An integrity attack (also called a data integrity threat is an attack that attempts to corrupt data. It is typically an intentional attack most commonly done by malware that deletes or modifies the content of a mobile device's address book or calendar. It also includes attackers encrypting sensitive or important corporation information and demanding a ransom for the data to be restored. '
Integrity attacks attempt to undermine trust in the data or the system itself. In an integrity attack on data, a file is accessed without authorization and altered to reflect some information other than what authorized users intend. An example of an integrity attack is someone accessing a system without authorization to change information in a file.
Additionally, an entire system may have its integrity compromised by having unauthorized commands executed on that system. An example might be malware that tells a computer to perform an operation without the authorized user's knowledge, while giving the authorized user feedback that the computer is operating as normal.
These types of attack are illegal under the Computer Fraud and Abuse Act.
- "Overview" section: Cybersecurity: Selected Issues for the 115th Congress, at 3.