Search Rocket site

What Are Mainframe Code-Based Exploits?

Heidi Losee

September 6, 2018

Many of the world’s largest businesses rely on mainframes – the computing system with the scalability, flexibility, reliability and speed to keep major organizations up and running 24/7/365. Yet, a lot of organizations take the security of their mainframes for granted, and that’s leaving them open to a number of risks.

While mainframes are arguably the most secure computer system, they still are not impenetrable. Any system comes with weaknesses, and the mainframe is certainly no exception. We need to think of the mainframe the way we think of any other computing platform when it comes to mainframe security threats. Exploring the ways the mainframe can be hacked will be instrumental in helping us better secure these systems.

At any given point, there are a variety of mainframe vulnerabilities waiting to be exploited. At Key Resources, Inc., we focus on code-based vulnerabilities – areas of flawed code that allow a program to bypass the security controls put in place by the operating system and the organization.

There’s a huge amount of risk involved with code-based vulnerabilities. If a hacker were to exploit one, they would have access to all of the data, applications and users on the entire mainframe. That could be catastrophic for any organization, especially if the hacker were to gain system administrator privileges. Hundreds of applications and thousands of users could be exposed, all from one single code flaw.

That’s why it’s so important for organizations to secure their environment at every level, and make operating system-level integrity an essential part of overall security strategy. Awareness of what these vulnerabilities are and that they exist is the first step here.

Key Resources, Inc. is getting ready to head to Fort Worth, TX in September to attend Vanguard Security & Compliance, the industry-wide security event. I’m looking forward to talking about these topics, and more, in a session titled, “The ABC’s of Mainframe Hacking.” If you’re looking for more information about integrity vulnerabilities and mainframe hacking, I’d encourage you to join us there.

During my session, I’ll cover the theory of mainframe integrity vulnerabilities and answer questions like: What are the different types of integrity vulnerabilities? What types of exploits can be used to subvert the security of the system? And how can a hacker exploit known vulnerabilities? We’ll take you through a few practical LABs to demonstrate those kinds of hacks, as well. We hope to see you there!