LINEARSTACK
March 23, 2023

Preventing Data Diddling and Salami Attacks

Data diddling is one of the most difficult attacks to detect.

Data diddling is the alteration of data prior to the computer systems processing the request, then after the execution of the application, the hacker changes the data information bank. Adding one cent to people’s accounts would be a good example of this type of hacking. 

Salami attack

This fraudulent activity targets financial systems specifically. A bank employee inserts a program into the financial systems, which deducts a small amount of money from every customer's account no account holder will notice this unauthorised debit, but the bank employee will make monthly money.

A hacker "slices" away small sums of money from multiple accounts. 

Real-world cases of data diddling 

  • Michael Largent, a 21-year-old from California, wrote a program that allowed him to take advantage of the practice of challenge deposits, which companies like Google and others use to validate a client's bank account.
  • Verizon also cited that 85% of breaches in 2020 involved the human element, as phishing was present in 36% of breaches, up from 25% in 2019. Though not citing a specific number, Verizon noted business email     compromises doubled in 2020 and were part of an increase in social engineering threats.

NDMC Billing Case

The NDMC Electric Billing Fraud Case that occurred in 1996 illustrates how computers can be manipulated to defraud people. In this case, the computer network was used for receiving and recording electric bill payments by the NDMC, New Delhi. Automated collection of monies, accountancy, records maintenance, and cash transfer into the bank was solely left to a private company with a computer expert working for them. They misused the system to manipulate data so that they could claim fewer payments and less cash being transferred into the bank.

Vladimir Levin and Citibank 

The Citibank hack was the first significant cybercrime involving banks. In 1994, Russian computer programmer Vladimir Levin tricked Citibank's computers into transferring money to his account. He then used the money to buy goods and services in various locations around the world. Levin pleaded guilty in January 1998, admitting that he had hacked into Citibank's systems and obtained the customer information. 

Although Levin did not steal any money directly, he did gain control of funds belonging to others. Citibank denied that anyone within the bank helped Levin carry out the crime. However, no one has ever claimed responsibility for Levin's actions.

According to published reports (Citigroup), Citibank's internal systems detected suspicious activity involving two wire transfer requests totaling $26,800 and $304,000. When bank personnel contacted the Federal Bureau of Investigation, they could trace the source of the funds to an account belonging to Michael R. Levin, a resident of New York City. Telephone records showed that Levin had used his home telephone number to make the fraudulent requests. In addition, investigators determined that Levin had transferred money out of the United States through Western Union offices in Moscow, Russia.

How to prevent data diddling attacks?

Financial institutions, along with the customers, have several counter-measure options available to help stop diddling data attacks:

  • Users should regularly check their monthly transaction history and statement for suspicious activity. They can scan through these activities to detect unusual charges on their credit card. They should immediately report     anything odd to their financial institution if they notice anything abnormal.
  • To ensure that all applications don't contain unwanted or malicious codes, we must follow the OWASP (Open Web Applications Security Project) guidelines.
  • If you receive an email attachment or message asking for your banking information or asking you to click on a link to change your password, mark the email as a phishing message and delete it. Phishing attacks, including whale phishing, spear phishing, email, and barrel phishing, continue to impact global organisations. Security teams continue to spend human capital and organisational financial resources to help prevent data diddling and other     forms of data theft. 

Leveraging a managed security provider to help combat data diddling 

Managed security service providers offer services to help organisations with phishing attacks through the email channel. Data diddling attacks start with account takeover breaches from an email phishing campaign. MSSPs offer managed email security solutions, 24 x 7 incident response, and a Security center as-a-service to help give organisations resources and peace of mind when dealing with growing data diddling, ransomware, and email phishing attacks while maintaining compliance mandates. 

MSSP's also provided security awareness services tohelp educate the end-user community on the various phishing attacks and how to identify hackers attempting data diddling attacks and data exfiltration. 

Benefits of Managed Security Services Provider- LinearStack

LinearStack brings operational efficiencies with its security experts to help protect your data, respond to a cyber security incident, and protect your intellectual property. You are gaining peace of mind, lowering operational and infrastructure costs while maintaining a higher level of security and critical business drivers for hiring a managed security service provider.

Internal IT, SecOps, and DevOps focus on net-new tasks and projects and less on operational upkeep. Managed services provide the skills, services, and reliability. LinearStack can handle monitoring, security incident response, and system patch. The cost of an MSSP to handle these operational tasks will be less expensive.

Cyber essentials package for cybersecurity governance

Who is this for?

This package is designed for small and medium enterprises to help with cybersecurity governance to provide their security adaptive controls, incidents, and processes are functioning correctly. Cybersecurity carriers will audit clients before renewal to validate that all security controls and other requirements are working. Leveraging an MSSP like LinearStack will meet these requirements.

Our package covers all stages of cyber defence, from gap assessment, remediation, and road mapping to 24 x 7 threat detection and response. This service helps support vulnerability management, protection of e-commerce environments, and continuous compliance mandates and regulatory requirements.

Managed service services for the financial industry

Our Technology and Architecture Implementation services are designed for organisations that need security frameworks tailored to their existing IT infrastructure and organisational goals to help secure the next-generation retail customer experience.

Industry expertise

We live and breathe cyber security, which means we use the best software, know how to set it up for the best results, and learn how to run a robust program. You get access to the latest industry innovations and intelligence and a team of experts, so your team can sleep at night.

Specialist teams ready to respond

Seconds matter with security breaches, malware infection, and ransomware attacks. Our dedicated threat response teams are ready and alert, quickly identifying threats, searching through log data, making decisions, collaborating, and remediate incidents.

Culture

Founded in 2013 with a strong focus on world-class cyber security services, LinearStack was built from the ground up in Auckland, New Zealand. Our passion for making information security simple and accessible for all organisations is the fuel that fires our engine.

We’re a growing team of certified Cyber Defence Analysts, Threat Hunters, Incident Responders, CTI specialists, Malware analysts, security architectures, and engineers with two geo-redundant operations centers across the globe.

We’re 100% privately held, grown with a family mindset. When working with clients, we’re well integrated within their teams and act as an extension of their operations. Augmenting existing teams is a transition we manage smoothly, empowering our customers to prioritize cybersecurity strategy while we protect their business from cyber threats 24x7.

We believe maintaining thriving IT systems and assuring data protection are fundamental needs that all businesses deserve.

Contact Us

Want to know more about what we have to offer?  We'd love to hear from you

Get in touch with us today:

Phone: 0800 008 795

Email: info@linearstack.co.nz

Website: https://linearstack.co.nz   

Blogs

Start Reading

Our latest blogs and news are here for you

When to Leverage the Negative vs Positive Security Model

Ransomware is a threat all organisations face however, it is preventable. Read what you can do to prevent
Read More

What are Quantitative and Qualitative Risk Assessments?

Understanding cybersecurity challenges in 2023 with Quantitative and Qualitative risk assessments.
Read More

What is the ACID Compliance Framework?

Elements of the ACID framework, risks, and help.
Read More
Are you experiencing a security issue? Call us now.