Radoslav, Many clients I visited allows local admin authority on windows workstation to the machine user for ease of management. However, we get clients monthly reports on success and failures from some clients of us. Most of them respond well to attacks and block them, so even their workstations are protected.
I believe it is a question of budget. Banks can afford protection that hospitals can't (and bankers can afford better medical treatment than others...). If you look at the names of clients that were hit by such attach, it is almost always a client that can't afford a complete security systems. On the mainframe, only few datasets are owned by en users, most of them are not significant to the user (ISPF temporary datasets, some "on work" job or source code libraries that most of them are on the change management store, etc.). How many DB2 data tables can be updated by human clients directly? Near if not zero. So,from the attacker point of view, no much to encrypt,unless he get a service account. This is more complex to perform. and as I always say, security cost you a lot, but if it works, managers doesn't see the value of it. ITschak On Fri, Jun 21, 2019 at 1:04 PM R.S. <r.skoru...@bremultibank.com.pl> wrote: > Yes, I don't come to SHARE conferences, I wish, but I don't. > However it seems I saw the presentation on youtube. > AND WHAT? > Yes, I can encrypt my own dataset and loose the key. I'm aware of that. > My question was about real life case. > Every file or dataset can be encrypted or deleted, that's rather > obvious. The question is how many times did it happen on z/OS. > > -- > Radoslaw Skorupka > Lodz, Poland > > > > > > W dniu 2019-06-18 o 05:09, Charles Mills pisze: > > Because you don't come to SHARE? Specifically, Chad Rikansrud's security > keynote in March of 2017. > > > > Charles > > > > > > -----Original Message----- > > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] > On Behalf Of R.S. > > Sent: Monday, June 17, 2019 1:53 PM > > To: IBM-MAIN@LISTSERV.UA.EDU > > Subject: Re: mainframe hacking "success stories"? > > > > Did they use z/OS? > > Or maybe Linux on PC? > > Not? > > Windows? > > What a surprise! > > > > BTW: I have heard many times about filese encrypted by ransomware. Why > > it's always Windows? Why the only file encryption on z/OS I ever heard > > is the encryption directed by administrator? > > Why? > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > . > > > > > ====================================================================== > > Jeśli nie jesteś adresatem tej wiadomości: > > - powiadom nas o tym w mailu zwrotnym (dziękujemy!), > - usuń trwale tę wiadomość (i wszystkie kopie, które wydrukowałeś lub > zapisałeś na dysku). > Wiadomość ta może zawierać chronione prawem informacje, które może > wykorzystać tylko adresat.Przypominamy, że każdy, kto rozpowszechnia > (kopiuje, rozprowadza) tę wiadomość lub podejmuje podobne działania, > narusza prawo i może podlegać karze. > > mBank S.A. z siedzibą w Warszawie, ul. Senatorska 18, 00-950 Warszawa, > www.mBank.pl, e-mail: kont...@mbank.pl. Sąd Rejonowy dla m. st. Warszawy > XII Wydział Gospodarczy Krajowego Rejestru Sądowego, KRS 0000025237, NIP: > 526-021-50-88. Kapitał zakładowy (opłacony w całości) według stanu na > 01.01.2018 r. wynosi 169.248.488 złotych. > > If you are not the addressee of this message: > > - let us know by replying to this e-mail (thank you!), > - delete this message permanently (including all the copies which you have > printed out or saved). > This message may contain legally protected information, which may be used > exclusively by the addressee.Please be reminded that anyone who > disseminates (copies, distributes) this message or takes any similar > action, violates the law and may be penalised. > > mBank S.A. with its registered office in Warsaw, ul. Senatorska 18, 00-950 > Warszawa,www.mBank.pl, e-mail: kont...@mbank.pl. District Court for the > Capital City of Warsaw, 12th Commercial Division of the National Court > Register, KRS 0000025237, NIP: 526-021-50-88. Fully paid-up share capital > amounting to PLN 169,248,488 as at 1 January 2018. > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > -- ITschak Mugzach *|** IronSphere Platform* *|* *Information Security Contiguous Monitoring for Legacy **| * ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
