Lecture 8 - Legacy systems Flashcards
(32 cards)
What is a legacy system?
Definition is subjective & there are many viewpoints.
“a system that was developed sometime in the past and is critical to the business in which the system operates. “ (RANSOM ET AL)
Could be a server, application etc
Typically, legacy systems were developed before the widespread use of modern software engineering methods and have been maintained to accommodate changing requirements.
Why are legacy systems important?
They contain business-critical information that represent considerable business knowledge & processes.
What are the challenges with legacy systems
The following make legacy systems susceptible to cyber security concerns:
- unpatched software
- outdated
- difficult to understand (trained staff retired/poor documentation)
- expensive to maintain
- inefficent
- Software typically poor & does not respond to change easily.
What dilemma do enterprises face with legacy systems (Alex Heid)
Critical to the performance of daily business operations (ie., in the banking industry/healthcare)
But they run on outdated software which poses a serious security threat to organisations.
Therefore, they need to be segregated from other public networks/devices to try and reduce this threat.
What dilemma do enterprises face with legacy systems
Need to weigh up the costs & benefits
Crucial to business processes, but are complex, poorly understood & require a significant investment to maintain & manage the systems.
What is a legacy system from the Mainframe Era?
SABRE (Semi-Automatic-Business-Research-Environment) by American Airlines & IBM
What are the strengths of legacy systems from the Mainframe Era?
- They only used dumb terminals (no sophisticated processes/capabilities), so developers/architects were forced to restrict complexity to the mainframe and there was a limited user interface.
- easier to secure because the attack surface
Although these strengths provided some relief, there are still problems.
What are the concerns about legacy systems from the Mainframe Era?
- Architects/systems/programmers/app developers did not consider cyber security concerns, the physcial connection (ie. wires) and building the system
- They assumed everything was secure (no malicious insiders etc)
How can you address issues with Mainframe legacy systems
Addressing cyber concerns with Mainframe legacy systems (IBA)
- Improve Access control logic in the operating system
- Authentication is handled by the mainframe (rather than the dumb terminal)
- No encryption, files can be accessed based on user id, serious risk if maintained by a malicious insider - Be prepared for unexpected input validation
- Design decisions from years ago mean that there are no built in any input validation checks (eg., SQL injection!)
- Extreme, expected & unexpected cases must be handled properly. - Add a screen scrapper
- Provide Internet access to legacy applications without making any changes to the underlying platform.
- Can be delivered fast because its non-intrusive.
- But there are scalability issues (compared to modern systems) & might make the system more vulnerable by adding an additional attack layer
Explain the SABRE system.
Semi-Automatic-Business-Research-Environment.
- Airline Reservation system IBM & American Airlines
- (SAGE) which was originally designed to defend against Soviet attacks was used to reserve seats.
Explain legacy systems from the Client-Server Era?
- Clients are sophisticated & support more functionality between elements.
- Encryption is possible on the client (affords more secure communication between client & service)
- More done on the client itself, reducing the demands on the network.
- Insecure communication* p1 sends message to p2 but p3 (a malicious outsider observes in the cloud), BUT if it is pushed through an encryption function over cyber space they will only be able to see gibberish, so p2 will need to push it through the decryption function to consume it.
What are the concerns with legacy systems in the client-server era?
- Complex
- Expensive to maintain.
- Ideally, attack should gain no real insight by gaining access to a client.
- Poor visibility of what is happening on the client side
- Network-level connection
- Gain access beyond the perimeter of the enterprise
- Clients shouldn’t contain sensitive/specialised data (for any long period of time)
Describe how attackers can get access to client software during the client-server era?
Clients not up to date with the most recent software increases vulnerability.
Explain a legacy system from the Networked Era?
- Focus on logical isolation (physical constraints limited)
- Attackers use an anonymous proxy so they can use the system uninterrupted.
- Inputs must be validated to reduce the likelikhood of SQL injection & other suck attacks.
- Vulnerabilities depend on the implementation of the server-side technology (ie. Framework or bespoke)
Why is SABRE a good example of an evolving legacy system?
- Prioritized seat availability, but over time more people wanted to fly & want to choose aspects such as meal upgrades etc. and it became very slow.
- Sold-off legacy assets for $778 million so important
- Cyber security is not the primary concern, it is rebel business units loosing indepedence.
What is the process of evolving legacy systems?
ID/PAD
- Inventory of legacy systems
- Prioritize & identify the high-risk legacy systems (to the enterprise)
- Assess identified legacy system to determine the actual level of risk
- Define and develop plans to evolve high risk legacy systems.
Describe step 1 in the process of evolving legacy systems?
1.Inventory of legacy systems
- Create a list of all systems that are in use today & accessible by users.
- This can be challenging because sometimes the legacy systems aren’t formally retired, just used less frequently
- Other old legacy systems are used frequently, but generally ignored because they are hidden behind other systems so other users might not realise they are using them (ie. In healthcare orgs)
- Should describe each item on the list (eg., its purpose, implementation, a internal contact etc)
Describe step 2 in the process of evolving legacy systems.
- Focus on the legacy systems that deserve further attention from a security perspective. Pinpoint the ones that present the greatest risk to the enterprise.
- Limit this list to a small subset of all of the existing legacy systems.
- Do an assessment of each item on the inventory list (eg., data sensitivity, government requirements, functional criticality, age, accessibliity, extent of previous testing)
Describe step 3 in the process of evolving legacy systems?
Think of attack patterns & conduct a high level risk assessment to determine the actual level of risk)
Describe step 4 in the process of evolving legacy systems?
Define and develop plans to evolve high risk legacy systems to an acceptable level of risk.
This then looks at the options enterprises have for the evolution of legacy systems:
- Develop policies.
- Harden the legacy system
- Enhance the legacy system
- Replace the legacy system
What options to enterprises have for the evolution of legacy systems?
- Develop policies.
- Harden the legacy system
- Enhance the legacy system
- Replace the legacy system
What evolution approach could be proposed for a legacy system identified as a minor risk?
- Develop a policy
ie. training or tweaks to network security appliances (ie, firewalls)
Changes such as these may not actually eliminate the security risk but make it less likely to happen.
They are also effective, rapid & low-cost
What evolution approach should an enterprise adopt if the security risks are significant and the effort (cost) to address them directly is reasonable and can be justified?
Harden the legacy system
ie. , Apply patches & corrections to the source code to eliminate coding bugs.
- With greater effort, you can alter the architecture of the system to avoid design flaws that attackers might exploit
- Or integrate third-party software into the system to prevent exploits using a “wrapper” approach to encapsulate & protect the key functionality.
Issues:
- expensive
- might create their own bugs
What approach should an enterprise with a large, complicated system use to evolve their legacy systems?
Enhance/augment the parts of the system that pose significant security concerns ie. replacte the hardware/software, but leave the rest.
But its very expensives & involves considerable business risks (eg., project delays, budget overruns etc)
Many systems are satisfactory with little security risk, but these systems often have parts that face the public or are used widely within the enterprise that represent the primary security conern.
