Cybersecurity is one of the most consequential issues impacting organizations across industries and regions; and data theft, ransomware, privacy breaches, and other forms of cybercrime are on the rise. Attacks like these that target the confidentiality and availability of information tend to be high profile and highly visible, as they concern data privacy and access. However, no less pernicious but less visible is another significant concern: attacks on the integrity of data and the rising threat of data sabotage.
The important role that data plays in society requires that it be protected. Any social, economic or political organization that makes decisions or provides information based on facts is at risk of sabotage. Suppose an adversary hacked in to a city’s systems for traffic lights on Election Day. As well as potentially causing traffic accidents, this would likely affect citizens’ ability to arrive at the polls before closing. Accusations of voting fraud dominated the news cycle in the wake of the 2016 U.S. presidential election; a serious situation in a democratic society, and current proposed U.S. legislation addresses concerns about Russian interference in the 2017 European elections. Beyond the political sphere, imagine the damage that skilled attackers could cause if they compromised an amber alert system, or manipulated data to change the information that streams from a stadium screen during a big game, announcing a bomb threat. By making small changes in data, criminals have the ability to influence the behavior of large groups of people, causing panic, confusion, and undermining their ability to make decisions.
Healthcare is just one example of an industry that has evolved rapidly to become a data-intensive environment, which depends on the electronic exchange of patient information. Part of this evolution has included the rise of multiple platforms to capture, store, transform, transmit, and view data, and these devices and networks are increasingly interconnected. When data is manipulated, all resulting information organized based on those data facts is flawed. Looking at healthcare specifically, if data integrity is lost, an individual’s blood test results entered into a database in March 2017 might appear substantially different when those results are reviewed in March 2019. Basing medical treatment and prescriptions on altered data could have devastating consequences for patients. Extend this level of data tampering to individual tax returns, business financial records, government jobs reports, graduate admission test scores, leaked political communications, or simply grades in a secondary school gradebook, and one can see the great risks inherent in loss of data integrity.
“If data loses its integrity, we stand to lose the common basis of fact.” ~ Edward Stroz, Co-President, Stroz Friedberg, an Aon Company
The broader cultural implications of living in a world in which confidence about what is factual has been undermined, and information sources lose our trust, are limitless. If data loses its integrity, we stand to lose the common basis of fact. The advent of fake news, and people reacting to false claims in the media as if they were real, is shining the spotlight on the powerful negative influence that attacks on information integrity can have. Organizations and individuals owe it to society to take the steps to foresee potential threats, certify data integrity is reasonably ensured, and provide people with a sound basis for believing integrity has not been compromised.
In an attack scenario, there are typically three qualities of information targeted: Attacks on confidentiality, integrity, or availability of the underlying data. Attacks on the availability of information are rapidly detected and designed to be noticed: the system is locked or goes down, and the victim must respond. Attacks on confidentiality are more difficult to detect. While it might take a hacker only eight days to breach a network, it typically takes six or more months to detect the incident. The most insidious attack is an attack on data integrity: the attack is largely silent, or invisible, and unless an organization is vigorously reviewing the accuracy of data, the victim might not even be aware that data manipulation has occurred. To secure data, we are called to protect data integrity with the same vigor and focus as we today protect data confidentiality. The new EU General Data Protection Regulation (GDPR), set to go into effect in May 2018, sets the bar in terms of giving attention to securing data confidentiality. Adhering to this regulation will require major adjustments to privacy programs for all EU-based companies, and companies that collect the data of EU citizens. Securing data integrity warrants the same level of thought, action, and protection.
Data integrity might be compromised for a variety of reasons, not all of which are criminal or intentional. For example, unintentional human error and transfer errors might result in data flaws, as might compromised hardware when a device or disk crashes. Alongside minimizing these types of unintentional errors, malicious causes of data integrity loss demand our attention. Organizations are at risk from the employee or other “insider” with access who deliberately tampers with data, and external adversaries who employ cunning techniques to corrupt data, including design and release of malware, hacking, and other cyber practices. Just as cyber criminals today deploy ransomware and demand bitcoin or cash payment, as in the case of Hollywood Presbyterian Hospital where staff members were locked out of computers and patient records were frozen, we are likely to see these same offenders exploiting data integrity attacks as an additional method of bringing distress upon victims. To combat this genuine threat, we need to take action before such an attack occurs, or what is sometimes called “getting to the left of ‘boom.’” We need to think in terms of what can be done by our adversaries, not just what has been done up to now; this requires pre-emptive strategy and action, rather than solely investigatory responses.
This is a manageable endeavor, and proven data protection methods can be utilized to meet this challenge. The first protection principle is fundamental: create redundant back-ups of critical data and Safeguarding Data Integrity in an Interconnected World develop a golden master, or a time-stamped, physically segregated and protected copy of the data, which becomes the basis of truth. Golden master copies are hashed using established hash algorithms to calculate an integrity checksum, which can be used later to verify that the data has not changed. Crucial databases can be replicated and data quality checks conducted at set intervals. For example, all prescriptions written each day at a hospital are saved to a golden master, and a hash value is calculated. To manage the risk of internal employees editing data, organizations can ensure access levels are appropriate to responsibilities and position, as cybersecurity programs can be undermined by excessive access. Holistically speaking, an organization’s overall cybersecurity posture can be strengthened by undertaking an assessment to evaluate cyber risks, conduct network and application vulnerability testing, and develop a resulting plan to improve defenses. Importantly, should data be compromised, organizations need a response plan in place to contain and mitigate damages, and rebuild trust.
Despite the widespread and destructive consequences of attacks on the confidentiality, availability, and integrity of data, cyber risk is one of the least understood risks for a large majority of organizations today. With the growing awareness of fake news and its influence on society, we may well be at a tipping point, with people recognizing that the news problem is just the tip of the iceberg. Once the integrity of some sources of data and information is lost, our ability to trust all data and information is eroded, which can lead to skepticism around what is being reported as the truth. Decision-making – whether in politics, business, or everyday life – becomes impossible if we lose the ability to discern between accurate and altered data.
These risks should serve as an impetus for organizations to work towards becoming cyber resilient: the ability to prepare for, withstand, and recover from unanticipated incidents. Additionally, there is an obligation for thoughtful individuals, across regions and disciplines, to take the lead in envisioning what our adversaries can and might do – and to protect society against it.
This piece by Ed Stroz was originally published in International Affairs Forum Spring Issue. Click here to read the full story from the IAF magazine.