Infosecurity Europe 2010: Data integrity attacks to become more common, say experts

Data integrity attacks are likely to become a common method of attack by cybercriminals as other systems become increasingly locked down, say IT security...

Data integrity attacks are likely to become a common method of attack by cybercriminals as other systems become increasingly locked down, say IT security analysts.

"This is one of the least recognised issues in information security," said Bob Tarzey, director at research firm Quocirca.

The IT security industry has concentrated on data availability and protection, but integrity has largely been ignored, according to Sarb Sembhi, president of the London chapter of ISACA.

Standards exist for methodologies and audit guidelines are in place for managing risks to data availability and data confidentiality, but there is no such guidance for managing threats to data integrity, he said.

The integrity challenge is quietly building up into a dangerous exposure, according to David Lacey, an independent security researcher.

The biggest threat is that an authorised user could gain access to an organisation's IT systems and deliberately change data for financial gain, spite or revenge, Lacey said.

Data integrity attack

A classic example of how a data integrity attack can be used for financial gain is the case of Brazilian logging companies which accessed government systems to inflate logging quotas, said Tarzey.

"If there are not specific processes in place, unauthorised data manipulation may be detected only years later or never," he said.

Tarzey, who is researching data integrity attacks, is to lead a debate on the extent to which these kind of attacks are becoming a silent killer at Infosecurity Europe 2010 at Earls Court in London from 27 to 29 April.

It is difficult to determine how widespread, common or damaging these attacks are because there is no legal requirement for organisations to disclose incidents of data manipulation as there are for data breaches, said Tarzey.

"I expect the panel debate, with input from delegates to the Infosecurity Europe event, will tease out a clearer picture of how big a problem this has already become in the UK," he said.

A survey of 420 organisations by Infosecurity Europe has revealed that more than a quarter (28%) have been targeted by data integrity attacks, said Tarzey.

"Add to this the fact that most of the others simply do not know, and this looks like it could be a growing problem," he said.


In the absence of adequate data integrity protection solutions and services aimed at protecting every type of data, IT security professionals need to create policies and procedures to limit their organisations' risk of data integrity attacks, said Sembhi.

These should include processes to check data quality and integrity, to identify the extent of the problem, to record incidences of data integrity compromises, and to raise awareness of the importance of protecting and monitoring the integrity of data, he said.

The most obvious way for organisations to tackle this threat would be to implement good access control and intrusion detection systems, said Tarzey.

Organisations that deal with large quantities of sensitive information, may also want to consider putting protection around each piece of data to guard against data integrity attacks, he said.

"We may see the emergence of this belt and braces approach to enable organisations to have a high degree of visibility and control of sensitive information," said Tarzey.

Read more on Hackers and cybercrime prevention