Week 6 - STRIDE: Tampering
Alright, let me get back on track. This week, I'd like to continue to
the "T" mnemonic of STRIDE: Tampering. It is a little bit more difficult
to find information about data tampering comparing to Spoofing but let me share
what I know. Tampering can be either physical tampering, electronic
tampering, or digital tampering.
Physical Tampering
In the 1990s, 1980s, or even before that, there were a few car dealers and private owners sold their cars with lower mileage than what they had. Later, it was found that the odometer could be rolled back. Since then, the mechanism has been improved and it is more complex for mechanics to change. Other car-related tampering includes car door lock and starting tampering. In fact, I had done this on my own car once about over 15 years back. I left my key somewhere which I thought it was in the car. After a few minutes playing around with the door with what I can find in the parking lot, I managed to get the door open, just to find the key wasn’t inside. With much disappointment, I decided to short wired the car to get it run so I can get home. That wasn’t difficult for me because of my experience in car starter installation.
The most frequent types of tampering in homes and buildings are gates, doors, and windows. After all, those are the obstacles that the attackers must first pass. Some door lock tampering techniques are picking, bumping, and jamming. Some good lock picker can open door lock within minutes without leaving any trace. Lock bumping can even be faster, but it is noisy and can leave marks. So next time when you open your door, look for signs of damage near the opening. There are pick proof and bumping proof locks that you can buy. They are usually expensive. Lock jamming usually happens at workplace or hotels, where people can follow you without notice. The attacker would use thin material like a credit card to slide in between the latch bolt and the strike.
Electronic Tampering
If you ever watch war movies, you probably saw spies and soldiers intercept the enemy’s communication transmission and then modify the signal to scramble the information or even modify the contents. It is done by changing the frequency. Another example is the GPS jammer devices. This is used by the consumers to block GPS signal from transmitting which then prevent being tracked. That is a legitimate use of the signal jammer. Illegal usage can be intercepting, say, airplane signal and send a different signal that would mislead the control center. No! Don’t do that.
Another the type of electronic tampering that some satellite TV users may know about. That is modifying the free-to-air satellite cable box’s firmware to decode satellite TV provider’s signal. In this case, the act of modifying cable box may not be illegal but the act of watching subscribed TV free is illegal.
Digital Tampering
Digital tampering can happen in storage, during processing, and while in transmission. One of the most famous data tamperings in storage is the ransomware attack. Once infected with ransomware malware, the infected computer’s files are modified (usually encrypted) and became not readable until the attacker provides the code to undo the change. Another example is the second famous attack, SQL injection. The attacker could send some special string to the SQL server causing it to modify the existing data in the database. Modifying the data during processing is usually the work of the computer virus. The virus is capable of modifying data in memory. When an infected file is executed, the virus extracts its code block and attach to another file or block of memory. When talking about data tampering while in transmission, there is nothing more suitable than the man in the middle attack. The man in the middle attack usually refer to the attacker capturing message transmitting over the network and replace it with a different identity. However, it could be the identity of the sender or receiver, or the data itself.
Physical Tampering
In the 1990s, 1980s, or even before that, there were a few car dealers and private owners sold their cars with lower mileage than what they had. Later, it was found that the odometer could be rolled back. Since then, the mechanism has been improved and it is more complex for mechanics to change. Other car-related tampering includes car door lock and starting tampering. In fact, I had done this on my own car once about over 15 years back. I left my key somewhere which I thought it was in the car. After a few minutes playing around with the door with what I can find in the parking lot, I managed to get the door open, just to find the key wasn’t inside. With much disappointment, I decided to short wired the car to get it run so I can get home. That wasn’t difficult for me because of my experience in car starter installation.
The most frequent types of tampering in homes and buildings are gates, doors, and windows. After all, those are the obstacles that the attackers must first pass. Some door lock tampering techniques are picking, bumping, and jamming. Some good lock picker can open door lock within minutes without leaving any trace. Lock bumping can even be faster, but it is noisy and can leave marks. So next time when you open your door, look for signs of damage near the opening. There are pick proof and bumping proof locks that you can buy. They are usually expensive. Lock jamming usually happens at workplace or hotels, where people can follow you without notice. The attacker would use thin material like a credit card to slide in between the latch bolt and the strike.
Lock Pick (Bing)
Electronic Tampering
If you ever watch war movies, you probably saw spies and soldiers intercept the enemy’s communication transmission and then modify the signal to scramble the information or even modify the contents. It is done by changing the frequency. Another example is the GPS jammer devices. This is used by the consumers to block GPS signal from transmitting which then prevent being tracked. That is a legitimate use of the signal jammer. Illegal usage can be intercepting, say, airplane signal and send a different signal that would mislead the control center. No! Don’t do that.
Another the type of electronic tampering that some satellite TV users may know about. That is modifying the free-to-air satellite cable box’s firmware to decode satellite TV provider’s signal. In this case, the act of modifying cable box may not be illegal but the act of watching subscribed TV free is illegal.
GPS Jammer (www.thesignaljammer.com)
Digital tampering can happen in storage, during processing, and while in transmission. One of the most famous data tamperings in storage is the ransomware attack. Once infected with ransomware malware, the infected computer’s files are modified (usually encrypted) and became not readable until the attacker provides the code to undo the change. Another example is the second famous attack, SQL injection. The attacker could send some special string to the SQL server causing it to modify the existing data in the database. Modifying the data during processing is usually the work of the computer virus. The virus is capable of modifying data in memory. When an infected file is executed, the virus extracts its code block and attach to another file or block of memory. When talking about data tampering while in transmission, there is nothing more suitable than the man in the middle attack. The man in the middle attack usually refer to the attacker capturing message transmitting over the network and replace it with a different identity. However, it could be the identity of the sender or receiver, or the data itself.
Comments
Post a Comment