Which of the following attacks entails interfaces to a system and adversely affects the integrity property of the well-known CIA triad the most? (Wentz QOTD)
A. Salami attack
B. Pharming attack
C. SYN flood attack
D. Data diddling attack
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is D. Data diddling attack.
Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.
Data Diddling Attack
Data diddling involves the change of data before or after they are entered into the system; it typically requires some form of interface, e.g., the user interface, application programming interface (API), or physical interface. For example, a payroll clerk might change the employee timesheet information before entering them into the payroll system.
The International Journal of Engineering & Advanced Technology found that salami, phishing, ransomware and cryptojacking attacks were among the four most common for financial gain. Salami attacks consist of a sequence of small, fraudulent transactions that can easily bypass detection but, combined, can result in considerable losses. These are some of the best practices to protect the platform from attacks:
Use the Application Programming Interface (API) to suspend or deactivate suspicious accounts or unusual activity when detected.
Stay informed of the use of disposable email domains that showcase signs of attacker activity, precisely when associated with an alarming number of user signups.
Audit for oddities in the rate or number of account signups or funding source additions, exclusively for those sharing similar characteristics such as bank account, email or name.
Forbid micro-deposit validation as the typical first step and use Instant Account/Bank Verification (IAV/IAB).
Scan for multiple accountancy that shares the same funding source by using bank account fingerprinting.
Incorporate guidelines that require validation of email addresses upon an end-user signup and multi-factor authentication for end-user login. Having these verifications in place makes automation of account abuse undoubtedly harder.
Administer limits to the number of bank accounts an end user can attach. This will also make it significantly more difficult for a fraudster to carry out an attack.
Source: Jenn Redlich
SYN Flood Attack
SYN flood attacks, which hinder availability, are a type of attack where an attacker sends many TCP SYN packets to initiate a TCP connection but never sends back SYN-ACK packets.
“Pharming is a cyberattack intended to redirect a website’s traffic to another, fake site by installing a malicious program on the computer.” (Wikipedia)
The following is an excerpt from Kaspersky:
Pharming, a portmanteau of the words “phishing” and “farming“, is an online scam similar to phishing, where a website’s traffic is manipulated, and confidential information is stolen. In essence, it is the criminal act of producing a fake website and then redirecting users to it.
Pharming is a type of social engineering cyberattack in which criminals redirect internet users trying to reach a specific website to a different, fake site. These “spoofed” sites aim to capture a victim’s personally identifiable information (PII) and log-in credentials, such as passwords, social security numbers, account numbers, and so on, or else they attempt to install pharming malware on their computer. Pharmers often target websites in the financial sector, including banks, online payment platforms, or e-commerce sites, usually with identity theft as their ultimate objective.
- What Is Pharming and How to Protect Yourself
- Salami attacks: Small deposits resulting in significant losses
- Types of Network Attacks against Confidentiality, Integrity and Avilability
以下哪種攻擊涉及系統接口並對著名的 CIA 鐵三角的完整性屬性產生最大的不利影響？ (Wentz QOTD)
B. 域名攻擊 (Pharming attack)
D. 數據欺騙攻擊 (Data diddling attack)