ATMs, or automated teller machines, today face the Internet-born threat of worms and denial-of-service attacks, as well as being at risk from malicious applications that can harvest customer data or hijack machines.
In fact, most of the ATMs are at risk from these attacks as they rely on desktop PC technology--usually Intel hardware and Windows operating systems--linked to other machines, some connected to the Internet, in the bank's network, according to experts.
Security vendor Network Box illustrated this threat by showing that only the personal identification number was encrypted when information was sent from a U.S. ATM to networked bank computers. The card numbers, card expiration dates, transaction amounts, and account balances were clearly readable in plain text to anybody intercepting the data as it traveled through the network.
An early warning of this insecurity in modern ATMs came in 2003 when the Nachi Internet worm infiltrated "secure" networks and infected ATMs from two financial institutions, while the SQL Slammer worm indirectly shut down 13,000 Bank of America ATMs. The technology behind ATMs has changed dramatically over the last few years. Banks have largely moved their ATMs across to run operating systems such as Windows connected to a greater range of servers over an IP network.
Mark Webb-Johnson, chief technology officer of Network Box, said in the report: "The ATM industry is presented with the same security issues that we all face with our workstations that are connected to (the) Internet. A compromised ATM could result in a network being forced offline, and/or lost customer data and stolen identities."
Gyan Chawdhary, senior security consultant with IRM, told "that the shift among ATMs to modern PC infrastructure means it now requires only minimal programming knowledge to hack ATM machines successfully once access has been gained to its system. If you are a programmer and you have some programming experience, then it is a cakewalk. If an exploit will work on a home or office computer then it will work on these ATMs."
I guess, the most effective way to protect against these new threats is to use a multifunction device with routing, firewall, intrusion detection system/intrusion prevention system and VPN (virtual private network) capabilities, positioned in front of, and protecting, the ATM network.
In fact, most of the ATMs are at risk from these attacks as they rely on desktop PC technology--usually Intel hardware and Windows operating systems--linked to other machines, some connected to the Internet, in the bank's network, according to experts.
Security vendor Network Box illustrated this threat by showing that only the personal identification number was encrypted when information was sent from a U.S. ATM to networked bank computers. The card numbers, card expiration dates, transaction amounts, and account balances were clearly readable in plain text to anybody intercepting the data as it traveled through the network.
An early warning of this insecurity in modern ATMs came in 2003 when the Nachi Internet worm infiltrated "secure" networks and infected ATMs from two financial institutions, while the SQL Slammer worm indirectly shut down 13,000 Bank of America ATMs. The technology behind ATMs has changed dramatically over the last few years. Banks have largely moved their ATMs across to run operating systems such as Windows connected to a greater range of servers over an IP network.
Mark Webb-Johnson, chief technology officer of Network Box, said in the report: "The ATM industry is presented with the same security issues that we all face with our workstations that are connected to (the) Internet. A compromised ATM could result in a network being forced offline, and/or lost customer data and stolen identities."
Gyan Chawdhary, senior security consultant with IRM, told "that the shift among ATMs to modern PC infrastructure means it now requires only minimal programming knowledge to hack ATM machines successfully once access has been gained to its system. If you are a programmer and you have some programming experience, then it is a cakewalk. If an exploit will work on a home or office computer then it will work on these ATMs."
I guess, the most effective way to protect against these new threats is to use a multifunction device with routing, firewall, intrusion detection system/intrusion prevention system and VPN (virtual private network) capabilities, positioned in front of, and protecting, the ATM network.
Moreover, such a device should be separated from the rest of the bank's network, and all traffic coming out of the ATM should be encrypted.
No comments:
Post a Comment