These are the seven deadly sins of data tampering
Data Privacy Day is once again upon us, reminding individuals and organizations alike about the importance of protecting and securing data to avoid fraud. Last year, privacy was writ large: from the public outcry over big data collection/sharing by online giants, to the doubling of cyber fraud at banks, to global privacy legislation taking effect, including GDPR and the California Consumer Privacy Act (CCPA).
The authenticity of data is one of the most important factors when it comes to cyber protection. By 2020, 50 percent of organizations will have suffered damage caused by fraudulent data and software.
Data tampering and manipulation is an insidious threat that not only affects data privacy but, if left undetected, could have imputable consequences to brand reputation, national security or public health. Today's companies must safeguard the chain of custody for every digital asset in order to detect and deter data tampering.
- What is Data Privacy Day? Everything you need to know about this one-day event.
Threats borne out of the weaponization of data through tampering or manipulation spans all industries. For the sake of brevity, here are seven “deadly” scenarios of data tampering:
- Counterfeit parts: Trust, security and verification are crucial in the aerospace industry, where a counterfeit part or maintenance issue can cause a life or death situation. Beyond that, an estimated 15 percent of components in U.S. armed forces machinery are counterfeit.
- Food/drug traceability: Consider that more than one million people die annually from counterfeit drugs that enter the pharmaceutical supply chain. Food and drug manufacturers/pharma companies must be able to trace the supply chain for those items and have the ability to create a tamper-proof chain of custody that has the potential to save millions of lives.
- Software distribution: Software providers are continually challenged to integrate applications and code from partners and other third parties when developing technology. Bad actors often change source code in an attempt to take down a vendor’s network. They need the ability to verify that the software they’re using is authentic.
- Regulatory and compliance requirements: Companies within the automotive and utilities industries, in particular, must be able to verify that they comply with steep requirements and regulations. For example, utilities must be able to validate data from green energy-producing assets, such as wind and solar farms, for insurance, bond issuance, credits, and green certification purposes. And those within the automotive industry must be able to digitally seal sensor data, vehicle operation data and data collected from real-time maintenance, manual and self-driving operations and accidents for audit and litigation situations.
- Contracts, tax documents, legal documents: Financial information like bank statements,company accounts, and tax documents are some of the most sensitive files an enterprise owns. Every precaution should be taken to ensure they aren’t manipulated.
- Video and media assets: The emerging era of AI and deep learning technologies has made the creation of deepfakes easier and more realistic to the extent where a newly perceived reality is created. Admiral Michael S. Rogers of the U.S. Navy and Director of the NSA has said that data tampering could become the greatest cybersecurity threat organizations face — from a simple act of revenge by a disgruntled employee, to corporate espionage, or even a nation-state attack. As a result, the potential to undermine trust and spread misinformation increases like never before.
- Voter registration information and election security: Election systems are at risk of being inappropriately accessed or meddled with because of human error or bad security protocols. For example, voter registration databases can be breached and altered, and electronic vote tabulation can be exposed to data tampering.
Security is no longer just about protecting digital assets, it’s about ensuring that companies and organizations know whether their data has been tampered with and altered. As we celebrate the quest for data privacy, let us always strive to be able to verify the purity of our data.
- Dirk Kanngiesser is co-founder and CEO of Cryptowerk
- VPN services will protect your privacy. Check some of the best VPN out there.