Manipulation of Key Performance Indicators (KIPs) is one of the most effective strategies for inflicting threatening damage to a company or enterprise. Typically, mitigation strategies focus on either encrypting and/or signing information in order to defend its integrity against attackers on a file level or during data transfer. Unfortunately, most modern Business Intelligence (BI) solutions rely on data provisioning from databases, which are often seen as monolithic and secure black boxes. In reality, databases are highly complex systems that allow all sorts of optimizations for data provisioning, including possibilities for data enrichment and manipulation. Typically, they also feature multiple users with different access privileges, resulting in an environment, where attackers with a certain level of knowledge can easily manipulate data in a way that even circumvents log-based countermeasures or data-level sanity-checks.
Through our extensive scientific work in the area of database forensics, we can provide additional services in the detection of, even temporary, attacks against the integrity of vital business data stored in MySQL databases. Furthermore, we can provide architectural solutions to ensure the uncovering of manipulations, even if the attacker is in the possession of administrator privileges.