Dear readers,

As a replacement this year, we are planning a webcast in English covering Data Center Intelligence (DCI) and Identity Access Governance (IAM) on the original date of 23 April 2020.

Almost every hour there is new, unpleasant news due to the novel corona virus (COVID-19). The health of customers, employees and partners of Beta Systems is our main concern. We would have liked to have held the event as planned from April 22nd to 24th, 2020, especially since we had more registrations than ever before, but due to the current pandemic, we must cancel. 

You will find details on registration and the final agenda for the webcast here:

Save the date now:

• Thursday, 23 April 2020, 3.45 p.m. (CET)

  More information about the international webcast

Look forward to exciting new information on products and customer presentations.

And take good care of yourself in the upcoming weeks!

Yours sincerely,

The Beta Systems Team

Even the securest IBM Z installations in top security environments are exposed to hacking threats that are underestimated, downplayed or simply unknown to most mainframe operations and security teams. What is your risk exposure, what methods social hackers are using and what are recommended steps to protect yourself from those dangers?

Can an IBM z/OS mainframe be hacked? The answer is a simple “yes”.

A current Bitkom study even reports on the attack target of the German economy, the current “Spiegel” (one of the biggest german News-magazines) even reports on a “network with big holes”.

For instance a hacker group infiltrated 2012 multiple z/OS Mainframe Systems in Sweden, gained access to the RACF-Database and brute-force decrypted over 100.000 RACF account passwords. Plus they installed backdoors with permanent access without even needing passwords.
Sensitive data was lost or revealed and a funds were transferred from the bank to private accounts.

So what has changed?

As simple as it may sounds: your mainframe is connected to the world and there is interest in your mainframe! Not from script kiddies, but from semi-professional and professional hacker groups and even companies.  And mainframe hacking tools are today available as open source free to use for everybody.
 
So what you can do to protect your IBM Mainframe?

1. Don‘t trust that your mainframe is secure
2. Use common sense  security measures *)
3. Use Identity & Access Management Software‘s standard security features to protect you
4. Monitor access to your systems
5. Collect logs & review them
6. Conduct regular security audits
7. Implement recommended NIST STIGs
8. Be informed about security threats of the deployed mainframe software
9. Execute a mainframe penetration test
   
   On the subject of “social hacking”*
10. Make yourself clear, that there are social hackers!
11. Build awareness inside your company and team
12. Define rules, how to act in case of calls, and what information can be given
13. Limit the information you give out in calls or without calling back
14. Be suspicious and ask for clear identification of the person talking to you.
15. As a rule of thumb: Always call back!

Do you want to know more?

All this and the nifty details of the 2012 mainframe hack and your risk exposure will be covered in our 60 min. Webinar “Hacking the Mainframe”. It includes information on hacker practices based on a real life example and provides you with recommendations and solutions how to protect your most viable information and your mainframe security.

Sign up for “Preventing Security Breaches: 15 Rules for Securing the Mainframe” Webinar here: