First they came for data availability, then they came for data confidentiality and now they are coming for data integrity. The previous sentence broadly sums up the evolutionary epochs of threats to data in the domain of cyber security. The first wave of cyber attacks can be ascribed to Malwares which are designed to cut access to the data or DDOS attacks which deny access to a website under attack. The second wave of cyber threats are characterized by “data theft”. Experts are now talking about a third wave. Known as Data Integrity Attacks they neither prevent you from accessing data like an ordinary malware does nor do they steal your data like those ransomwares. Instead they compromises the integrity( i.e., accuracy and reliability) of your data.
In late 2015, while emphasizing the need to focus on protecting data integrity, U.S. Director of National Intelligence James Clapper said “While most of the public discussion regarding cyber threats today is focused on the confidentiality and availability of information, in the future, however, we might also see more cyber operations that will change or manipulate electronic information in order to compromise its integrity instead of deleting it or disrupting access to it”.
What is Data Integrity Attack?
Data Integrity is an assurance that the information can only be accessed or modified by those who are authorized to do so. Data integrity attacks therefore aim to compromise this assurance and aim to gain unauthorized access with intentions to modify data reliability and accuracy. One of the most famous data integrity attack has been the use of Stuxnet worm allegedly used by US and Israel to sabotage the nuclear programme of Iran. These attacks are one of the worst modes of cyber attacks because a manipulated and modified data can have unintended consequences. Imagine if terrorists modify sensitive military and government data. It can lead to catastrophic consequences.
How is Data Integrity Attack carried out?
Data integrity attacks involve a number of joint attacks on different layers in the system with an aim to exploit the vulnerabilities. The higher the vulnerability, higher will be the level of the access the attacker can gain.The attackers use a number of techniques and tools to penetrate and monitor a system over time. Sometimes the attackers plant the bugs and wait for years until they think it’s the perfect time to attack. Consider a scenario, in which the attacker plants a malware through phishing emails in the administrator’s computer. The malware establishes a Keylogger program in the system to gain the credentials. In the meantime he can also change the security settings and infiltrate more harmful programs.This is the way integrity attacks occur. These attacks are very dangerous and have the potential to conquer the whole system.
Who are the main targets?
The target can be any organization which is connected to the internet and tweaking of whose data can lead to consequences as intended by the attacker. In such a scenario, government and military organizations, financial sector, media and health companies have been identified as main targets because modifying the reliability and accuracy of data held by them can lead to grave consequences. In 2013 the twitter handle of The Associated Press was hacked and a false news on US President Obama being injured was tweeted. Within seconds, the Dow Jones Index slumped by 150 points. Similarly integrity of data can be compromised to damage economy.
At a personal level, integrity attacks are highly beneficial for the attackers. Instead of stealing credit card credentials, the attacker can directly access the bank database and manipulate the money routing process to their favor. So, the individual motivation level for carrying out such attacks is high than traditional attacks especially given the lack of focus by organizations in involving such attacks in their cyber security domain.
How can these attacks be prevented?
Data Integrity attacks can be prevented by practicing certain security measures. These attacks target the networks and then they climb up the ladder. Building segregate networks in the system will help stop spreading attacks. Using security suites in all devices will act as a shield from integrity attacks. In order to detect and prevent data integrity attacks, we must also consider developing network security tools with artificial intelligence which can block suspicious moves.