In the last two years, actual cyberwarfare attacks have exposed some of the vulnerabilities that exist for societies that heavily rely on the Internet.
Consider the April 26, 2007, cyberwarfare attack on Estonia that lasted three weeks and then suddenly stopped. Estonia’s Internet usage, like many countries, has dramatically expanded since 2000. Almost 52 percent of Estonia’s population of 1.3 million had Internet access at the time of the attack. Officials there report that 60 percent of online Estonians use the Internet every day, and 97 percent of banking transactions take place online. Government systems provide everyday conveniences, such as allowing Estonians to use their cell phone Internet connections to pay for street parking. They also vote over the Internet and pay taxes online.
The main attack was a Distributed Denial of Service (DDoS). At the height of the attacks, 20,000 networks of compromised computers (botnets) located in 50 different countries were orchestrated to disrupt and disable Estonia communications and commerce; at one point, even foreign money transfers were shut down.
Network specialists said the attacks consisted of a barrage of clicks that overloaded targeted Websites. Some sites received up to 1,000 clicks a second, compared with a normal level of 1,000 to 1,500 clicks per day.
Also consider that in August 2008, shortly after Russian and Georgian military forces clashed over the breakaway provinces of South Ossetia and Abkhazia, Georgia’s governmental Websites were knocked offline by digital attacks as DDoS traffic reached 80GB per second. This time Russian hackers didn’t use a large-scale botnet, but rather an SQL injection and blind SQL injection attacks that exploited vulnerabilities in the MySQL back-end databases. This demonstrated how smaller numbers of hackers can stress the servers’ processors and bring down their targets.
How did we become so vulnerable? We’ve simply built on the wrong foundations. People once joked that “Intel Inside” was the world’s most widely used warning label but it’s no longer a joking matter. The Wintel (Windows on Intel) world is often described as Swiss cheese when discussing security holes, and is regularly referred to as a Petri dish for malware. For the last 20 years, many companies with bulletproof mainframes that have been lured by lower server acquisition costs have unwittingly laid down their security and retooled with Windows servers with UNIX variants.
The multi-billion dollar industry of Windows security supplements owes its existence to the lack of original security architecture on the PC, but its entire after-the-fact scrubbing approach is no match when more than 10,000 new malware threats are created daily (some 5.5 million pieces of malware were identified last year alone).
Since for many countries cyberspace has become the network necessary for the economy to function, protecting against cyberwarfare is a national security initiative. The FBI estimated that in October 2008, there were 24 countries with the ability to wage cyberwarfare and presently targeting the U.S.
The National Strategy to Secure Cyberspace was published by the U.S. government in 2003. While it wasn’t a mandate, it offered suggestions to business, academic, and individual users to secure their networks and computer systems. Unfortunately, the U.S. Department of Homeland Security had the unrealistic goal of persuading each person to do their part to defend their own system attached to the Internet. The flaw in this thinking is regardless of what training is offered and is successful, there will always be millions of novice computer users online who don’t have a clue how to deal with security or enhance malware protection, and thus can be targeted for takeover.
Security for computers is analogous to security for a country: You create and enforce laws that stipulate how citizens can peacefully coexist, and you control your borders. The mainframe has impenetrable border control, zero tolerance for lawbreakers, and comprehensive damage containment, protecting (isolating) one user from the next. This is like a criminal in society only being able to act in a way that damages himself or his own property, but never someone else’s. Wintel has no border control, and criminal elements can enslave other citizens and confiscate their resources for subsequent use in criminal activities. Security on UNIX variants isn’t as bad as Wintel, but still falls far short when compared to z/OS’ built-in protection at all levels—processor, operating system, subsystem, and application.
As savvy mainframe executives can testify, the sophisticated security mechanisms of System z hardware and software lead the industry and thus are an important part of the mainframe’s value proposition. If you have a mainframe, ensure your mission-critical business is transacted on it. If you don’t have a mainframe, think about outsourcing onto one because your mission-critical business deserves the protection.