Malware – what are the threats?

Malware can come from and in a variety of attack vectors. Besides using ‘traditional’ methods of spreading malware, adversaries can leverage more sophisticated methods to turn your Power System into a ‘malware host’.

The key target is your data. Data is valuable, and organisations have paid at least $602 million to ransomware gangs in 2021.  If they are not stealing it to sell on the dark web (social security numbers, credit card numbers, names, and addresses) then it will be held for ransom… “Give us some $$$ if you want to have your data decrypted.”

Why bother?

A lot of organisations are subject to regulatory requirements, such as PCI-DSS, HIPAA, FISMA, Gramm-Leach-Bliley Act (GLBA), UK DPA and GDPR.  The penalties can be severe for any organisation “leaking” data.  A UK airline, for instance, was fined £20,000,000 by the Information Commissioners’ Office (ICO).

The average cost of a breach in 2021 was €3.9 million ($4.24 million), marking a 10% increase compared to 2020. In the case of breaches, time is money and on average it takes 287 days to identify, close and remediate a data breach.

Power systems can’t be infected, right?

Because an Intel (x86)-architected virus cannot execute on IBM i, AIX, RHEL, or CentOS Operating systems running on IBM’s Power Chipset, we run the risk of misreading this as “no viruses are possible!” IBM has never claimed that the IBM i IFS was immune, as evidenced by the fact that the IBM i acquired integrated anti-virus protections in V5R3 in 2004.

However, that doesn’t stop malware from being stored.  All these Power OS’s can share disk space.  The IBM i uses its Integrated File System (IFS) to allow NetServer shares – (Read more...)