Windows-Based Cash Machines – Easy To Hack
Published by: Codrut Nistor, in News
March5th2008
Some things are known by most people to exist, but only a few believe them without seeing. One of them are Windows-based cash mashines - we all have seen pictures with such things crashing, freezing, even delivering the "Blue Screen of Death", but to see such a thing live, that is really priceless! The bad part is that such ATMs are also easy to break into and steal information, according to security experts, and that's not as funny as seeing a BSOD when using your credit card at all(even that is not always funny)...
Yes, you got that right. My fingers hurt to write such things, but it seems ATMs must face worms, DoS attacks, as well as various malicious applications. According to recent reports, up to 90 percent of the ATMs in the UK could eb at risk, simply for relying on desktop PC technology, that being Intel hardware and Windows, in most cases.
Considering the above, "An ATM becomes like a PC with attached devices--it has to be kept up-to-date with hot fixes and patches," as Martin Macmillan, business development director, Level Four Software, says.
In my opinion, the problem when it comes to ATM security is not the fact that most of them are running Windows, but the fact that, lately, the networks that include these devices are not completely closed. All right, there would still remain the reliability problem, with some Windows-based ATMs having a downtime of up to 30 percent, but confidential data would be really secure.
As simple ATM users, we can't do anything else than freeze, when reading about such things than safes unlocked by using default key codes obtained from online safe manuals, but at least this was done by researchers from Information Risk Management, and not by some real thieves...
At last, when it comes to hacking such devices, it's enough to quote IRM's Gyan Chawdhary, who said "If you are a programmer and you have some programming experience, then it is a cakewalk. If an exploit will work on a home or office computer then it will work on these ATMs."
Yes, you got that right. My fingers hurt to write such things, but it seems ATMs must face worms, DoS attacks, as well as various malicious applications. According to recent reports, up to 90 percent of the ATMs in the UK could eb at risk, simply for relying on desktop PC technology, that being Intel hardware and Windows, in most cases.
Considering the above, "An ATM becomes like a PC with attached devices--it has to be kept up-to-date with hot fixes and patches," as Martin Macmillan, business development director, Level Four Software, says.
In my opinion, the problem when it comes to ATM security is not the fact that most of them are running Windows, but the fact that, lately, the networks that include these devices are not completely closed. All right, there would still remain the reliability problem, with some Windows-based ATMs having a downtime of up to 30 percent, but confidential data would be really secure.
As simple ATM users, we can't do anything else than freeze, when reading about such things than safes unlocked by using default key codes obtained from online safe manuals, but at least this was done by researchers from Information Risk Management, and not by some real thieves...
At last, when it comes to hacking such devices, it's enough to quote IRM's Gyan Chawdhary, who said "If you are a programmer and you have some programming experience, then it is a cakewalk. If an exploit will work on a home or office computer then it will work on these ATMs."
Loading ...
Want to add something? Post your comments