Cyber Defense eMagazine August 2019
Cyber Defense eMagazine August Edition for 2019 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cybersecurity expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group
Cyber Defense eMagazine August Edition for 2019 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cybersecurity expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Data Manipulation Attacks Difficult To Detect But Preventable<br />
By Tim Bandos, VP of <strong>Cyber</strong>security, Digital Guardian<br />
Conventional wisdom says that once an attacker is in the system, moving laterally from network to<br />
network, the damage is already done. The adversary has found a way in and more than likely identified<br />
the data they’re after. They simply need to exfiltrate it—the last step of the kill chain―to land the final<br />
blow.<br />
In some scenarios, however, it’s what the attacker doesn’t do that could have a more devastating<br />
outcome on the enterprise.<br />
Data manipulation attacks—attacks in which adversaries don’t take data but instead make subtle, stealthy<br />
tweaks to data usually to elicit some type of gain―can be just as, if not more crippling for organizations<br />
than theft. The ability of attackers to manipulate and shift data around is a real threat, one that could<br />
cause widespread financial and even physical harm, if done successfully.<br />
Consider the stock market. Hypothetically speaking, if an attacker were to successfully breach the IT<br />
systems and databases responsible for updating a stock ticker symbol and manipulate data to show a<br />
billion-dollar tech giant like Apple, Microsoft, Google, or Amazon taking a nose dive, it would cause<br />
130