From the course: Threat Modeling: Tampering in Depth
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Controls and authentication
From the course: Threat Modeling: Tampering in Depth
Controls and authentication
- [Narrator] When an attacker breaks into a cloud service they'll often tamper with the controls. With a personal account maybe they'll tamper with the password but either way they'll add their email or phone number to back up authentication options. They'll write email rules that cause your email to forward to them. That way you don't see they're telling people you're trapped in a hotel in London and the manager has your passport. Google will put a red warning at the top of your email when new forwarding rules are added. It can't be dismissed for a week. Attackers will tamper with permissions or add new accounts with different types of authorization. Sometimes they'll change your files. For example encrypting them for ransom. Logging can be an important part of detecting and responding to tampering. Logs should be a pend only and how much data they contain is a trade off. Should the system record diffs per change or…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.