Security Vulnerabilities in E-commerce
Security vulnerabilities have in the recent past affected and changes people’s perception about e-commerce. Cyber-attacks are a major threat to companies with one of the most affected being Yahoo. Over the years, the company has earned global recognition for its web services, which include Yahoo Finance, Yahoo Messenger and Yahoo Mail. On average, more than half a billion people visit Yahoo websites on a monthly basis indicating that the company has large amounts of data to protect (Larson, 2017). Despite the awareness of the sensitive nature of the information collected, the popularity of e-commerce has made it an easy target for cyber criminals.
Yahoo 2013 Cyber Attack
Since 2012, Yahoo has encountered more than three attacks by hackers putting users’ information at great risk. However, the 2013 cyber-attack where all Yahoo accounts were compromised (around 3 billion), contrary to earlier reports of a fewer number, stands out (Larson, 2017). Four individuals were indicted by the Federal Bureau of Investigation for being the masterminds of one of the biggest hacking scandal in the history of e-commerce networks. The hackers accessed the Yahoo user database through SQL injection which enabled them to gain information such as names, backup email addresses, phone numbers and security questions (Larson, 2017).
The Security Life Cycle Model
The need to take precautionary and security measures by network providers to put an end to cybercrime cannot be overemphasized. The use of third-party codes by Yahoo explains its repeated user database hacking. It is therefore debatable whether the security threats were actually preventable in the first place. The most common method for web application protection is through the incorporation of the security life cycle model. According to a monthly report by Imperva, the use of this model is non-existent as far as third-party codes are involved (Imperva, 2013). The only way Yahoo could have protected the third-party code from hacking would have been by putting it behind a Web Application Firewall (WAF).
The Effect of Security Measures on Customer Service in E-Commerce
In the recent past, e-commerce has become popular but so has the potential risk of hacking on the web networks. It is debatable whether e-commerce is a success or a disappointment to the social and financial status of users vis-à-vis the increased rates of cybercrime (Mark "Donald, 2011). As is the case with other web networks, the cost of doing business with Yahoo is very low. The Yahoo Finance provides retailers, wholesalers and customers to carry out transactions across the globe with the click of a button. Despite e-commerce being the easiest and most efficient mode of doing business in the modern world, the need for passwords and bank account details for user accounts has the made the platform unsafe (Mark "Donald, 2011). The security measures put up by most e-commerce web networks like Yahoo actually sacrifice customer service. Free e-commerce trends have negatively affected the shopping experiences for most e-customers in cases where their accounts have been hacked.
Conclusion
The vulnerability of the SQL injection to hackers is definitely a worrying issue to web application users. With more than three hacking episodes on the Yahoo web application, it feels insecure and unsafe to enter passwords due to the high existing fear of data manipulation and privacy exposure that is a creation of the web application hacking history. Despite the effectiveness of e-trade and commerce, customers are concerned about their right to privacy which is control of the web application providers.
References
Imperva. (2013). Lessons learned from the Yahoo! Hack. California: Hacker Intelligence Initiative. Retrieved from https://www.imperva.com/docs/HII_Lessons_Learned_From_the_Yahoo_Hack.pdf
Larson, S. (2017, October 4). Every single Yahoo account was hacked- 3 billion in all. Retrieved from CNN Tech: http://money.cnn.com/2017/10/03/technology/business/yahoo-breach-3-billion-accounts/index.html
Mark, A. s., " Donald, D. T. (2011). Privacy and Security Issues in E-Commerce. In J. C. Derek, New economy handbook (pp. 1-16). New York: Emerald Group Publishing Limited.
