E-commerce Rolls, So Do Threats

E-commerce grew at a rapid clip during the first quarter, but so did security threats, according to new figures from

VeriSign .

The number of e-commerce transactions grew 31 percent over the same period last year, with the average transaction value

increasing 4 percent from $144 to $150.

VeriSign’s payment services, which it claims represent 37 percent of all North American e-commerce, racked up $10.7

billion in transaction settlements during the first quarter, up from $8.7 billion during the same period last year.

The report from VeriSign is the latest detailing strong e-commerce trends. The U.S. Census Bureau recently estimated a 24 percent jump in e-commerce during the first


However e-commerce security problems are also on the march. VeriSign warned of increased “pharming.” Also known as DNS

cache poisoning, pharming occurs when a compromised DNS server redirects users to a phisher’s Web site where

personal data can be stolen.

In March, Netcraft reported an increase in potential

pharming activity. For example, on march 16, VeriSign detected a 300 percent increased in DNS server probes that indicated

there was a direct attack against DNS servers to prep the servers for pharming.

Most attacks reported by VeriSign though during the first quarter were centered on only three vulnerabilities: buffer

overflows in unpatched Microsoft SQL Server installations; buffer overflows in the Windows LSASS module; and unprotected

Windows file shares.

VeriSign advises IT administrators to protect their networks by making sure patches are up to date and that firewalls are

properly configured.

“Despite the threats, users across the globe are still using the Internet as an essential tool for business and personal

use,” Judy Lin, executive vice president and general manager of VeriSign Security Services, said in a statement. “This is a

continued reflection of the confidence merchants and users can have in online transactions when appropriate security

protections are taken.”

In another security report released this week by Gartner, IT administrators ranked viruses and worms as the top IT

security threats. Outside hacking or cracking came in second, followed by identity theft and phishing, spyware and Denial of

Service attacks. Cyber-terrorism came in last.

Seventy percent of respondents considered their IT systems and processes to be more secure than they were last year,

principally due to the placement of improved security controls.

News Around the Web