Abstract: In the cloud era, network infrastructure is more complex, and the services and data running on it are more important. No matter e-commerce, The Internet, medical care, finance, education and other industries, are inseparable from the escort of security services, only with the premise of security work, the development of other basic activities can be guaranteed.

This article is shared from huawei cloud community “618 Technology Special (4) Crazy chop hands at the same time, e-commerce privacy security have you noticed?” Torchbearer of technology.

Quote:

There is a very famous law in the security field – in 1941, the Famous American safety engineer Heinrich put forward, he then counted 550,000 mechanical accidents, found that the proportion of death or serious injury, minor injury or failure, and no injury accident is 1:29:300, this law is also applicable to cloud security. That’s 29 successful intrusions for every security incident, and more than 300 vulnerabilities. The occurrence of security incidents, it also has a perception of the iceberg and the iceberg. On the iceberg are products and services that users can see; Under the iceberg, it is necessary to provide more security capabilities in carrying the safety of users.

It is another year of 618 carnival. When every consumer compares prices and adds shopping carts, and when every business is busy with new products and activities, they will ignore some crucial e-commerce safety issues. Such as malicious attacks, data theft, Trojan attacks and other attacks involving information security. Security problems are usually easy to be ignored, but once they appear, there will be endless problems.

Today, Huawei cloud brings you an in-depth analysis of the security problems in various scenarios of e-commerce and how to deal with them. It is the core index of security ability to detect attack behavior in time and keep danger out. In the era of data, we should not only pay attention to the smooth ordering, sales growth, but also establish a perfect security defense system.

Host malicious attack: detect hacker intrusion, timely warning

During the 618 push, tens of thousands of users’ ordering information will be stored in the server. If there is no security protection system, hackers use password cracking, social work attacks, or vulnerability attacks to break into server databases and obtain a large amount of data assets. In the process of being attacked, e-commerce services are interrupted. A large number of malicious files occupy system resources, causing servers to fail to run properly and affecting users’ purchase operations.

Cloud hosting is bearing the key data and core business system, once the attack, the most valuable part of the whole information system will face the risk of theft and destruction, this time, the electric business platform in order to ensure the security of the host, so you need to build in computing environment and safety as the core of defense in depth system, strengthen the initiative to assess risk and early warning and response capacity.

Huawei Cloud Enterprise Host Security Service (HSS) uses the all-in-one policy to detect hacker intrusion behaviors, including password cracking, malicious requests, and Trojan horse detection. HSS can quickly detect the infiltration and scanning behaviors of hackers on enterprise servers and provide timely warnings.

HSS performs secondary authentication on cloud server login by combining SMS or email verification codes during login. This alarm is generated when a remote login is detected. If an account is discovered to have been breached, the system will precisely block the source IP address of the attack for 24 hours and forbid it to log in again, thus preventing hackers from launching attacks again.

Web hijacking, phishing risk: lack of an application firewall

Many enterprises rely on Web applications for critical business, and 75% of Internet attacks are concentrated at the application layer. In the case of e-commerce, seckill activities are often held during 618 and Singles’ Day. Some illegal attackers will use proxy servers to generate legitimate requests to the victim host and make a large number of access requests to the Web server, so that normal users cannot access the Web server properly. In the end, as soon as the seckill activity starts, the e-commerce page will be 404 and cannot be accessed.

Web pages are tampered with, access is phished, every activity goes down… In fact, behind all of this is the lack of protection for Web applications.

For Web application defense, the Web application firewall detects and blocks common Web site attacks, and identifies and blocks common Web attacks. It helps users to deal with security problems such as website intrusion, vulnerability utilization, webpage tampering, backdoor implantation, CC attack and so on, escorting the safe operation of enterprise Web business.

Huawei Cloud Web application firewall is such a product. It helps enterprises analyze Web attacks and set dynamic defense policies for specific service scenarios. It provides an exclusive defense engine and enables the intelligent defense CC function immediately. In the process of continuous confrontation, based on flexible custom strategy configuration, find out the attack strategy of black production, and kill it. At the same time, it helps customers sort out business logic and provides basis for business adjustment and optimization.

Huawei cloud VMALL every mobile phone shopping activity can have a silky experience, one of the secrets is because of it.

E-commerce privacy security: to prevent data leakage, the whole life cycle protection

As we all know, data is the core information of the enterprise, and the key location of data storage is still in the database. However, the current situation is that a large number of interconnected enterprise environment, database generally lack of effective security protection. Some lawless elements will use the way of dragging and washing and bumping databases to steal information.

In the process of attacking the database, they would use an infiltration attack to find vulnerabilities on the site and then find the location of the injection. Find the Web virtual directory and upload the ASP script to obtain the management permission of the database. Exporting vital information from the database to be sold on the black market or extorted.

Database security defense is faced with the traditional weak protection, rampant external attacks, internal violations and other problems. As we know, the data of e-commerce enterprises not only contain commodity information, but also a large number of privacy data of registered users and user behaviors. If data leakage occurs, it will not only cause business loss.

Data privacy needs to be stored and circulated, but not “naked”. How to defend data gold mine? Data on the cloud can protect data privacy by means of authentication such as key technology, new algorithms and encryption algorithms, while enhancing the protection of data itself. Data is encrypted at each stage of data transmission, storage and processing, and information is processed by cloud technology to realize information concealment and protect user data security. Huawei cloud also has three tricks to help you!

DatabaseSecurity Service (DBSS) provides functions such as sensitive data discovery, data desensitization, database audit, and anti-injection attacks based on the reverse proxy and machine learning mechanism to ensure DatabaseSecurity on the cloud.

Data EncryptionWorkshop (DEW) provides proprietary encryption, key management, and key pair management capabilities to free you from Data leak worries.

Data security center DSC, as a new generation of cloud native data security platform around data acquisition, transmission, storage, processing, use, exchange and destruction of various stages to build protection of data life cycle security.

In the cloud era, the network infrastructure is more complex, and the services and data running on it are more important. No matter e-commerce, The Internet, medical care, finance, education and other industries, are inseparable from the escort of security services, only with the premise of security work, the development of other basic activities can be guaranteed.

Why can’t you stop shopping when you’re three times over budget?

If you want to know why our wallets are empty every time we have a rush? Is it that we lack self-control or that e-commerce platforms are too good at reading people’s minds? We might as well take a look at the technical dimension to find out.

With millions of people ordering at the same time, why is it getting easier to grab the second kill?

When consumers are captured by e-commerce recommendation systems, how do they ensure that you can buy your favorite goods anytime and anywhere during the promotion period, and how do the transaction data flow in an orderly way to ensure that you can both grab and receive the goods in time? This article breaks it down for you.

Why are the technical challenges behind “OMG Buy It”?

Tens of millions of people are online at the same time. Once the baby link is on the shelves, it takes seconds to reach consumers. Getting everyone to see the links at the same time, buying them fairly, and making sure the system works reliably is a big test. What is the technical support behind it, and what are the challenges encountered in the process? Let’s find out.

Click to follow, the first time to learn about Huawei cloud fresh technology ~