Salami attacks (also called salami slicing attacks) are cyber or fraud attacks where tiny, often unnoticed actions add up to a significant impact over time.
Common types of Salami Attacks include:
- Financial Rounding Attacks
- Skimming tiny fractions of money (like rounding errors) from many transactions.
- Classic example: taking $0.01 from millions of accounts.
- Data Salami Attacks (Information Leakage)
- Stealing very small pieces of data at a time to avoid detection.
- Over time, sensitive datasets are reconstructed.
- Resource Consumption Attacks
- Gradually consuming system resources (CPU time, storage, bandwidth) in small increments.
- Each action looks harmless, but the total impact is large.
- Privilege Escalation by Incremental Abuse
- Slowly exploiting minor permissions or logic flaws to gain higher access levels.
- Each step appears legitimate on its own.
- Code Manipulation Salami Attacks
- Inserting small, hidden changes into code (e.g., a few extra lines) that redirect benefits to the attacker.
- Often hard to notice during reviews.
- Time-Based Salami Attacks
- Stealing small amounts of processing time or execution cycles repeatedly.
- Common in shared computing environments
Geek Gurus