locked to
prevent access of wireless thriugh the use of Wi-fi or Bluetooth apart from the users that are
authorized with devices that are authorized. (Greenemeier, 2016)
2
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
IT Security: Types of Risks, Organizational Procedures, Impact of Firewall Configuration, Implementation of DMZ, Static IP and NATlg...
|18
|1181
|61
IS Security and Risk Managementlg...
|12
|3177
|391
Smartphones Security Issues and Mitigation Toolslg...
|10
|706
|305
Challenges and Approaches to Overcome Session Hijacking and Intrusion Detection Systemslg...
|4
|603
|263
Computer Security: Elements, Issues, and Frameworkslg...
|15
|5037
|1
Network Intrusion Detection System Assignmentlg...
|9
|1509
|85