back to article Are state-sponsored attackers poisoning the statistical well?

Manipulation of small amounts of data among huge data sets could be an unrecognised threat to scientific organisations, security man Craig Searle says. Searle is founder of Melbourne-based security consultancy Hivint and says altering a few data points inside important databases - say those held by meteorological organisations …

  1. Oengus

    Database Checksums

    Have a table of Checksums for each "row" of data. That should be able to detect any unauthorised changes. People just need to place the appropriate level of importance on the data. If financial decisions are going to be made on the data, data integrity is paramount.

    1. BebopWeBop

      Re: Database Checksums

      Well it would have to be more than a simple checksum, it needs some form of block linking. But yes, if the information is important, or could be, it needs to be able to be validated for new analyses.

    2. Anonymous Coward
      Anonymous Coward

      Re: Database Checksums

      If financial decisions are going to be made on the data, data integrity is paramount.

      In some other universe, yes. But look at how all of Europe is beggaring itself with unaffordable energy policies on the basis of climate "science" based on ropey data (and often intentionally and selectively changed by the high priests of climate change) and even more ropey modelling and projections.

      On this basis, the UK is currently on course to build the single most expensive construction on earth, ever (Hinkley Point, for those who've been asleep for a hundred years). The threat of remotely tampered data would appear to be quite modest compared to what the loons have managed simply be changing it by hand.

    3. NotBob

      Re: Database Checksums

      Presumably, if you have the ability to change the data, you are either doing it before the checksum would be generated (such as by tampering with sensors or samples) or have access to change the checksum, too.

    4. Hargrove

      Re: Database Checksums

      A checksum would indicate that an unauthorized change had occurred. Further comparative analysis would be needed, I believe, to pin down what data had been changed. Other measures and procedures would be needed to do effective forensic analysis to determine "when" and "who."

      Hacking of personal information for financial gain gets the lion's share of the press. Nation states are apt to be more interested in hacks on other types of data (for example data tables used in national telecom and electrical power systems or ATC).

      The choice of weather data as a potential target was interesting for a number of reasons. Maybe for another post if that develops as thread of discussion.

  2. Robin Bradshaw

    This somewhat presupposes Governments make decisions based on scientific data.

    I haven't seen any evidence this is the case in the UK.

    1. Fehu
      Pint

      ...Or anywhere else for that matter.

      Maybe we should do a study to see if there is any relation to the quality of the data provided and the decision gov't types ultimately make. It probably would be inverse, if at all.

    2. Terry 6 Silver badge

      Since the whole basis of the Austerity Programme was an error in a giant spreadsheet, but is still with us, who needs foreign hackers to change the data?

      http://www.theguardian.com/politics/2013/apr/18/uncovered-error-george-osborne-austerity

  3. Nixinkome

    Try drinking this!

    Accepted. It can be done and would require minimal alteration to skew results once if not repeatedly. Furthermore, such may be hard to detect.

    But why? Blame it on the Norks? Actually, other individuals/nations have interests in the seas and airs etc. Take Japanese 'scientific' whaling and Thai seafood harvesting slaves, the warming debate, geology which seems to have no end of claimers and counter claimers and air pollution caused by even Man's attempts to escape from this world.

    Big data is fine if collected with consent and properly analysed for the common good but distorted...?

  4. Anonymous Coward
    Anonymous Coward

    So THAT is why the summers aren't as good as when I was a boy!

    All down to hackers, making changes to the summer generator parameters. I think I shall write to my MP asking for such badness to be prohibited - maybe new legislation "Down With Things Like That! (2016)"

    1. Pascal Monett Silver badge
      Trollface

      Right, because new legislation has always been so efficient at stopping bad things from happening on the Internet.

      1. Anonymous Coward
        Anonymous Coward

        Well, I had a study that proved just that! Then I started reading this article.

    2. Hargrove

      Re: So THAT is why the summers aren't as good as when I was a boy!

      maybe new legislation "Down With Things Like That! (2016)"

      Your suggestion may be tad late. Faced with amorphous and diffuse global terrorist and cybersecurity threats, legislative bodies in the US and EU are opting increasingly for legislation that empowers those who govern to interpret the law case-by base on a "We know bad when we see it" basis.

      Always implied, and often stated is the tag line, "You can trust your government."

      That has never worked out well for those who buy into it.

      We live in interesting times, and advancing technology and geopolitical change may ultimately force societies to accept that governments need this kind of flexibility to protect their citizens. We can have a free society only if such powers are constrained by laws imposing the most draconian penalties for their abuse. Unfortunately, most of us live in countries whose codes of laws have been carefully crafted to protect those who govern from the consequences of their official actions,

      We have decades and miles to go.

  5. Doctor_Wibble
    Black Helicopters

    Anomalous point ignored or averaged out

    The problems come when visualising with coarse-grained data and calculating with fine-graned data - it might *look* just fine...

    Just like a well only appears on a map when someone marks it, it does not appear when you render the terrain (with coarser-grained data) but if you have something relying on the fine-grained data for guidance then its altitude monitor it going to hit a panic when it realises it's suddenly flying 50 feet too high and drops to compensate, trashing the barn in a cloud of chicken feathers and a burning tyre whizzing past the camera.

    Cunningly placed anomalous points can make the software think there's a problem and make it avoid it and either land a bit early or get spotted by radar (etc).

    Helicopter, because 'unexpected item in flying area'. And secret bases hidden between the even-numbered coordinates.

  6. Version 1.0 Silver badge

    The sky is falling!

    We're assuming that the database is accurate to begin with - it's probably not. Sure, some bad actor could modify it but equally data corruption, typos, programming errors are factors too.

    Sounds like Security click-bait to me.

    1. allthecoolshortnamesweretaken

      Re: The sky is falling!

      So, how are the chances that a Bad Actor's tampering with the data actually corrects it?

      Anyway, that's not how proper decisions are made. First, you decide what you want to do. Then you find the right data to support your decision.

      1. Terry 6 Silver badge

        Re: The sky is falling!

        And if you can't scrape up some evidence, you do it anyway.

  7. Denarius
    Unhappy

    possible economic warfare

    Might be feasible to encourage special interest groups prone to confirmation bias to lobby harder for something that benefits a clandestine hostile actor. Say, a newly industrialised country encouraging the shutdown of CO2 emitting industries in developed world so the work comes to hidden influencer ? A variation on Vince Packhards book. Not suggesting this happens. After all, all pressure groups are too clever to know when they are being used as useful idiots, aren't they?

    Have to agree with above commentards about evidence not convincing governments so no point using data skewing to change policies.

  8. The Nazz

    Prior Art?

    Didn't the UoEA prove this very point?

    Maybe they patented their process.

    Maybe not.

  9. chivo243 Silver badge

    As mom would say

    ...garbage in garbage out...

    1. ecofeco Silver badge

      Re: As mom would say

      My mom would say did I take the garbage out and if not, why not and do it now!

  10. Frank Bitterlich
    Boffin

    This can have grave consequences...

    The consequences of this could be immense.

    Like, for example, the PR dept having to change their boilerplate "We were breached, but haven't seen any evidence of ID theft, here, have some free 'credit protection' service anyway..." pre-cooked response to any kind of security incident.

    Or, "Sir, looks like we need one of these 'firewall' things. Yes, I know, it's just weather data, but the internet said we're being targeted too. Yes, I know two hundred bucks is a lot of money... maybe we can get the gov't to spen 0.0001% more on the data we sell to them..."

  11. Anonymous Coward
    Anonymous Coward

    You don't need hackers to do anything ..

    .. if it involves politicians or marketing people.

    Both of these make up their own statistics anyway, changing the facts on the ground won't make a difference to their predetermined outcome.

    On the serious side, though, I don't know if governments around the world realise that their politicians could be slowly poisoned by the caterers they have. They should take immediate action!

    (Just as plausible. Stop the chicken little routine and give me facts).

  12. Roo
    Windows

    Backups...

    This why folks have immutable backups and validate them against a presumed/known good dataset every so often (and the backups are fingerprinted and/or checksummed).

    The dude is right to point this particular issue because frequently folks justify lax security with an assumption that their data isn't important or sexy to crackers.

    There were some posts made to comp.arch some time ago stating that software really should be doing it's own data integrity checks as it processes data (ie: don't rely on the storage/network/internal databuses getting it right), they made some good arguments and it could be done fairly transparently to coders - yet allow folks who care to implement application specific checks (for example you could tune the integrity checks for low-latency or power conscious apps). I think this model may eventually become necessary for cloud large scale distributed apps rather than a "nice-to-have" - simply because you have so little control or visibility of the underlying hardware, so when things go wrong it's ranges from hard to impossible to nail the root cause. I been seeing this happen every week for about 20 years, so app devs will be forced to bite the bullet sooner rather than later.

    The the embedded & grey-beards have already used this approach in times gone by (some probably still do). I've seen some old bits of code with checksums embedded in "main memory" resident data-structures. At a particularly dire workplace I employed these techniques (and more) to work around a dev box with flakey memory and an IDE controller that randomly zeroed sectors. You are obviously limited in what you can "resolve" in software, but being able to detect data corruption in the first place can be a great help. :)

  13. davidp231

    Don't some .govs just make the figures up anyway?

  14. Anonymous Coward
    Anonymous Coward

    Damn cunning

    Damn these 'State Sponsored' bad actors are so smart, they sneak in and poison your stats with their subtle outliers. So subtle that you didn't exclude them, yet not so subtle as to screw with a statistical model.

    Weapons of mean destruction?

  15. Ilgaz

    There are companies who are more powerful than states

    Countries, governments are the usual suspects because of the massive money and computing power they have. It could be any other power, like a huge petrol company poisoning the climate data so couple of sold out scientists can "prove" or at least create suspicion that global warming isn't that bad for instance.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like