[Info-vax] Now you have way more things to worry about

Tholen tholen at guess.net
Sat Jul 22 03:58:50 EDT 2023 

Dave Froble <davef at tsoft-inc.com> wrote in
news:u8h6qk$2ib7e$1 at dont-email.me: 

> On 7/10/2023 9:04 AM, abrsvc wrote:
>>
>>>>> Then you have exploits that hit VMWare
>>> The same problem exists for Alpha emulators, even though it's an
>>> emulator and not virtualisation software. Also not probed anywhere
>>> near as much as the mainstream products.
>>
>> I can agree with Simon for a change...  :)
>>
>> Most of the problems I have seen in terms of "break-ins" have been at
>> the host OS level and not problems with the emulators. I know of one
>> client that has had multiple intrusions with NO impact on the OpenVMS
>> system itself other than being inaccessible because of the network. 
>> OpenVMS itself was not affected at all.  I see the same issue with
>> the VMs.  OpenVMS is not the problem here, only the underlying host. 
>>
>> Dan
>>
> 
> One of our customers got hit with a ransomware attack.  Their WEENDOZE
> systems were toasted.  Their VMS system was not touched.
> 
> Now, yeah, lots of business now depends upon WEENDOZE systems.  But,
> VMS ran their core business, and while annoyed by the loss on the
> WEENDOZE systems, the company was able to continue to receive orders
> and ship product. 
> 
> Maybe some may see things differently, but, to me, there is a vast
> difference between being annoyed, and losing the capability to
> continue to run the business.  Consider the ramifications of losing
> all Accounts Receivable data. Cant collect money is a major hurt.
> 
> Not saying VMS cannot be hacked, but, the reality is, they usually are
> not hacked. 

When customers outsource their Windows admin responsibilities to India,
Brazil, or the Philippines, they should expect that sort of thing.  

Windows isn't all that bad.  If you perform due diligence and hardening
as you're supposed to, it's pretty solid, resistant even.  Ransomware
exploits succeed because somebody screwed up, gave in to an internal
customer, and didn't do it. 

The other major vulnerability is the design of the management network
that permits these remote admins into the environments where they
perform their tasks.  Some of them are absolutely horrendous and provide
complete direct access from an offshore location.  That should never
ever be permitted.

More information about the Info-vax mailing list