Henry Dalziel | Hacker Hotshots, Latest InfoSec News | May 11, 2013
We had an excellent Hacker Hotshot show with Phil Young May 7th titled: “Mainframed: The Secrets Inside that Black Box.”
Phil gave us a really interesting insight into the vulnerabilities that exist within mainframe computers. Of particular interest, and almost something which escapes most of us is that the world depends on mainframes as part of our critical IT infrastructure. We use mainframes in everyday life. However, like everything else that can compute – it is open to security issues, zero-days and vulnerabilities.
Mainframe computers, often referred to as ‘big irons’, are computers used to execute large repetitive tasks, or to, for example filter and analyze vast amounts of data. What separates the ‘men from the boys’ with mainframe computing is the ability to run for long periods of time – that’s the industry benchmark. High stability and reliability is therefore vital since owing to the nature of their purpose, any downtime could be deemed very costly and potentially disastrous. With that in mind, software upgrades can be particularly problematic since the machine(s) must communicate with each other to work like a tag-team and support each other during an upgrade and therefore avoid the dreaded downtime. Popular mainframe computers that offer this level of capability include IBM’s Z/OS and Parallel Sysplex, or Unisys’ XPCL.
What about mainframe security?
It seems that mainframe computers are more secure than traditional commercial desktop operating systems, which likely won’t come as any shock to you. Point in case, the NIST National Institute of Standards and Technology vulnerabilities database rate classic mainframes such as the IBM zSeries and Unisys models as being highly secure. However! We asked Phil about how a mainframe computer could be hacked by asking:
“Every system can have “zero day” vulnerabilities and with that in mind, do you think it is possible to hack an IBM Z System?”
Phil replied that with a resounding yes! Quote, “If you have been following me on Twitter and the Logica Breach (i.e. the hacking of the IBM mainframe of Logica, a Swedish IT firm that provides tax services to the Swedish government, and the IBM mainframe of the Swedish Nordea bank. One of the Pirate Bay founders is also implicated in this hack) which happened only a few months ago, the investigation is still on-going, there are zero-days, it’s just that no one has really taken a look at these systems.”
So, interestingly enough we even have a direct and recent example of a mainframe computer hack – allegedly executed by some of the Pirate Bay folk.
Other questions refer to the differences between SCADA systems and mainframe computers, the lack of professional expertise and DoS attacks – all that is available here.
We’d love to hear your thoughts – do you, or have you worked with mainframe computers? Are they secure in your opinion and what could be done to improve their security?