Mainframe Security, Sometimes Overlooked, But Not by Hackers.
Weaknesses of mainframes, which support some 90% of all credit card transactions, often are overlooked by organizations that perceive the platforms as more secure and protected against hacking.
According to IBM, their mainframe systems currently support 87% of all credit card transactions, nearly $8 trillion in payments a year and 29 billion ATM transactions. Ninety-two of the world's top 100 financial institutions rely on the IBM mainframe because of its ability to efficiently process huge volumes of transactions. While IBM's latest mainframe models encrypt transactional data, the vast majority in the field expose significant vulnerabilities.
New York, N.Y. and Tel Aviv, Israel-based Illusive Networks introduced Mainframe Guard which enables the inclusion of mainframe systems into an integrated deception solution architecture to protect critical business services from advanced persistent threats and other high-impact attacks.
Mainframes also falls victim to lack of tools and talent to configure security controls or implement upgrades. Plus, organizations sometimes view mainframes as untouchable because configuration changes could cause business disruption.
"We've seen a trend toward more direct attacks on applications and transactions. As attackers go after higher-value targets, we expect financial institutions and global enterprises will incur more attacks directed at their mainframes," Ofer Israeli, Founder & CEO of Illusive Networks, said. "Beyond data theft, organizations should consider mainframes as a target for espionage because they're a nerve center for vast volumes of transactional data. From a single location, an attacker could gather significant competitive or strategic intelligence."
Israeli added sophisticated attackers can bypass data encryption and impersonate other users to conceal their actions and gain access to sensitive data. "Organizations committed to providing the utmost protection against cyberattacks need to consider whether their mainframes have become a weak, forgotten link at the heart of their core operations."
Illusive Networks pointed out when attackers breach a mainframe, the results can be devastating. KrebsOnSecurity reported Fidelity National Information Services came under heavy scrutiny from banking industry regulators in the first quarter of 2011, when hackers who had broken into its networks mainframes used that access to orchestrate a carefully-timed, multi-million-dollar ATM heist.
Mainframe Guard works by detecting malicious movement toward the mainframe, providing a non-intrusive method of protecting the systems, the data they host, and the services they support, from advanced attacks. The solution is comprised of:
* A new family of deceptions for mainframe environments and clients.
* The ability to display mainframe assets along with other sensitive assets in the Illusive Attacker View component of the management console, which enables security personnel to see potential attack paths to reach mainframes, and track the proximity and progress of attackers toward these assets
* Purpose-built views of the mainframe environment to monitor unexpected connections to mainframe servers.
* An interactive layer added to the Illusive Trap Server that mimics mainframe behavior and login screens, tricking attackers into believing they are interacting with an actual mainframe computer.
Automatically generated and AI-driven, Illusive Networks' deceptions are tailor-made for the customer's environment to appear realistic and authentic to attackers. As soon as attackers attempt to use the deceptive data, Illusive detects and alerts enterprise security teams, providing real-time, contextual forensic data from the source host that enable informed, targeted and timely incident response operations.
"The need to secure innovations such as mobile applications, cloud-based services and smart devices is getting a lot of attention these days, but mainframes remain an essential element in many of these critical service chains," Andrew Howard, CTO at Kudelski Security, who has extensive experience remediating mainframe systems in the wake of cyber breaches, said. "Organizations are sometimes reluctant to upgrade legacy applications and databases on these enterprise servers, particularly in today's always-on economy. But unless you address every link in the end-to-end process, you haven't secured it."
|Printer friendly Cite/link Email Feedback|
|Publication:||Credit Union Times|
|Date:||Oct 17, 2017|
|Previous Article:||Credit Unions, CO-OP, TMGFS Reveal People News.|
|Next Article:||STCU Names New CEO.|