Security Risks and Precautions

• Small data files created when a user accesses a website.

• Store details which are then sent back to the cookie's author.

• Log the actions a user has carried out online.

• Can track data such as location, device information, purchase history, IP address and search history.

• Can be used to gather marketing data or target personalised ads.

A Denial of Service attack is when someone attempts to prevent legitimate users from accessing an online service. The attacker will bombard a server or online resource with excessive network messages, with the intention of keeping it busy and preventing others from accessing it.

Symptoms

• Slow performance of the website or service.

• The inability to access data held on the website or service.

Effects

• Disruption to users - unable to access the service.

• Disruption to businesses - their customers cannot access their service.

Costs

• Lost revenue - users unable to purchase products or services.

• There will be a labour cost to fix the fault.

Type of fault

• Bandwidth consumption - using all of the website's available bandwidth.

• Resource starvation - an attempt to use enough server resources to make the system unresponsive.

• DNS attack - modification of DNS record settings to point to a rogue DNS server.

Reasons

• Financial - bringing down a commercial website will cost that company money.

• Political - prevent access to the website of a political rival.

• Personal - the attacker may have a personal grudge against the owner of the website.

• Authenticates a person, allowing them to exchange data over the Internet using a public key.

• Issued only by trusted entities.

• • A digital signature is created when a message is sent using a private key.

  • The recipient can be confident that the sender is who they say they are.

  • The recipent can be confident that the message was not altered in transit.