Why Mainframe Security Risks Are Largely Unrecognized

In the past year, cybercriminals have made the healthcare industry a top target for sophisticated ransomware attacks, often exploiting known but unpatched vulnerabilities to gain access to clinical information.

The implications of those reported but unresolved vulnerabilities are scary, considering the wealth of patient data hospitals manage, as well as the potential life-and-death situations involved. But, what about the vulnerabilities that aren’t even on the radar of hospital IT departments?

Most modern hospitals depend on multiple electronic systems and connected IoT devices to operate around the clock. The largest hospitals also rely on mainframes to safeguard some of their mission-critical financial and billing data. The security of hospital systems isn’t always up to sufficiently high standards. And, while mainframes are arguably the most securable platform, they still aren’t impenetrable. Mainframes have weaknesses, like code-based vulnerabilities that, if exploited, could endanger the entire enterprise.

Essentially, code-based vulnerabilities are areas of flawed code that allow a program to bypass the security controls put in place by the operating system and the organization. There’s a huge amount of risk involved with operating system-level vulnerabilities. If a hacker were to exploit a single trap door vulnerability, they would have access to all of the data, applications and users on the entire mainframe.

In a hospital setting, that means access to everything ranging from patients’ personal information, to doctor’s orders, to insurance coverage, and so on. Hospitals manage a wealth of sensitive information about their patients, like SSNs, addresses, contact information and more, that is considered to be protected heath information (PHI).

If a bad actor gains access to the enterprise through the mainframe, they would have the potential to cripple many of the hospital’s most important functions. For example, many medical devices today are peer-to-peer or wirelessly attached to the clinical information system. Imagine if a hacker infiltrates the system, or even takes the mainframe down—those medical devices and the corresponding medicine could no longer be accurately managed and administered.

Part of the challenge when it comes to managing mainframe security is that many IT professionals working on mainframes are unaware of these code-based vulnerabilities. On top of that, hospital IT departments right now are spread thin monitoring all the various systems. A recent survey of nearly 2,500 healthcare security experts revealed that 96 percent believe that bad actors are outpacing the defenses of their medical enterprises.

Although IT managers may be technically savvy, there are simply not enough of them to track all of the risks and ensure their mainframes are always up, running and protected. The good news is that these vulnerabilities are patchable. Of course, vulnerabilities have to be discovered first before they can be patched. It’s time for hospitals to invest in the people and practices that will better guard their IT systems and patient data.

Information Management:

You Might Also Read:

Healthcare Cyber-Attacks Still Going Up

« Organizations Hit With North Korea-Linked Ryuk Ransomware
Training Young Hackers To Stop Cybercrime »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Charlton Networks

Charlton Networks

Charlton Networks provide a complete range of IT infrastructure, network and security solutions aimed at SME companies.

XBOSoft

XBOSoft

XBOSoft is a software QA and testing company. We cover the entire QA and testing life cycle including software and application security.

Telspace Africa

Telspace Africa

Telspace Africa provide the highest level of IT security solutions including advisory, penetration testing, vulnerability assessments, red teaming, social engineering and training.

IoT Now

IoT Now

IoT Now explores the evolving opportunities and challenges facing CSPs, and we pass on some lessons learned from those who have taken the first steps in next gen IoT services.

MonsterCloud

MonsterCloud

MonsterCloud is a leader in managed cyber security services. Our cyber security team constantly monitors and protects businesses from cyber threats.

CYBERSEC Forum

CYBERSEC Forum

CYBERSEC Forum is an annual European Public Policy Conference dedicated to strategic aspects of cybersecurity.

Cybertonica

Cybertonica

Cybertonica is a FinTech company which detects and prevents fraudulent transactions and reduces risk for financial services organisations.

M12

M12

M12 (formerly Microsoft Ventures) is the corporate venture capital subsidiary of Microsoft.

CoverWallet

CoverWallet

CoverWallet combines deep analytics, thoughtful design and state of the art technology to help small businesses with all their insurance needs including Cyber Liability.

M2MD Technologies

M2MD Technologies

M2MD Technologies offers solutions optimized for cellular IoT that provide stronger security, reduced costs, enhanced user experience, and ultimately generates higher returns for stakeholders.

Cybertronium

Cybertronium

Cybertronium is a leader in managing cyber risk. We bring you the latest from the complex, ever-evolving online threat environment with the insights to inspire and the expertise to act.

QAlified

QAlified

QAlified offer independent testing and quality assurance services for software projects including security testing.

CatchProbe Intelligence Technologies

CatchProbe Intelligence Technologies

CatchProbe provides actionable web intelligence, OSINT, deception systems, threat intelligence, and digital crime analytics solutions and products through an AI-Driven intelligence platform.

Hexiosec

Hexiosec

Hexiosec (formerly Red Maple Technologies) is a technical consultancy and product company founded and run by engineers from the UK Intelligence and Defence communities.

Chaos Computer Club (CCC)

Chaos Computer Club (CCC)

The Chaos Computer Club is Europe's largest association of hackers.

Noma Security

Noma Security

Noma Security's mission is Application Security for the Entire Data & AI Lifecycle.