E-commerce grew at a rapid clip during the first quarter, but so did security threats, according to new figures from
The number of e-commerce transactions grew 31 percent over the same period last year, with the average transaction value
increasing 4 percent from $144 to $150.
VeriSign’s payment services, which it claims represent 37 percent of all North American e-commerce, racked up $10.7
billion in transaction settlements during the first quarter, up from $8.7 billion during the same period last year.
The report from VeriSign is the latest detailing strong e-commerce trends. The U.S. Census Bureau recently estimated a 24 percent jump in e-commerce during the first
However e-commerce security problems are also on the march. VeriSign warned of increased “pharming.” Also known as DNS
personal data can be stolen.
In March, Netcraft reported an increase in potential
pharming activity. For example, on march 16, VeriSign detected a 300 percent increased in DNS server probes that indicated
there was a direct attack against DNS servers to prep the servers for pharming.
Most attacks reported by VeriSign though during the first quarter were centered on only three vulnerabilities: buffer
overflows in unpatched Microsoft SQL Server installations; buffer overflows in the Windows LSASS module; and unprotected
Windows file shares.
VeriSign advises IT administrators to protect their networks by making sure patches are up to date and that firewalls are
“Despite the threats, users across the globe are still using the Internet as an essential tool for business and personal
use,” Judy Lin, executive vice president and general manager of VeriSign Security Services, said in a statement. “This is a
continued reflection of the confidence merchants and users can have in online transactions when appropriate security
protections are taken.”
In another security report released this week by Gartner, IT administrators ranked viruses and worms as the top IT
security threats. Outside hacking or cracking came in second, followed by identity theft and phishing, spyware and Denial of
Service attacks. Cyber-terrorism came in last.
Seventy percent of respondents considered their IT systems and processes to be more secure than they were last year,
principally due to the placement of improved security controls.