In 2017, the discussion on data integrity heats up

The assurance that data has not been accessed by unauthorised users nor tampered with is the basis on which business is conducted today, but is it reasonable?

A lot could be at stake. As recently as January 2017, the US government reported that Russia had likely influenced the US elections. In a declassified report released by the US Office of the Director of National Intelligence, Assessing Russian Activities and Intentions in Recent US Elections, the US government states that Russian hackers had compromised personal e-mail accounts of Democratic Party officials and political figures, and later leaked that data to the public.

The report states: "We assess Russian intelligence services will continue to develop capabilities to provide (Russia President) Putin with options to use against the US, judging from past practice and current efforts. Immediately after Election Day, we assess Russian intelligence began a spearphishing campaign targeting US government employees and individuals associated with US think tanks and NGOs in national security, defense, and foreign policy fields. This campaign could provide material for future influence efforts as well as foreign intelligence collection on the incoming administration’s goals and plans."

While the US and Russia may seem far away from the Asia Pacific or Middle East theatre, cyber attacks can occur anywhere in the world. In fact, the report's authors predict that Russia "will apply lessons learned from its campaign aimed at the US presidential election to future influence efforts in the US and worldwide, including against US allies and their election processes."

Source: Sophos. Jakobsen.

Taken to its ultimate conclusion, tampering with data could lead to attacks against states and societies, Joergen Jakobsen, Regional VP for Asia-Pacific and Japan at Sophos says. “Technology-based attacks have become increasingly political. Societies face growing risks from both disinformation (e.g., 'fake news') and voting system compromise. For instance, researchers have demonstrated attacks that might allow a local voter to fraudulently vote repeatedly without detection. Even if states never engage in attacks against their adversaries' elections, the perception that these attacks are possible is itself a powerful weapon,” he said.

Symantec's security experts also suggest that rogue nation states could align with organised crime for their personal gain using cyber attacks. "This could result in down time for countries’ political, military or financial systems," the Symantec experts said.

Source: Darktrace. Aurora.

Sanjay Aurora, MD, Asia Pacific, Darktrace says, “In 2017, attackers will use their ability to hack information systems not to just make a quick buck, but to cause long-term, reputational damage to individuals or groups, by eroding trust in data itself.”

The implications are far-reaching, Aurora notes. Medical test results or bank account balances can no longer be trusted if no one can determine if they have been tampered with, for example. Public opinion can also be swayed. “We have already glimpsed the potential of disrupted merger and acquisition (M&A) activity through cyber-attacks – is it a coincidence that the disclosure of the Yahoo! hack happened while Verizon was in the process of acquiring the company?” Aurora asked.

Kaspersky Lab researchers Costin Raiu, Director of the Global Research and Analysis Team (GreAT) and Juan Andrés Guerrero-Saade, Senior Security Researcher, Kaspersky Lab's GreAT, agree. “..as journalists and concerned citizens become accustomed to accepting dumped data as newsworthy facts, they open the door to more cunning threat actors seeking to manipulate the outcome by means of data manipulation or omission. Vulnerability to these information warfare operations is at an all-time high and we hope discernment will prevail as the technique is adopted by more players (or by the same players with more throwaway masks),” Raiu and Guerrero-Saade said.

Source: Gemalto. Tay.

Alex Tay, Head of ASEAN, Identity and Data Protection, Gemalto, said evidence is growing that stolen data is being altered before transitioning from one machine to another. "Data integrity is a promise or assurance that information can be accessed or modified only by authorised users. Data integrity attacks compromise that promise with the aim of gaining unauthorised access to modify data for a number of ulterior motives. It is the ultimate weaponisation of data," he said.

"Data integrity attacks have the power to bring down an entire company and beyond. Entire stock markets could be poisoned and collapsed by faulty data. The power grid and other Internet of Things (IoT) systems from traffic lights to the water supply could be severely disrupted if the data they run on were to be altered. And perhaps the greatest danger is that many of these could go undetected for years before the true damage reveals itself. What’s at stake is trust. Decision-making by senior government officials, corporate executives, investors and average consumers will be impacted if they cannot trust the information they receive."