Data drives the modern enterprise. From making product and service recommendations based on past consumer choices to determining market opportunities and business risks to testing how a product or service will perform, data is embedded into almost every enterprise decision, interaction and process.
It’s nearly impossible to assure integrity and quality of data in real time, however. In fact, most organisations believe a third of their data is inaccurate in some way. This dirty data disrupts businesses and makes data a dangerous weapon for attackers to target and exploit.
3 dirty data cyber security concerns
The Information Security Forum (ISF) predicted dirty data will be the catalyst for the following emerging cybersecurity concerns by 2024.
1. Attackers will get good at poisoning data
In a bid to improve their success rates and evade law enforcement, attackers continue to experiment with new techniques and launch stealthier, more targeted attacks. Threat actors actively look for disinformation so they can damage the reputation of an entity, mislead consumers or influence the outcome of an event. ISF predicted threat actors will shift their attention toward illicit data manipulation to compromise the accuracy and credibility of information, thus puncturing the integrity of the data organizations use to drive their businesses forward.
2. Misleading signals will subvert cyber fusion centres
Cyber fusion centers are intradepartmental collaborative efforts designed to shoulder the responsibility of cybersecurity by facilitating communication between different teams. Fusion centers integrate automation tools and curate data from various sources to find insights that guide decision-making. ISF predicted attackers will exploit the influence cyber fusion centers have over business operations. Attackers will use misinformation and data distortion to cause security teams to chase and react to false events and intelligence data, inadvertently disrupting the businesses they are trying to protect.
3. Digital twins will double the attack surface
A digital twin is a digital replica of a physical thing, such as a wind turbine or a jet engine, that uses simulation and machine learning to collect data points based on real-world behaviors. Manufacturers are accelerating the adoption of digital twins to optimize product development, enhance tracking capabilities and predict business outcomes.
Since digital twins employ real-world data, anyone with access to the twin can see critical information about its physical counterpart. Attackers can use vulnerabilities in digital twins and other techniques, such as data subversion, to prolong manufacturing and supply chain downtime. Attackers’ efforts can be further assisted by poor defenses, internal network issues and inherent weaknesses in industrial control systems (ICSes), operational technology (OT) and IoT systems hardware.