Silent Signal – the ultimate PEN test?
Once again the Fortra (formerly HelpSystems) IBM i Marketplace Survey is now available and unsurprisingly, Cyber Security is the primary concern for organisations.
However, when you get talking to IBM i shops, a lot of that concern is misplaced. By this I mean the threat of Cyber Attack lies predominantly with the wintel infrastructure and applications.
The belief that the object oriented approach, deployed by IBM i, provides a secure environment still holds true. Whilst most of us will have a Disaster Recovery plan in place, there are only a handful of organisations that implement Incident Recovery plans.
So, what has this got to do with PEN testing you may ask? Well, your traditional pen test would involve probing the network to see if access could be gained and if systems are visible. Typically, in the case of IBM i, it would stop here but may be complimented by an audit. A login would be requested for your system, scripts ran to collect security information and advice given on changes. Job done for another year, everything is secure and audit requirements are met.
No one could hack the IBM i platform could they? Bring on the ultimate PEN test from ethical hackers…
Silent Signal describe themselves as ‘passionate hackers who can provide unique insight to the security of all layers of IT systems through world-class research, to find the vulnerabilities that matter’.
They first began looking into the IBM i operating system in 2021 and the results they have produced are remarkable to say the least. If you ever wanted to really understand the opportunities for exploitation with POWER Systems and IBM i, I would encourage you to read their ‘Another Tale of IBM i (AS/400) Hacking’ blog. Armed with only an IP address it is incredible (and by that I mean worrying) what they were able to achieve.
As I mentioned, only a handful of organisations will have an Incident Recovery plan in place, so don’t be fooled into thinking your High Availability software has you covered. That will actually just replicate the bad data to your target system. And last night’s backups? When did you last test them and have you confirmed the recovery time objective is something the business can support? If you have High Availability then we already know the answer to that question.
If you would like help in understanding what an Incident Recovery plan for IBM i should look like, then please get in touch with us here at Chilli. If you really want to understand the vulnerabilities with your current system configuration, then let Silent Signal run the ultimate PEN test.