PowerWire.eu

Independent IBM i, AIX and Linux news and tech tips for Europe and beyond

  • Home
  • News
  • Technical Articles
    • IBM i
    • AIX
    • Linux
    • VIOS
  • Subscribe
  • About Us
  • Contact Us
  • Advertise with PowerWire.eu

Rant for better security on IBM i

March 8, 2022 by Guy Marmorat Leave a Comment

This rant is intended as a wakeup call to companies and ITSecurity experts.
I have 25 years of experience in Security on IBM i and all too often my observation of the poor implementation of IBM i Security of many companies is truly alarming!

All players are responsible for this situation, but first and foremost companies.

One would have thought that the ever more restrictive regulations would significantly improve their level of Security, but it is clear that this is not (yet) the case.

Companies that have suffered violent attacks have, months later, still not decided to put anything in place…… Studies are still in progress……. Worse, some do not try to understand where the hackers have entered! This is distressing!

Often, the recommendations of audit reports follow the current trend – For example, it is not in fashion to offer basic remediation on IBM i; integration with a SIEM/SOAR Solution is quickly pushed, and it doesn’t matter what is sent to this SIEM or even if people at the helm know how to decipher specific IBM i events.

However, there are real experts in this field, who will have a more pragmatic approach. They will be able to focus on the main flaws and propose appropriate solutions. They obviously don’t know everything (one can’t be an expert in all areas!), but they do very well what they know.

Given the terrible news, the threat this time is very serious and requires immediate action.
Let’s just mention 2 flaws that have shaken up our quiet IBM i ecosystem: Log4j and SolarWinds.
It is highly likely that the hackers have already positioned backdoors via these 2 flaws, in order to be able to come back quietly later once the patch has been applied.
Since hackers have been able to introduce malicious code into security software like SolarWinds, it can be considered that other software is also affected and that hackers are waiting for the right moment to use it.

Hackers certainly have a stock of exploitable flaws not known to date. The attacks will certainly become more sophisticated than current ransomware, or even undetected because they are focused on data theft. Worse, the databases of the attacked systems could be slightly modified to cause pernicious malfunctions spread over time and therefore loss of integrity and inconsistencies not detected quickly, which will cause even more chaotic situations (no more reliable recovery point).

And to complete the situation, your email addresses and phone numbers are probably already in wrong hands.

Tomorrow, you could receive messages from your government (or who claims to be) by email or SMS. It will be necessary to redouble attention on the URL links – For example: Cyrillic characters close to Roman characters.

THE DEAL HAS CHANGED!

Experts: Make yourself known, participate in the surveillance and defense effort.

Companies: Stop Procrastinating! Start today to create a more pragmatic approach. Work with experts with in-depth knowledge of your servers (and not “generalist experts”).
 
PLEASE ACT NOW!

Author: – Guy Marmorat www.Resiliane.com

Related Posts

  • IBM i Security – Duct Tape & StringIBM i Security – Duct Tape & String
  • IBMi password – pick a numberIBMi password – pick a number
  • New Software Enhancements for POWER SystemsNew Software Enhancements for POWER Systems
  • IBM i Exit Points – The Power To Control and AuditIBM i Exit Points – The Power To Control and Audit
  • Fifth Annual IT Marketplace Survey Reveals Ongoing Reliance on IBM i to Support Critical Business NeedsFifth Annual IT Marketplace Survey Reveals Ongoing Reliance on IBM i to Support Critical Business Needs
  • An Ansible IBM i Disk CheckerAn Ansible IBM i Disk Checker

Filed Under: IBM i, News, Technical Articles Tagged With: IBM i, IBM i security, IBM Power Systems

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Free monthly newsletter signup

News

Remain Software Milestone 3

NIEUWEGEIN, Netherlands — Today Remain Software is pleased to announce the third Milestone of TD/OMS V14 and … [Read More...]

PowerWire.eu talk to i-UG’s chairman Mike Ryan about their upcoming annual conference

Hello Mike. As the official representative of COMMON Europe in the U.K, i- UG has always listened to the … [Read More...]

Dot Files on IBM i

For those who have been following my bite size BASH tutorial on You Tube, I thought it about time I wrote an … [Read More...]

More articles from this section

Quick Links

  • Advertise
  • Subscribe

Follow Us…

  • Email
  • LinkedIn
  • Twitter

Search This Website

Copyright © 2022 · Cue Communications · All Rights Reserved

Log in

This site uses cookies More info