Pssst… we can write an original essay just for you.
Any subject. Any type of essay.
We’ll even meet a 3-hour deadline.
121 writers online
The following is a report of computer security treats and vulnerabilities of WH Smith. WH Smith is a family owned British retailer, which operates 1300 stores throughout the world with many of their stores residing in the British Isles. WH Smith has a proud history of being the world’s first retail chain store, leading sales of books, magazines, stationary and is responsible for the creation of the ISBN book identifier which improved the publishing and distribution of books. WH Smith launched the sale of e-books in 2011 which increased sales annually. In 2017, the company celebrated 225 years in business and sold over 30 million books reaching a revenue of £1, 234 million with a profit of £116 million. The company will need general protection from cyber-attacks however the assets which will need the most protection are as follows
WH Smith has a legal obligation to protect customers sensitive data such as names, address, emails, phone numbers and most importantly debit or credit card details from being stolen, unfortunately most cyber-attacks are orchestrated for the soul purpose of stealing customer information from databases. This data can be used by cyber criminals to commit fraud or sell to others for illegal purposes. This would have catastrophic effects on WH Smiths reputation and would result in tremendous cost from litigation, repair to databases, loss of consumer trust etc. It is a company’s responsibility to arrange sufficient security practices to prevent data from being stolen.
Like customer data, WH Smiths own company sensitive data must be protected from a breach. This data would be sales, accounts, transport, company’s intellectual property, company policies, employee database, product pricing etc. This data helps with the day to day running of the company and its ability to run the company it to the future. Having a breach on this data could result in the decline of business, loss of reputation, company’s intellectual secrets could be leaked to competitors, loss on profits, theft of company money. It is vital that this data is protected from cyber-attacks as failure to do so could have a heavy impact on business.
WH Smith delivers a lot of its business on the internet, this is an effective way to increase sales and expand their brand name however, this asset is a big target for cybercriminals as it deals with customer sensitive data. There are many ways that a cyber-attack on the website can affect business, from breaching customer data, scanning traffic on the website, denial of access to the website to even changing or destroying the website, all of which can affect consumer trust, cost money to repair, loss of profits and destroy WH Smith’s reputation.
In recent years, WH Smith has gained ownership of several companies such as ‘FunkyPigeon. com’, ‘TheGadgetShop’ and ‘Cult Pens’. These companies are linked in with WH Smith networks and potentially could allow cyber attackers access to WH Smiths data through these companies. This is especially dangerous as these companies would share private company information through the internet which would allow cyber attackers access to this information if computer security firewalls are not set in place to prevent this. Therefore, these assets should be protected as failure to do so can allow direct access into WH Smiths sensitive company information.
Below is a list of websites where you can find information on current malware surfing the web. This is a goof method to stay up to date on all current malware threats and how you can prevent them.
Cyber criminals target the retail industry for its sensitive data and with the advancements of malware they can do so effectively. “95 percent of breached records came from three industries in 2016: Government, retail, and technology. The reason isn’t necessarily because those industries are less diligent in their protection of customer records. They’re just very popular targets because of the high level of personal identifying information contained in their records. ” – TechRepublic.
Below is detailed information on recent cyber treats which may hold serious importance to WH Smith.
Denial of service attack: A denial of service attack (DoS) is an attack on system resources. (DoS) work by over loading resources causing them to not respond to service requests. These attacks are most likely launching from many devices that are under the control of the attacker. One of the purposes of this attack is to take a system offline to allow for a different type of attack to happen. A (DoS) would be considered a low to medium risks as they can only be used to cause an inconvenience or in more serious cases allow other malicious software to attack ill the service is offline. A good example of a (DoS) attack is the ‘GitHub’ attack.
In February 2018, GitHub (popular developer platform) was hit with a record breaking traffic amount of 1. 35 terabytes per second which caused the site to go offline. GitHub was prepared for a (DoS) attack but not of this scale. This site managed to only remain offline for 20 minutes before returning online. To perform a successful (DoS) attack, cyber criminals would first send malicious software through email attachments with the intention of infecting and seizing control of many devices. With the use of many different computers, the attacker would launch an attack against online services by overloading the website with traffic. This causes a denial of service as the web service cannot cope with the sudden overload of requests.
Denial of service attacks can be difficult to remove however, one of the best ways to deal with a (DoS) attack is to contact a DOS mitigation service who have the technology and techniques to divert the attack helping to prevent you web service from going offline. Worms: Worms are a very serious and dangerous type of malware. They are a standalone malicious computer program that replicate themselves across a network of computers. Worm can harm unintentionally by increasing traffic on a network even if they are only intended to spread across the internet / network. The most common payload for a worm to carry is an installation of a backdoor in a target system or systems, they can also carry other malicious software. Worms would be considered a medium to high threat as they have the ability to spread across a network so quickly. Most worms can be removed from a computer with the help of an antivirus program e. g. McAfee and Avast antivirus. A good example of a cyber-attack with the use of a worm virus is ‘storm worm’.
Storm worm was first discovered in 2007, this worm targeted computers running Microsoft operating systems. The worm disguised itself in an attachment of emails that were linked to recent tragedies. Once the attachment was downloaded the worm would infect the computer by installing a backdoor into the computers system. This allowed access to email account and contacts which spread the worm further across the network. The compromised machines were merged into forming a botnet. Usually each botnet machines are controlled by one computer but in this case, each infected computer was merged into subset groups and a peer – peer network was established meaning no one computer was in controlling making it difficult to track the source of the attack.
Rootkits: Rootkits are one of the most damaging malicious software available to date. Rootkits can be catastrophic as they are usually a combination of many different types of malicious software all wrapped up in one near undetectable package which is designed to eavesdrop on a device with the use of a keylogger or gain remote control of the computer. A rootkit works by infecting systems files such as the directory or boot setup from here the attacker has full control of the computer and has the ability turn the computer into a botnet, steal data, corrupt files, install backdoors into networks and conceal other malware. When a company is infected with a rootkit it is a medium to high risk level. This means that the malicious software can cause serious or catastrophic damage to the company’s assets. An example of a rootkit is ‘Flame’.
Flame was a computer malware rootkit that was discovered and further documented in 2010 / 2012 respectively, the rootkit attacked devices using Microsoft operating systems and was used to record audio, screenshot, keyboard activity and scan network traffic. The rootkit was designed to spy on users and local networks. It was designed to evade detection for as long as possible and was said to infect over 1000 computer in Iran.
There are many different types of malware available to cyber criminals at this present day. One of which has proven to be very effective, Ransomware is a type of malicious software that can be used to destroy, alter or leak data or block access to data. Ransomware works by gaining access to a device usually contained within an attachment of an email that masquerades as something innocent. Once the user opens the file, the malware will encrypt files on the hard drive leaving the user unable to access their files. The ransomware will then try to extort money from the user by demanding money to de-crypt the data or else risk losing the data permanently. One of the most destructive and costly examples of ransomware was an attack in 2017 which targeted devices using Microsoft windows operating system. The ransomware referred to as ‘Wanna Cry’ encrypted files and data on these systems and demanded bitcoin currency to decrypt the data. This ransomware was estimated to infect 200, 000 computers over 150 countries.
Most likely treats and common practices to help prevent attack or minimise damage. If a rootkit found its way on to one of the computer at wh smith administration offices it could steal credentials, be used to spy on current agendas or worst case scenario, spread across all devices and networks at wh smith and allowing the hacker full use of all system leaving the company helpless to the hackers demands.
To export a reference to this article please select a referencing style below:
Sorry, copying is not allowed on our website. If you’d like this or any other sample, we’ll happily email it to you.
Attention! this essay is not unique. You can get 100% plagiarism FREE essay in 30sec
Sorry, we cannot unicalize this essay. You can order Unique paper and our professionals Rewrite it for you
Your essay sample has been sent.
Want us to write one just for you? We can custom edit this essay into an original, 100% plagiarism free essay.Order now
Are you interested in getting a customized paper?Check it out!