The ManicaPost
Bank ATMS are vulnerable to hacking because of outdated software, a global security firm has found.
Security outfit Kaspersky Lab has discovered that ATMs are vulnerable to hacks because many run the Windows XP operating system which is no longer supported by Microsoft.
The company conducted penetration testing as well as investigations into bank heists to determine the possibility of breaching bank digital defences.
“The results of our research show that even though vendors are now trying to develop ATMs with strong security features, many banks are still using old insecure models and this makes them unprepared for criminals actively challenging the security of these devices,” said Olga Kochetova, security expert at Kaspersky Lab’s Penetration Testing department.
In SA, many criminals target ATMs with bombings and card skimmings to steal money.
However, Kaspersky said that malicious software was also becoming an ideal vehicle for criminals to compromise ATMs.
The company identified a gang dubbed Carbanak in 2015 which stole an estimated $1bn from over 100 financial institutions in a carefully orchestrated spear phishing attack.
Tyupkin malware (Backdoor.MSIL.Tyupkin) on ATMs was discovered in 2014. Through the use of the malware, cyber criminals are able to empty ATM cash cassettes through direct manipulation.
But the malware has built-in security features that make it difficult to detect and remove: It only functions at specific times at night and operates with a key generated for every session.
Because Microsoft has ceased support for Windows XP, ATMs may remain vulnerable, said Kaspersky.
“In the vast majority of cases, the special software that allows the ATMs PC to interact with banking infrastructure and hardware units, processing cash and credit cards, is based on XFS standard. This a rather old and insecure technology specification, originally created in order to standardise ATM software, so that it can work on any equipment regardless of manufacturer,” the company added.
“Should malware successfully infect an ATM, it receives almost unlimited capabilities in terms of control over that ATM: It can turn the PIN pad and card reader into a ‘native’ skimmer or just give away all the money stored in the ATM, upon a command from its hacker,” said Kaspersky.
The South African Banking Risk Information Centre (Sabric) has advised bank customers to be aware of suspicious people near ATMs and to not ask not accept help from people at cash machines.
Sabric also advised bank customers to be wary of different display layouts on ATM screens as it may be an indicator of tampering and not to force cards into machine slots. — Online.
