Is my data corrupted, tampered with, or impacted by outside threat actors?
C.I.A.
A lack of integrity in an environment can lead to credential misuse, meaning attackers can manipulate data to achieve various objectives without doing something as noisy and noticeable as encrypting or exfiltrating the data.
Example – Drug Theft
Like most veterinary hospitals, they were in dire need of a new veterinary technician. They hired a new technician and everything seemed to be going smoothly. Until they audited their Avimark user rights.
They found that the tech had been filling tramadol prescriptions for their clients. Taking the drugs off the shelf and then going in and deleting the transaction. It wasn’t until her credentials were updated to a “least privilege policy” that the practice manager was able to find the issue with the data integrity and what was happening.
Example – Cloud Backups
A hospital in Arizona fell victim to a ransomware attack in November 2020. They were paying to have the Avimark data backed up to a cloud service. When they went recover Avimark from the cloud backups they noticed that they only had data as late as February 2020.
The integrity of the backups were never tested. And even though they had backups they still lost almost a years worth of data.
”Hackers are breaking the systems for profit. Before, it was about intellectual curiosity and pursuit of knowledge and thrill, and now hacking is big business.
Kevin Mitnick – Cyber Security Expert