In the mainframe world, everyone has been talking about security for a very long time. In fact, I’ve seen some people yawn as the topic of security comes up again – “been there, done that, got the T-shirt” they say. But it’s not that easy. Just because all the security you had in place last year seems to have worked, doesn’t mean that it is secure enough for this year. There is a veritable arms race going on and no-one can afford to be complacent.
When I say
no-one, I mean no-one in an organization can be complacent, perhaps least of
all the chief financial officer (CFO). It’s the CFO’s job to safeguard their
organization’s reputation and to save their company money. That was the job of
the CFO at the USA’s second biggest health insurer, Anthem, which was hacked in
December 2014. Nearly ten years later, the substantial cost to the company is
only finally becoming clear.
That
cyberattack saw 79 million individual's personal information compromised.
Firstly, Anthem agreed to pay $115 million to those people whose information
was potentially stolen. The plaintiffs’ case was that Anthem should pay their
costs of checking whether the exfiltrated data was being used nefariously by
anyone else. Then in 2020, Anthem agreed to pay $16 million to the US
Department of Health and Human Services, Office for Civil Rights (OCR) and take
substantial corrective action to settle potential violations of the Health
Insurance Portability and Accountability Act (HIPAA) Privacy and Security
Rules. Also in 2020, the company paid $39.5 million as part of a settlement
with US states attorneys general from 44 states and Washington, DC. On top of
that, there may well have been payments by Anthem for the ransom, and for
technical experts to try and resolve the attack. All-in-all, a hefty pay out
for any organization.
And that wasn’t
a one-off attack. According to the Cost
of a Data Breach Report from IBM
Security, the average cost of a data breach is US$4.45 million. For companies,
like Anthem, in the healthcare sector, the average cost of a data breach was
US$10.93 million.
In the UK just
recently, hospitals and GP practices found Russian hackers had infiltrated and
rendered unusable the IT systems of Synnovis, a company that analyses blood
tests. That led to hospitals having to cancel operations etc. From personal
experience, I know of a small web design and hosting company that says its web
sites are under constant attack. And I know of local secondary schools that
have been attacked.
Everywhere and
everyone that has any kind of tech is currently under attack. And, they need to
do their bit in the arms race that’s taking place between us – I’m assuming we’re
the good guys are reading this – and the people who are trying to hack your
system.
Oxford Capital recently sent out a press release reminding us that the World Economic Forum has shown that ransomware attacks have increased by nearly 300%, with over 50% of these attacks specifically targeting small businesses. Oxford Capital then highlighted the top AI security threats organizations need to be prepared to combat. They were:
- AI-powered phishing attacks using AI to create highly-convincing and personalized emails. These attacks are designed to deceive employees into revealing sensitive information or downloading malicious software.
- Automated vulnerability exploits. Hackers are using AI to scan for and exploit vulnerabilities in software systems at an unprecedented speed and scale. That’s why installing patches is such a priority.
- Deep fake scams are where cybercriminals use AI to create realistic audio and video impersonations of company executives. These deepfakes can be used to manipulate employees into transferring funds or sharing confidential information.
- AI-driven ransomware allows attackers to efficiently target, copy, and encrypt critical business data.
- Malicious AI bots can be used to conduct malicious activities such as credential stuffing, where bots attempt to gain access to accounts using stolen credentials.
- Weak passwords are a major cybersecurity threat because they can be easily guessed or cracked, allowing unauthorized access to sensitive information.
The suggested solutions given by Oxford Capital include:
- Strong password policies. If you don’t already do this, use complex passwords and update them regularly.
- Multi-factor authentication (MFA) requires a user to present two (or more) items or factors to an authentication mechanism before they are given access.
- Regularly update software to ensure that the latest security patches are installed and no easy-access back doors (vulnerabilities) are anywhere on your system.
- Employee training. I’ve been part of this kind of exercise where you give everyone in your organization training to recognize phishing attacks and other cyber threats, and then later test random attendees. Even so, you still find staff click on your dodgy email. Therefore, I would suggest that training is ongoing.
- Use robust cybersecurity measures. They recommend users invest in comprehensive security solutions to detect and respond to threats efficiently. I would suggest mainframe-related products like File Integrity Monitoring (FIM) from MainTegrity to provide not only protection, but also early warning if some kind of attack is taking place, as well as automation to suspend jobs and users until you’re sure they really are allowed to do what they seem to be doing to your mainframe.
The list might
have added using air-gapped hardware to protect back-ups from being
overwritten. As well as routinely protecting data in transit from being stolen.
What I’m
suggesting is that everyone needs to take steps to protect whatever data they
have on their computing platforms, including the cloud, and people with the
most to lose, like mainframers, need to absolutely keep one step ahead in the
data security arms race. And the CFO, and other top execs, need to make sure
the IT team have everything they need in order to do that. After all, it’s
those top execs who will be paying for it if mainframe security isn’t as good
as it needs to be.
No comments:
Post a Comment