Data cyberattacks: New cybersecurity frontiers in digital vandalism and terrorism

• Author:
• Author name

  Quantumrun Foresight
• July 28, 2022

Insight summary

Data manipulation and cyberattacks present a significant threat to research and data integrity, involving actions such as erroneous data entry, omission, and falsification. These attacks can lead to incorrect conclusions, fraud, and various malicious outcomes, making them challenging to defend against. Their disruptive impact includes financial losses, time-consuming security measures, and the need for a holistic cybersecurity plan. 

Data cyberattack context

Data manipulation or cyberattacks pose a significant threat to research and data. These attacks involve compromising the integrity of information, including editing data to achieve a hacker’s desired outcome. Such cyberattacks can be implemented by introducing data entry errors, coding mistakes, or altering and adding information. Data manipulation can lead to incorrect conclusions being drawn from data sets and can even be used to commit fraud.

There are three main types of data manipulation: 

• Erroneous data: This manipulation occurs when data is entered incorrectly, either by mistake or on purpose. This action can occur when someone misreads a number, mixes up two digits, or deliberately changes a figure to skew results. Erroneous data can also be introduced intentionally to manipulate results.
• Omission: This manipulation occurs when data is left out deliberately. This omission can be applied by excluding specific data points from a data set or only including data supporting a particular conclusion. Omission can also happen accidentally if data is lost or forgotten.
• Falsification: This manipulation involves the act of changing data to make it appear more accurate or reliable than it actually is. This falsification can be performed by altering figures, adding fake data points, or removing outliers. Falsification can also involve cherry-picking data, i.e., only selecting data that supports a particular conclusion while ignoring contradictory evidence.

The goals of data manipulation hackers are as diverse as the organizations they target, making this form of cyberattack challenging to defend against. Data manipulation attacks can be used to make a profit, cause chaos, or even receive support from a rival organization. With the goals of these attacks being so varied, organizations need to be aware of how they can protect themselves from these creative threats.

Disruptive impact

Cyberattacks on data can cause businesses to lose money. The attacker might change a wire transfer or payment to go to the wrong person. They might also change links on websites so that people go to a fake website where they can steal login information or download malware. Data manipulation attacks also include manipulating essential data, customer details, and pricing information. In many cases, it may not be possible to identify the full extent of the damage by such cyberattacks. 

Moreover, addressing data manipulation attacks can be very costly in terms of time and manual labor. Organizations must regularly check and double-check all legacy data and information about customers, leads, competitors, and prices. Some solutions and security checks include integrity checking, file integrity monitoring (FIM), endpoint visibility, logging activity, and implementing encryption. However, each of these methods have their limitations. For example, integrity checking can be labor-intensive and time-consuming, while logging activity may not be highly effective. Implementing encryption technology can also be costly.

The best way to protect against data manipulation attacks is to have a holistic, robust cyber security plan. This plan should include measures to prevent attacks and steps to follow in the event of an attack. Governments, such as the US, Australia, and Luxembourg, have also released cybersecurity legislation that aims to minimize the economic damage of novel cyber threats.

Implications of data cyberattacks

Wider implications of data cyberattacks may include: 

• Select hackers and hacker groups continuously altering sensitive information held by their target organizations, such as medical records and government documents, leading to data manipulations being equated to a new form of terrorism.
• Healthcare providers instituting a range of cybersecurity measures to safeguard patient data, with insurance companies offering tailored packages to address misdiagnoses and patient blackmail resulting from data manipulation.
• Escalation in the prevalence of misinformation campaigns, particularly during elections, involving the proliferation of deep fake videos and voice cloning techniques.
• Cybersecurity vendors specializing in the development of industry-specific technologies designed to protect clients from various forms of data manipulation, potentially incorporating the employment of ethical hackers to identify vulnerabilities within systems.
• Financial institutions facing increased susceptibility to data tampering incidents, leading to suboptimal investment decisions and requiring heightened vigilance in securing financial data.
• Greater emphasis on developing and implementing circular economy principles within the cybersecurity industry, fostering more sustainable practices in data protection and risk mitigation.
• The government's establishment of new legislation to strike a balance between innovation and data privacy protection, ultimately enhancing consumer trust in data security practices.
• The emergence of innovative solutions to combat data manipulation, leading to the integration of cutting-edge technologies to strengthen data security.
• The evolution of data cybersecurity as a critical component of national security, requiring closer collaboration between governments and private sector entities to mitigate the risks associated with cyberattacks.

Questions to consider

• Has your organization experienced a data manipulation attack?
• What policies does your organization follow to protect its sensitive information online?