salami slicing attack

1 Comment / Business, Cryptography, cryptojacking, Cyber Attack, Cyber Security, Defense Military, Design / By

A salami attack is when you take a very small amount of money from an awful lot of accounts. The canonical example is a bank programmer depositing sub-cent amounts of interest in a special account. These rounding errors add up.I’m trying to find the first actual documented theft or attempted theft using this attack.I’m hoping that a reader will know, when the first reports of salami attacks came out.This cyber attack, in theory, takes a small amount of data from a transaction. Imagine a big chunk of salami and a meat slicer. Every push of the meat slicer takes a small piece away.

In the salami technique, cyber criminals steal money or resources a bit at a time. The key here is to make the alteration so insignificant that in a single case it would go completely unnoticed. E.g. a bank employee inserts a program, into the bank’s servers, that deducts a small amount of money (say Rs. 5 a month) from the account of every customer. No account holder will probably notice this unauthorized debit, but the  cyber criminal will make a sizable amount of money every month.
The classic story about a salami attack is the old ” collect-the-round off ” trick. In this scam, a programmer modifies arithmetic routines, such as interest computations. Typically, the calculations are carried out to several decimal places beyond the customary two or three kept for financial records. For example, when currency is in dollars, the round off goes up to the nearest penny about half the time and down the rest of the time. If a programmer arranges to collect these fractions of pennies in a separate account, a sizable fund can grow with no warning to the financial institution.

EXAMPLE 1:

An employee of a bank in USA was dismissed from his job. Disgruntled at having been supposedly mistreated by his employers the man first introduced a logic bomb into the bank’s systems.
Logic bombs are programmers, which are activated on the occurrence of a particular predefined event. The logic bomb was programmed to take ten cents from all the accounts in the bank and put them into the account of the person whose name was alphabetically the last in the bank’s rosters. Then he went and opened an account in the name of Ziegler. The amount being withdrawn from each of the accounts in the bank was so insignificant that neither any of the account holders nor the bank officials noticed the fault.

It was brought to their notice when a person by the name of Zygler opened his account in that bank. He was surprised to find a sizable amount of money being transferred into his account every Saturday.The salami theft is considered as a technique which is regarded as one of an automatic form of the crime.This covers a part of a financial crime involving secret execution of an unauthorized program that causes the unnoticed debiting of a small amount of assets or money from a large number of sources or accounts .It gained the Popularity from the fact that the small slices of profits are to be taken without noticeably reducing the whole amount.The Person, who was really responsible for slicing, then sneaks away with all the stolen pieces. From another angle, the person deceptively acquires the whole slices, formed by aggregating those tiny slices of the source ; Of course, it is to be  considered the potential danger of the salami attacks, we must consider an example of salami slicing, well known as penny shaving or penny slicing that is as mentioned.

EXAMPLE 2:

If we consider a banking system, the DD (Demand Deposit)  system of programs for checking accounts could be changed or can be modified  (using the unauthorized  method or the illegal methods ) to randomly reduce each of a few  thousand  accounts by 1 rupee or 2 rupees by transferring the money to  the  persons favored account, where it can be withdrawn through authorized methods.i.e is to make the black money white.No controls and checking mechanism  are violated because the money is not removed from the system of accounts. Instead, very small amounts of funds are merely rearranged, which the affected persons rarely notice. Many such variations are possible.

Prevention Tips :

  • Contrast programs and files that may contain checksums with backup versions to determine the veracity loss.
  • Write-protect the diskettes, more than ever when testing an untrusted computer program.
  •  Prevent booting a hard disk drive system from a diskette.
  •  While transferring files from one computer to the  another, use diskettes that does not have an executable files that strength  to be infected.

EXAMPLE:

A company that protects personal account information of a customer has to be on the lookout for individuals who wish to put them in a compromising situation when it comes to another’s funds. Raj B Lonsane states that it is important to know how to tackle this from an angle that is highly sophisticated.

a) Banks have to update their security so that the attacker doesn’t familiarize himself/herself with the way the framework is designed. before finally hacking into it states Raj B Lonsane.

b) Raj B Lonsane adds that banks should advise customers on reporting any kind of money deduction that they aren’t aware that they were a part of. Whether a small or big amount, banks should encourage customers to come forward and openly tell them that this could mean that an act of fraud could very well be the scenario.

c) Most important according to Raj B Lonsane is that customers should ideally not store information online when it comes to bank details. But of course they can’t help the fact that banks rely on network that has all customers hooked onto a common platform of transactions that require a database. The safe thing yo do is to make sure the bank/website is highly trusted and hasn’t been a part of a slanderous past that involved fraud in anyway.

How to identify the salami attack

The only way to detect salami attack according to me is to perform rigorous box testing by checking each and every line of code which is exhaustive but that’s the only way.

Detection of Salami Attacks

There is no software application or algorithm for detection of salami slicing. Identifying this type of publication misconduct is complex because salami publications do not often include text plagiarism so that manuscripts can easily evade strict software checking. Only under the rare circumstances of encountering both the original and the salami manuscript can some editors or reviewers suspect salami publication. Even though there are no objective ways to detect this sort of redundant publication, manuscripts suspected of being salami publications often report on identical or similar sample size, hypothesis, research methodology and results, and very often have the same authors.

There are several technical methods that are available :

  1. A very specialized detection checksum can be built into the suspect program to determine the salami attacks.
  2. A snapshot storage space dump listing could be obtained at times in alleged program.
  3. The identifiable amounts are being taken, which can be traced.
  4. Iterative binary search for matching halves of all accounts is another costly way to segregate an felonious account.

Salami slicing is not so popular, but still it happens in few places. In movies also salami slicing has taken its role, For example movies like SUPERMAN III, HACKERS and OFFICE SPACE, where the special characters are being the role model and inspiration for the younger generations, but even in movies they teach en number of illegal activities which is really not required for real life. actually salami slicing was introduced by orthodox communist leader MATYAS RAKOSI in the year 1940, to describe the action of the Hungarian Communist Party. Then, it was used by the nazi party to attain the full power of Germany in 1933.

 

1 thought on “salami slicing attack”

Leave a Comment

Your email address will not be published. Required fields are marked *

2 + seven =

Protect your system, protect the future of your business.

Let's Talk