Network Solutions warns merchants after hack
Jul 25, 2009 12:07 pm | IDG News Service
Nearly 600,000 credit card numbers stolen from Ecommerce Hosting merchants
by Robert McMillan
Criminals may have stolen more than half a million credit card numbers from merchant servers hosted by Networks Solutions, the Internet hosting company warned Friday.
In a letter sent to merchants who use its Ecommerce Hosting services, the company said that someone illegally installed software on company servers used handle credit card transactions initiated by 573,928 people between March 12 and June 8, 2009.
The code “may have been used to transfer data on certain transactions for approximately 4,343 of our more than 10,000 merchant Websites outside the company,” Network Solutions said in the letter, signed by company chairman and CEO Roy Dunbar and sent to merchants on Friday.
Consumers who were possibly affected by the intrusion are also being notified by credit monitoring service TransUnion. They will get 12 months of free credit monitoring.
Customers of Network Solutions’ other lines of business, such as its domain name registration or Web hosting services, were not affected by the incident, said Susan Wade, a company spokeswoman.
Law enforcement agencies are investigating, and so far the company has not heard of any credit card numbers being misused, following the incident.
The company has set up a Web site, where affected merchants and consumers can get more information on the breach.
(1) Define the term eCommerce! (2 marks)
A transaction of products or services using Internet by businesses or consumers when seller and buyer is physically not in the same place (usually country).
(2) Describe the three categories of eCommerce! (6 marks)
Business to Business – Online Transaction between a company (usually a big one or factory) with another company as its reseller. The second company will open new market for the first one. Example: Cisco is a World Leading Network Company that provide network devices and it has so many affiliates around the world that sell its product.
Business to Consumer – Online Transaction from a company directly to consumer. This kind of eCommerce make a direct transcation to consumer and usually happened on middle size company. Example: Amazon is known as an online book store. It offers thousands of books that can be purchased online by everyone.
Consumer to Consumer – Online Transaction between a single person to another person. In this type, a person can stand as seller or buyer, depends on what they demand or sell. Example: eBay is a website that facilitates people around the world to make an online transaction, so they can offer their own goods and purchase stuff from other people around the world.
(3) According to Smith and Chaffey (2001), there are five key online marketing activities (the ‘5Ss’) which can be applied by an organisation to implement various online marketing tactics. These keys are SELL, SERVE, SPEAK, SAVE and SIZZLE. Explain each activity on an online book store case! (15 marks)
There has to be a product to sell, which is books. Since this is online, they can also sell an electronic book that can be downloaded directly after the consumer make payment.
When they are online, they have a bigger chance to serve the consumer. They can provide feedback form, provide online payment to make transaction easier and faster.
An online book store should have facilities to make communication with its consumer. On their website, they can provide online chat to know about the needs of their consumer.
This online book store will surely save their cost. When they sell books in electronic format, they will no longer print their books, which is save the printing cost and also the shipping cost, since the consumers will be able to download it directly.
Same with other companies, online book store will also try to extend the brand online. They will try to push the societies that they will keep on their mind for the brand. For example, amazon.co.uk, we will know that this company is an online book store.
(4) Explain two possible impacts in Business and Employment when hackers can successfully intrude the server and steal credit card information to be used for their own purposes! (6 marks) http://www.itnews.com/data-breach/6421/ … after-hack
First, ofcourse it will give a bad impact on the company which is Network Solution. The company’s reputation will be drop and no one will use their services anymore, even though we found out from the article that it was because of the ilegal software inside their server, it has been proven that they have lack of security strength.
Second, as an impact of this, some employees might lose their job if the company no longer has a lot of customers. Furthermore, people will start to think twice to use eCommerce, as they have a big risk. Instead, they will choose the traditional transaction, even though its process is slow, but safer.
(5) Identify three factors or characteristics of a website so that it can be called as an eCommerce site! (2 marks)
* The website has an online payment facilities, usually using credit card or Paypal.
* The website has an order form that can be entried by consumer and usually protected by SSL (Secured Socket Layer) Protocol
* The website provides a communication board where people can offer their stuff or make a bid on particular thing.
* The website has many affiliates that offer the same products or services.
(6) Define the term TeleShopping! (2 marks)
Teleshopping is a shopping via videotex or other interactive information service and a form of advertising involving the broadcast of direct offers to the public with a view to the supply of goods or services.
(7) Outline the differences between Teleshopping and eCommerce (2 marks)
Teleshopping is a transaction that made when the seller and buyer is not in the same place. This is similar with eCommerce, however teleshopping can use any other medias, such as video interactive for its advertising purpose or telephone, while eCommerce always uses internet as its media.
(8) Identify the problem on the article! Explain at least two solutions and evaluate them! (15 marks) http://www.itnews.com/data-breach/6421/ … after-hack
It’s clear from the article that the problem is lack of security system on Network Solution’s server, so unauthorized person can get through the system and installing some ilegal software. The solution for this issue is to strengthen the security system on the server by installing some software that can detect and remove any ilegal software. By installing the software, any kind of ilegal software will be removed automatically and make sure the server is safe from this kind of software. Norton and McAfee Security Software is a good example for the software. On the other hand, the server will have new burden as this software needs to be active all the times to monitor the system. This can give an impact on server performance, the server will run slower.
Another solution, Network Solutions as a large web host company could hire and employ some security experts. When these experts work for the company, it can stop or at least minimize hacking activities of unauthorized person. The employee can monitor the server from time to time to avoid this incident happened again in the future. However, this is also have some risks as we cannot put trust on the experts. As they are also a human that can make a mistake, or there is a possibliliy that they can assist the outsider by sharing any secret information for their own profit.
(9) In Education, explain two impacts that can raised from the incident! (6 marks) http://www.itnews.com/data-breach/6421/ … after-hack
Network Solution as a large web host company has provide its service for many company or institution. Some of them can be a school or university. It’s give a negative impact for them if someone has successfully stolen their private database, since this data can be used for the need of their competitor, for example.
Another impact when this incident; it will trigger some company to establish an education for an ethical hacker to avoid this kind of incident will ghappen again in the future. Recently, this kind of school has been growing and the person that surpassed this will be awarded Certified Ethical Hacker.
(10)Describe two different ways people can steal private information! (4 marks)
The most popular way, people will use Spyware. When we are online, some spyware can be installed in ur computer without we realize it. This spyware will copy our private data and send all those information to the destination that has been setup before.
Adware as an alternative ilegal program also used for this purpose. When it displays some interactive ads on our computer, it can also gather some information and send it to its creator usually for vote and research purpose.
(11)Identify two kinds of Computer’s Memory! (2 marks)
ROM stands for Read Only Memory, unerasable
RAM stands for Random Access Memory, erasable
(12)Define the term ALU! (2 marks)
ALU stands for Arithmetic Logic Unit is a part of computer that responsible for calculate and logic work.
(13)Distinguish between data and information! (4 marks)
Data is raw information. For example: Lists of numbers, Lists of names, Lists of movies.
Information is data with meaning. For example:
– A list of numbers is organized to show the increase of disposable income amongst South Africans
– A list of names is organized to create a phone directory of people with a rare blood type
– A list of movies are organized by ranking as my favorite to least favorite movies
(14)Explain four things that computer normally do! (12 marks)
They accept information from the outside world.
They perform arithmetic or logical (decision-making) operations on information.
They communicate information to the outside world.
They move and store information in the computer’s memory
(Full mark will be awarded for clear description and example)
(15)Calculate these numbers and convert it in binary and hexadecimal! 73 – 16 – 141 – 51 – 39 (10 marks)
73 = 1001001 = 49
16 = 10000 = 10
141 = 10001101 = 8D
51 = 110011 = 33
39 = 100111 = 27