Always Providing You With Ongoing Information

Posts tagged ‘Symantec’

Hackers Forcing ATMs To Spew Out Cash

typing3_001

 

Just By Texting

There is a calling for businesses and home users to upgrade their Windows XP systems. there is a new technique surfacing in Mexico whereby hackers are able to tap into ATMs by texting.

ATMs are computers that control access to cash, and about 95 percent of them run on versions of Windows XP.  Windows XP is slated end April 8, 2014 and the banking industry is facing a serious risk of cyberattacks aimed at their ATM fleet. Hackers are targeting ATMs with increasingly sophisticated techniques. 

ATM malware in Mexico, allowed hackers at ATMs to spew cash on demand using an external keyboard. That threat was named Backdoor.Ploutus. Some weeks later, it was discovered that a  new variant which showed that the malware had evolved into a modular architecture. The new variant was also localized into the English language, suggesting that the malware author was expanding their franchise to other countries. The new variant was identified as Backdoor.Ploutus.B. The variant of Ploutus  allowed hackers to  send an SMS to the compromised ATM, then walk up and collect the dispensed cash.  This technique is being used in a number of places across the world at this time.

ATM_blog_infographic_fig1.png

Modern ATMs have enhanced security features, such as encrypted hard-drives, which can prevent these types of installation techniques. However, for older ATMs still running on Windows XP, protecting against these types of attacks is more challenging, especially when the ATMs are already deployed in all sorts of remote locations. Another difficulty that needs to be addressed is the physical security of the computer inside the ATMs. While the ATM’s money is locked inside a safe, the computer generally is not. Without adequate physical security for these older ATMs, the attacker has the upper hand.  

Ways to make it difficult for hackers include

  • Upgrading to a supported operating system such as Windows 7 or 8
  • Providing adequate physical protection and considering CCTV monitoring for the ATM
  • Locking down the BIOS to prevent booting from unauthorized media, such as CD ROMs or USB sticks
  • Using full disk encryption to help prevent disk tampering
  • Using a system lock down solution such as Symantec Data Center Security: Server Advanced (previously known as Critical System Protection)

Category:

Apps, Big Data, Business, Cloud Computing, Cloud Services, Computers, Data, Digital, Information Professional, Internet, Law, Legal, mobile, Mobile Device, News, Technology, Uncategorized

Tagged with:

Tag Cloud