Information Security Threats to Network Based Information Systems

While Internet has opened a whole new world of opportunity for interaction and business by removing many trade barriers, it has also opened up new possibilities and means of criminal acts altogether unheard of in the off-line world. Why do people commit crimes online? Perhaps, some of them attempt to gain unauthorised access to other’s money. Some people have fun doing so and there are others who do it to take revenge or to harm others. While the motivation of conducting criminal acts may be the same as in the off-line world, the manner of such criminal acts is unique to the Internet. The vulnerability of the information transmitted over Internet is the root cause of the sprawling of criminal acts over Internet. Both users and vendors become vulnerable to criminal acts that undermine security due to easy accessibility of Internet and easy exploitation of security loopholes in the Internet. These criminal acts can adversely affect Internet users, particularly online vendors and customers. Therefore, it is important that Internet users not only become conversant of such criminal acts but also take suitable measures to counter and avoid becoming victims of these criminal acts. In this article we examine some of the major information security threats to Internet users with particular emphasis on electronic commerce and propose plausible solutions for a safer online experience. The information security threats can be categorised into threats to the users, threats to the vendors, and threats to both users and vendors. Electronic embezzlement, sniffing and spoofing, and denial-of-service attacks are examples of threat to the vendor. Credit card frauds and malicious codes are examples of threats to the users. Cybervandalism and phishing are examples of threats to both users and vendors.