Really. In 2012 Logica, a mainframe service bureau in Sweden, suffered a disastrous hack that involved government agency files, credit cards, and social security numbers. The entry was via an online legal database that was accessible via browser from the Internet, and which turned out to be vulnerable to the CGI remote command execution vulnerability. The hack was a crisis for Logica that ultimately required international diplomacy to stop as the hacker had so many privileged RACF userids that if they revoked one, he simply used another and created ten more. Per Gottfrid Svartholm Warg, alias anakata, co-founder of The Pirate Bay, a media sharing site, was convicted of the breach, and also of breaching a CSC mainframe in Denmark, in which EU international police records among others were exfiltrated. (Referenced in the article you cite.)
Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Robert Harrison Sent: Tuesday, August 18, 2015 3:27 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Mainframes open to internet attacks? >From technologyreview.com: http://www.technologyreview.com/news/540011/mainframe-computers-that-handle-our-most-sensitive-data-are-open-to-internet-attacks/ Really? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN