Trong thucmg mai dien tir, cac hanh vi gian Ian the tin dung xay ra da dang vet phirc tap han nhieu so vai thuang mai truyen th6ng. Neu nhu trong
thuang mai truyen th6ng, viec mat the hoac the bi danh cap la m6i de doa nhat d6i vOi khach hang thi trong thucmg mai dien tir m6i de doa la bi "mat" (hay bi 10) cac thong tin lien quan den the tin dung hoac cac thong tin giao dich sir dung the tin dung trong qua trinh thvc hien cac giao dich mua sam qua mang va cac thiet bi dien tin. Cac tep china dit lieu the tin dung cua
khach hang thu6ng la nhimg invc tieu hap dAn d6i voi tin * khi tan cong vao website thuang mai dien tir. Han the, nhung ten tOi pham c6 the dOt nhap vao cac ca sa dir lieu cua website thucmg mai dien tir de lay cap cac thong tin cita khach hang nhu ten, dia chi, dien thoai... voi nhilng thong tin nay chung c6 the mao danh khach hang thiet lap cac khoan tin dung moi nham phut vu nhirng mvc dich phi phap.
- Din ding tir choi dich vu
Tan cong tir ch6i dich vu (DOS - Denial Of Service attack, DDOS — Distributed DOS hay DR DOS) la kieu tan cong khien met he th6ng may tinh hoac met mang bi qua tai, clan tad khong the cung cap dich vu hoac phai climg hoat dOng. So. khai nhat la hinh thirc DoS (Denial of Service), 19.i dung sir yeu kern cua giao thirc TCP, tiep den la DDoS (Distributed Denial of Service) - tan cong tir ch6i dich vu phan tan, va gan day la DRDoS - din
cong theo phuang phap phan xa phan tan (Distributed Reflection Denial of Service).
Nhting cuOc din cong DoS c6 the la nguyen nhan khien cho mang may tinh ngirng hoat dOng va trong thoi gian do, nguoi sir dung se khong the truy cap vao cac website thucmg mai dien dr. Nhang tan cong nay ding dtmg nghia vai nhung khoan chi phi rat 16n vi trong th6i gian website ngimg hoat deng, khach hang lch'6'ng the thigrc hien cac giao dich mua ban. DO'ng th6i, sv gian doan hoat Ong nay se anh hu6ng den uy tin va tieng tam cita doanh nghiep. Mac du nhimg cuOc tan cong nay khong pha huSr thong tin hay truy cap vao nhimg yang cam cila may chii nhung tao ra phien toai, gay tra ngai cho hoat Ong cua nhieu doanh nghiep. Vv tan cling DOS dien hinh dau tien xay ra vao thang 2-2000, cac hoat dOng din cong lien tvc khien hang boat website tren the giai ngimg hoat Ong trong nhitu gib, trong do co nhung website hang day nhu: eBay ngimg hoat Ong trong 5 gib, Amazon gan 4 gib, CNN gan 3.5 gib, E-Trade gan 3 gib, Yahoo va Buy.com va ZDNet
ding ngimg hoat gong tir 3 den 4 gia. Ngay ca ngtreyi kh6ng 16 Microsoft cling da timg phai ganh chiu heu qua cua nhitng cuOc tan cong nay. O Viet Nam, ding da co rat nhieu doanh nghiep bi tan cong duoi hinh thirc nay.
- Ke trg'm tren mang (sniffer)
Ke trOm tren mpg (sniffer) la mOt clang dia chucmg trinh theo nghe trOm, giam sat sir di chuyen dm thong tin ten mang. Khi sir dung vao nhimg muc dich hop phap, no c6 the giitp phat hien ra nhang yeu diem dm mang, nhtmg ngugc lai, neu sir dung vao cac muc dich phi phap, cac ph'An mem ling dung nay se tr.& thanh cac m6i hiem hoa 16.n va rat kho c6 the phat hien. Ke trOm sir dung cac phAn mem nay nham lAy cap cac thong tin c6 gia tri nhu thu dien tir, du lieu kinh doanh cua cac doanh nghiep, cac bao cao
tir bAt cir not nao tren mang.
Xem len thu dien tir la mot dang moi cua hanh vi trOm cap tren mang.
Ky thuet xem len thu dien tir la sir dung mOt dog' ma (An) bi met gait vao thong diep thu dien tix, cho phep nguoi nao do co the giam sat toan b0 cac thong diep chuyen tiep dugc giri di ding yeti thong diep ban dAu. Ching han mOt nhan vien phat hien thAy 18i ky thuet trong khau san xuAt, anh to lap tire
giri mOt bao cao thong bao cho cAp tren ve phat hien cua minh. Nguoi nay sau do se tiep tuc giri th8ng bao den tat ca cac bo phen co lien quan trong doanh nghiep. MOt ke nao do sir dung ky thuet xem len thu dien tir CO the theo doi va biet dugc toan b0 thong tin trong birc thu dien tir giri tiep sau do ban ve van de nay.
- Phishing - " Ice gia mao"
Phishing la mOt loai tOi pham cong nghe cao sir dung email, tin nhan pop-up hay trang web a lira ngtrai dimg cung cAp cac thong tin ca nhan nhay cam nhu the tin dung, met khAu, s6 tai khoan ngan hang. Thong thutmg cac tin tee thutmg gia mao la cac cong ty n6i tieng you cau khach hang cung cAp nhimg thong tin nhay cam nay. Cac website thuang xuyen bi gia mao do la Paypal, EBay, MSN, Yahoo, BestBuy, American Online.... Ke gia mao thuZyng huang ten phishing nhitng khach hang dm ngan hang va nguoi tieu dimg thuOng mua sam trlic tuyen. Nhang thong tin an cap se dugc ke gia mao dimg de truy cep vai muc dich xAu, neu la thong tin ve tai
khoan thanh toan thi se dung vao muc dich mua hang hoac rut tien. Bat cu ai ding c6 the phishing dugc vi phan mem phishing la co nhieu ten mang voi hbrang an chi tik cung vai danh sach dia chi email. Cong nghe phishing lA da c6 tir nhting nam 1987, tuy nhien no chi thuc star biet den rang rai vao nam 1996. AOL IA ding ty dau tien da bi ke gia mao tan cong an cap thong tin dm khach hang. Dui:mg link trong dia chi email ket not ten trang web dm eBay nhung day kh6ng phai la trang web that cua eBay ma chi IA met trang web gia mao c6 logo va hinh thirc gieng vai trang web eBay that. PayPal met trang web giai phap thanh toan 6-mg la doi tugng thuarng xuyen bi gia mao. Ke gia mao Paypal da xay dung URL cai trang gieng URL cua Paypal bang each sir dung ky hieu @ (http://paypal.com@218.36.41.188/fl/login.html) . Thuong thi cac server be qua cac ky to tnrac @ NIA chi sir dung nhting ky to sau no. Nhu vay la khach hang chi CO the nhin thay throng link trong mail nhu http://paypal.com Chinh vi vay ma khach hang da Ichong nhan ra dugc la minh dang bi tan ding tir cac tin tac va da cung cap nhung thong tin ca nhan va tai khodn.
- Ngoai ra, tai pham TMDT dugc thuc hien duai nhieu hinh thirc sau: phat trien cac mang may tinh ma (bots network) de tan ding DOS, giri thu rac, giri thu rac vbi quy mo lan (dich vu thu rac), thue hacker pha hoai website cua dei thin canh tranh, thu thap thong tin ngu6i sir dung bang spyware.
4.3. Xfiy dung lee hoach an ninh cho thiwng mai din tir
Viec xay dkmg ke hoach an ninh thuang mai din tir cho doanh nghiep bao gem 4 giai doan sau: