PCI COMPLIANCES by Udi Levin, AI Risk PCI and Cybersecurity

Category: cyber attack

  • Cyber Risks in Wartime

    Cyber Risks in Wartime

    Cyber War in the Shadows: Israel vs. Iran – A New Frontline

    In today’s geopolitical landscape, the battlefield is no longer limited to land, sea, and air — it extends deep into the digital realm. What many once considered a background threat has now become a core component of strategic competition between states.

    Recent developments in the ongoing war between Israel and Iran illustrate just how significant this shift has become:

    Active Cyber Campaigns

    Parallel to kinetic operations, Iranian-linked cyber groups — both state-affiliated and proxy collectives — have been identified targeting Israeli digital infrastructure and information systems. These campaigns range from phishing and reconnaissance to data theft, disruption and influence operations.

    Hybrid Threat Ecosystem

    The cyber domain today blends traditional intelligence operations, hacktivism, and state-sponsored activity. This complexity makes attribution and defense more challenging, demanding advanced collaboration between governments, private sector defenders, and international partners.

    A Global Issue

    This is not just an Israel-Iran story — it’s a reflection of how major powers are shaping cyber capabilities as part of broader strategic competition. As organizations and nations innovate, defenders must adapt faster than ever.

    The digital war is real, relentless, and constantly evolving. Strengthening cyber preparedness, investing in resilient infrastructure, and fostering cross-sector cooperation are key priorities for national and corporate security alike.

    #CyberSecurity #CyberWarfare #Israel #Iran #StrategicRisk #InformationSecurity

  • Mainframes COBOL and Cyber Risk

    Mainframes COBOL and Cyber Risk

    Why MF COBOL Applications Are at Higher Risk Today – A Cyber Perspective

    COBOL applications running on mainframes still power the core systems of banks, insurance firms, and large enterprises.

    But the threat landscape has changed — and many environments haven’t evolved accordingly.

    🔹 Increased exposure via APIs and Open Banking

    🔹 Integration with modern DevOps and CI/CD pipelines

    🔹 Shortage of experienced COBOL professionals

    🔹 Challenges implementing modern controls (Zero Trust, EDR, runtime monitoring)

    The IBM z/OS platform itself is robust and secure —

    but the surrounding ecosystem and digital integrations create new attack surfaces.

    Mainframe cyber resilience is no longer optional. It’s foundational.

    —————-//

    למה אפליקציות

    MF מבוססות COBOL

    נמצאות היום בסיכון גבוה יותר – מזווית סייבר

    קוד COBOL על גבי Mainframe (MF) ממשיך להריץ את מערכות הליבה של בנקים, ביטוח וארגוני אנטרפרייז.

    אבל סביבת האיומים השתנתה – והמערכות לא תמיד.

    🔹 חשיפה גוברת דרך API, אינטגרציות ו-Open Banking

    🔹 חיבור ל-DevOps וכלי CI/CD שלא נולדו לעולמות MF

    🔹 מחסור באנשי COBOL מנוסים

    🔹 קושי בהטמעת בקרות מודרניות (Zero Trust, EDR, Runtime Monitoring)

    ה-IBM z/OS עצמו חזק ומאובטח —

    אבל המעטפת הארגונית והחיבורים לעולם הדיגיטלי הם נקודת הסיכון החדשה.

    Cyber resilience במיינפריים כבר לא אופציה. הוא תנאי יסוד.

  • Credit Card Processor Risk of Attack

    Credit Card Processor Risk of Attack

    There have been successful attacks on credit card processors in the past. Credit card processors, which are responsible for handling payment transactions between merchants, banks, and card issuers, can be targeted by attackers seeking to steal payment data or disrupt payment processing operations.
    One notable example is the 2014 cyberattack on JPMorgan Chase, which is one of the largest processors of credit card transactions in the world. In this attack, hackers gained access to the bank’s computer systems and stole the personal and financial information of over 83 million customers, including credit card data.

    Another example is the 2018 breach of the payment processing company, First Data. In this attack, hackers gained access to a web application used by First Data and stole payment card information of customers from a number of merchant websites.

    These attacks highlight the need for credit card processors to implement robust security measures and constantly monitor their systems for vulnerabilities and suspicious activity. They also demonstrate the importance of maintaining a strong security posture throughout the payment processing ecosystem, including merchants, banks, and card issuers, to prevent attacks and protect sensitive payment data.