Threat actors may insert, delete, or manipulate data in order to influence external outcomes or hide activity, thus threatening the integrity of the data. By manipulating data, Threat actors may attempt to affect a business process, organizational understanding, or decision making.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.