Data Manipulation: The Next Level of Cyberattacks
…attacks when they are least likely to be discovered and most likely to create the most amount of damage. While causing an autonomous vehicle to wreck in real-time is still a likely scenario, setting it up to trigger at a later date to time — such as during rush hour or holiday traffic — could also be advantageous for bad actors. The same is true of attacks on infrastructure. If malware is triggered to shut down the electric grid on the coldest of days, more people may die of exposure or illness as a result.
The End Goal Is to Steal Your Trust in Your Data
While the immediate goals of data manipulation attacks are often to create chaos and/or to destroy something in the physical world, the ultimate end game is to terminate trust in the data. Just as a nation state can work at destroying trust in another country’s elections, courts or media, so too can destroying a company’s trust in its data cripple that company’s actions and competitive stance in the marketplace.
“These types of attacks are based on targeting the trust an organization has in the integrity of its data,” explains Gary Hayslip, CISO for Webroot. “It is removing one of the legs of the foundational cybersecurity pyramid — ‘Confidentiality, Integrity and Availability’ — and it would create chaos in an organization and its business operations.”.
Resolving data trust issues is no simple matter.
“With a data manipulation attack, unless you have tight data governance controls, it can be an extensive and costly effort to try and remediate the compromise, and you may never know if you have completely resolved the issue,” adds Hayslip. “This type of attack could be used in a variety of scenarios including the traditional hold for ransom, financial fraud by manipulating data to make money on investments,and changing data to influence an investment or M&A.”
Time Becomes a Threat Too
“It’s important to understand what changing data actually does,” says Javvad Malik, security advocate at AlienVault. “By compromising the integrity of data, one is fundamentally breaking trust — and this can have serious repercussions. This can be particularly bad if small changes are made over a long period of time. Not only will these be hard to discover, but the victim won’t know how far back in time to go in order to get a reliable snapshot.”
“For example, suppose credit rating scores were changed over a long period of time. It could cause irrevocable damage whereby credit scores become meaningless because there is no trust in the data,”
These types of slow and far-reaching attacks are limited only by the imagination of the criminal mind.
“A few simple examples would be changing the network logs following…