Your Cybersecurity is as Strong as the Weakest Link in the Chain
Your Cybersecurity is as Strong as the Weakest Link in the Chain
A quick question … why do so many banks still use mainframe computers on their network? Well, mainframe computers tend to run different software and have different architectures to much of the modern software, and can thus often be isolated from current threats. It’s a bit like a software airgap. Now, it has been found that an old server (created by Novell Inc) actually saved a major attack, but there is great unease about adding this old server back onto the global finance infrastructure.
Many years ago, Novell NetWare allowed organisational networks to interconnect and were the King of the Hill. In fact, they used their own networking protocol (IPX/SPX), and where each node had an IPX networking address. But, along came TCP/IP, and which allowed us to not only connect locally, on a global scale. Novell Inc eventually lost most of the market and was acquired The Attachmate Group. At its peak, it has revenues of over $2 billion.
The weakest link in the chain
I remember building audio systems, and where your system was as good as the weakest part of the audio delivery system. You might have great speakers, but if your amplifier is poor, then your whole system will be poor. And, so, it goes for cybersecurity. You might employ the best firewalls and encryption, but as long as there’s something in your infrastructure that is a weak point, it can bring the whole of the infrastructure down. Unfortunately, we have to cope with legacy systems, which were typically designed when security was an afterthought.
Now, it has been revealed that the Industrial & Commercial Bank (ICBC) of China Ltd — one of the largest lenders of assets in the world — has been disrupted by a ransomware attack. This is linked to the Russia-linked LockBit cybercrime gang, and, currently, there is unease about its systems reconnected to the global finance infrastructure — as trust can take a while to be rebuilt as a suspected cyber attack.
In revealing the attack, it is thought that much of the data and capabilities were supported through a 20-year-old server made by Novell Inc. (and which does not exist as a company anymore). In fact, it was so old that the ransomware was unable to run on it. It is now that the company is building a new skeleton system around the previous server, and which is making some uneasy about it reconnecting to the finance network. The old server actually protected the company from a devastating attack, but many are worried that a core server that was created over 20 years ago will be unlikely to withstand a major attack.
Netware
My first introduction to proper networking was with IPX/SPX, and where we expanded our PC network using the Novell NetWare networking. Basically, NetWare wasn’t TCP/IP, and mainly connected PCs to a local server. Each of the nodes on the network had an IPX address and it was localized in its scale. Most of the network traffic was local, and very little went to the Internet. I remember, at the time, logging in with the NetWare client:
In those days, there was no such thing as a network switch, twisted pair cables and RJ45 connectors. You had repeaters, but they tended to cause you more problems than they solved. Basically, to build the network we had a coaxial cable that spread over the labs and staff offices, and where T-piece connector was used to connect computers to the shared bus. In those days, there were no Cisco Catalyst switches, but where we had to use CSMA/CD (Carrier Sense Multiple Access with Collision Detection).
Basically, nodes had to contend for the network, and where they would have to wait to see if any other node was transmitting at the same time. This meant that the network worked fine with low levels of traffic but struggled when it neared its capacity. Another major problem was when staff disconnected their computers from the network — as this created an open circuit. With this, the signals basically travelled along the line until they reached the open circuit and then bounced back off. This caused a massive distortion of the signal and often ground the network to a hold. I spent many an hour tracing coaxial cables to find a fault.
Conclusions
I say again, your infrastructure is only as strong as the weakest link in the chain. To be using a 20-year-old server as the core of your company’s business is not a thing that should exist in the modern age.