Right, they’re all kept under wraps in a world where privacy is next to impossible. And what you heard (suddenly not under wraps) isn’t what happened with Logica. If your kid drops his key, and someone uses it to enter a house, that’s not a break in. 60-70 years and all you’ve got is a few non hacks to feed your hatred of IBM and the mainframe.
Sent from Yahoo Mail for iPhone On Thursday, October 7, 2021, 5:18 PM, Charles Mills <[email protected]> wrote: The one I am privately aware of I did not work on and is four years (?) in the past. It was a US government system. There are varying versions of the Logica story. The one I read in the police report and accept as factual involved the exploitation of a flaw in a Web browser running on z/OS UNIX. They used that to utterly take over the machine, issuing multiple userids and making them SPECIAL and so forth. They installed their own login server to make things easier for themselves. I would call that a mainframe breach. I think a focus on "was it a real hack" is a mistake. If your senior systems programmer writes his password on the back of his business card and accidentally leaves it in a bar, that is not a "real hack" but your data is just as much at risk as if it were. The focus should be on vulnerabilities (in that case, lack of MFA and lack of user education) not "was it a real hack?" If your teenaged son dropped his housekey in your driveway and someone used it to come in and steal your TV, would you say "that was not a real burglary"? At best you can't say mainframe hacks have never happened, you can only say you don't know of any. There is a well-known tendency for shops not to discuss. (Nor for that matter can one assert unequivocally that they have; only that there are none that are well-documented.) Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Bill Johnson Sent: Thursday, October 7, 2021 3:59 PM To: [email protected] Subject: Re: Mainframe ransomware solution Logica isn’t actually a hack. And of course the phantom one you’re working on. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
