Open Threat Database

All threats

ETL Pipeline Manipulation

high

etl-pipeline-manipulation

Attacker modifies data transformation logic or job definitions to corrupt data, exfiltrate information, or inject malicious content

TamperingInformation DisclosureElevation of Privilege

MITRE ATT&CK techniques

IDNameTactic
T1565 Data Manipulation Impact
T1078 Valid Accounts Persistence

Common Weakness Enumeration

Mitigating controls

ctrl-etl-1
Implement strict access controls on pipeline definitions
ctrl-etl-2
Use version control and code review for transformation logic
ctrl-etl-3
Monitor pipeline modifications and execution patterns
ctrl-etl-4
Implement data validation at pipeline stages
ctrl-etl-5
Use separate credentials for pipeline execution with least privilege

References