"I’m not personally aware of any instance where a mainframe has been hacked. However, I think the scarcity of such incidents is due more to a lack of technical expertise by would-be perpetrators than to the sound implementation of controls. [...] It used to be that only those relatively few users with TSO or ROSCOE could manipulate system files and execute routines that could harm the system, but with the introduction of OpenEdition MVS (now z/OS UNIX) and common TCP/IP-based network applications, many organizations, some unknowingly, have opened their systems to a much broader user base, including clients and business partners. This increased connectivity is unfortunately coupled with a lack of upkeep on RACF controls. Newer z/OS capabilities either aren’t being protected or fall under the scope of older, less stringent control settings. "
So said noted System z Security expert Bob Hansel to Stan H. King in the January edition of
z/Journal - The Resource for Users of IBM Mainframe Systems.
What about your system? RACF is impenetrable isn't it? Well, the article begins with the comforting revelation that in a trawl through news archives and trade journals: "When it came to unauthorized mainframe access by outside hackers, there wasn’t a single published report among nearly 850 full-text documents published over the last decade". Nice. But are we relying on Security through Obscurity? Has System z "never been hacked" because of it's relative reticence on the global stage, it's shy retiring nature well behind the corporate firewall and the comparatively closed shop of MVS/RACF experts looking after it worldwide? As that changes, and z owners exploit Unix System Services and Linux for z, will we find we're behind the curve, that the script-kiddies catch up with us and - worst case - they know more about security on the New Mainframe than we do?
Dumping Data from Deep-Insert Skimmers
17 hours ago