IBM Systems Lab Services

Dark data: Peering through the blanket of the dark

Share this post:

“Come, thick night, and pall thee in the dunnest smoke of hell, that my keen knife see not the wound it makes, nor heaven peep through the blanket of the dark.” —William Shakespeare, Macbeth, Act 1, Scene 5

There’s a little Shakespeare for you: that’s Lady Macbeth, waiting for the doomed King Duncan to arrive at her castle. Swap Duncan for data, the castle for your mainframe infrastructure, cast Lady Macbeth as a cyber threat, and you can see what I’m getting at.

What do we mean by dark data?

Dark data, the deep web, the dark web: it’s scary stuff. But when people talk about dark data, what do they actually mean? For many organizations, it’s simply the data they’ve gathered or obtained but do little or nothing with. In the mainframe world, it means something different. In addition to your production data, just think about all the copies that may be out there, for development and other purposes, the versions you don’t know about. You can also bet that an awful lot of organizations don’t bother with data obfuscation (DO), even though tools are available. Why is that? Because of the time and costs involved. When companies are cutting costs, some security measures—especially if you believe you already have control—are quickly abandoned.

So, are you sure you really have the level of control over your data that you think you have?

The bad guys don’t even have to go after your production data sets. Why bother, when they can, maybe far more easily, go after a copy or a backup? So what if it’s a couple of weeks old? There will still be more than enough, and it’s almost certainly unencrypted. So your data ends up being traded and bought on a dark web cryptomarket like Silk Road 3.

As this scenario illustrates, if we focus on protecting production data, we could miss the data theft actually being committed: it’s at best on the periphery of our vision, and at worst, completely outside our sphere of control.

The surface web and the deep web

Just like in The Matrix movies, the world is not as it seems. The surface web is just the tip of an iceberg, the 4 percent you can access using Google. The other 96 percent starts with deep web stuff like academic databases, legal documents, subscription-only resources, and so on, and then slides into proper illegality with the dark web: drugs, guns, having someone whacked… and, of course, fake passports, IDs and credit cards for financial and identity fraud, founded on the availability of unencrypted personal and financial data. Peel back the onion layers, use the Tor network, and you can find pretty much anything you might imagine.

The existence of the dark web and cryptomarkets gives serious value to your mainframe and personal data. That value creates demand, and with demand comes motivation.

Protecting data on the mainframe

Some 80 percent of the world’s system of record data already resides on mainframes. More commercial transactions are processed on mainframes than on any other platform. And in today’s connected Internet of Things (IoT) world, the mainframe no longer works in splendid isolation. Much of the mainframe data is being copied and copied and copied and copied. As mainframe professionals, we should all be worried about our data ending up in “the dunnest smoke of hell,” particularly as the mainframe is now an increasingly attractive target for the bad actors. To them, it’s just another computer. As a community, we need to seriously step up our game in mainframe security and be far more proactive in what we do and how we do it. Our clients, employers, shareholders and regulators are looking to people like us to gaze “through the blanket of the dark” and sort it out.

I’m looking forward to talking more about this at the upcoming #IBMTechU in London this May. I’ll be a keynote speaker on “Dark Data, The Dark Web and Mainframes…What are you talking about?”

I’m always amazed at the quality and breadth of the technical training on offer at our #IBMTechU events. IBM Systems Lab Services consistently provides in-depth training sessions, hands-on labs and demos delivered by IBM engineers, developers or product experts. The content in London covers IBM Z and IBM Storage on Z with over three hundred technical sessions. Check it out.

More IBM Systems Lab Services stories

IBM PowerAI Vision: A visual recognition AI solution

AI, IBM Systems Lab Services, Power Systems

Many organizations are interested in employing deep learning and data science but have a skill and resource gap that impedes adoption of these technologies. To address this need, IBM created an easy deep learning solution specifically for business users. Designed to lower the barrier of entry required to create AI applications, IBM PowerAI Vision — ...read more


Top IBM Power Systems myths: The OpenPOWER Foundation is not really an industry backed consortium

IBM Systems Lab Services, OpenPOWER, Power Systems

There are many misconceptions about IBM Power Systems in the marketplace today, and this blog series is helping to dispel some of the top myths. In my last post, I put aside the myth that the x86 architecture is the de-facto industry standard for all applications and that Power Systems will soon become obsolete. In ...read more


The rise of Open Source Databases

IBM Systems Lab Services, Linux on Power Systems, Power Systems

After many years of working in the IT industry, both as an IT manager in a large telecommunications setup and as a consultant providing solutions to my clients, I’ve come to see a huge interest among users in leveraging more open source software and standards. It comes as no surprise to me that the adoption ...read more