Hackers to encash from ATM security flaws

Hackers to encash from ATM security flaws

By SiliconIndia   |   Monday, 28 June 2010, 02:41 Hrs   |    6 Comments
Printer Print Email Email
Hackers to encash from ATM security flaws
Bangalore: Flaws have been detected in the automated teller machines (ATM's) design that has made these ARMs vulnerable to hackers and the cash dispensers may have to let go off their cash holdings.

The method for 'jackpotting' ATMs will be demonstrated by Barnaby Jack, head of research at Seattle-based, security firm IOActive Labs at the Black Hat security conference in Las Vegas to be held on July 28.
"ATMs are not as secure as we would like them to be. Barnaby has a number of different attacks that make all the money come out," said Jeff Moss, founder of the Black Hat conference and a member of President Obama's Homeland Security Advisory Council.

Diebold and NCR are the world's biggest ATM manufacturers. Moss feels that, inorder to raise awareness of the problems among ATM operators and keep them prepared to secure themselves from such problems, there is a need to go public and communication ports that are sometimes accessible from outside an ATM is a potential route of attack.

"People are starting to realize that hardware products do have security vulnerabilities. Parking meters, ATMs, everything that has electronics in it can be broken. A lot of times a hardware product is just a computer in a different shell," said Joe Grand, a hardware security expert.

Write your comment now
Submit Reset
Reader's comments(6)
1: Instead of demonstrating to the public, can demonstrate to specific persons who can resolve the problem.
Posted by:Nivetha Ganesan - 29 Jun, 2010
2: We are coming very close to forcefully introduce a paperless currency (remember IDEA ad, where a customer negotiates with vegetable vendor and transfers the currency via SMS).

Some day or other this should be in place to avoid such problems.

There will always be counter problems for every solution.
Posted by:KA Prabbu - 28 Jun, 2010
3: There can't be any solution to such hacking.
Posted by:geeta - 27 Jun, 2010
If its demonstrated to the normal public, wont it be like teaching the non-hackers, how to hack the system? I think this should be resolved first and then can demonstrate to the public.
Manoj Verma Replied to: geeta - 27 Jun, 2010
Yep that's true and i agree manoj :)
Because without finding a solution it is not good to demonstrate it to the public otherwise they themselves will be in trouble to keep solving the new issues every time they invent something
itidiot Replied to: Manoj Verma - 28 Jun, 2010
These are the latest threat happening now. I think NCR & Diebold has taken almost all H/W security measures, but it is most important that all bank should be aware that this is a major disaster if it broke out. RBI is bringing lot of security guidelines, but all banks should deploy these asap to avoid customer dissatisfaction and loss to the bank.
G. Unni Replied to: Manoj Verma - 28 Jun, 2010