ATM security flaws could be a jackpot for hackers

A security expert has identified flaws in the design of some automated teller machines that make them vulnerable to hackers, who could make the ubiquitous cash dispensers spit out their cash holdings.

Barnaby Jack, head of research at Seattle-based, security firm IOActive Labs, will demonstrate methods for "jackpotting" ATMs at the Black Hat security conference in Las Vegas that starts on July 28.

"ATMs are not as secure as we would like them to be," Jeff Moss, founder of the Black Hat conference and a member of President Obama's Homeland Security Advisory Council said. "Barnaby has a number of different attacks that make all the money come out."

Jack declined to discuss his techniques before the conference. The world's biggest ATM manufacturers include Diebold Inc and NCR Corp. Officials with those companies could not be reached for comment.

Banks may cringe when he speaks, fearing would-be crooks will adopt his methods. But Moss said that going public will raise awareness of the problem among ATM operators and prompt them to tighten security.

One potential route of attack is via communications ports that are sometimes accessible from outside an ATM, Moss said.

"You want everybody to know there are possible ways to jackpot these machines, so they will go and get their machines updated," he said.

Joe Grand, a hardware security expert, said he was not surprised to learn of Jack's research.

"People are starting to realize that hardware products do have security vulnerabilities. Parking meters, ATMs, everything that has electronics in it can be broken," Grand said. "A lot of times a hardware product is just a computer in a different shell."

Comments

Evolution Of Computer Virus [infographic]

CONTINUE READING THIS POST..........

4 Free Apps For Discovering Great Content On the Go

1. StumbleUpon The granddaddy of discovering random cool stuff online, StumbleUpon will celebrate its 10th anniversary later this year — but its mobile app is less than a year old. On the web, its eight million users have spent the last decade recommending (or disliking) millions of webpages with a thumbs up / thumbs down system on a specially installed browser bar. The StumbleUpon engine then passes on recommendations from users whose interests seem similar to yours. Hit the Stumble button and you’ll get a random page that the engine thinks you’ll like. The more you like or dislike its recommendations, the more these random pages will surprise and delight. Device : iPhone , iPad , Android 2. iReddit Reddit is a self-described social news website where users vote for their favorite stories, pictures or posts from other users, then argue vehemently over their meaning in the comments section. In recent years, it has gained readers as its competitor Digg has lost them.

CONTINUE READING THIS POST..........

‘Wireless’ humans could backbone new mobile networks

People could form the backbone of powerful new mobile internet networks by carrying wearable sensors. The sensors could create new ultra high bandwidth mobile internet infrastructures and reduce the density of mobile phone base stations.Engineers from Queen’s Institute of Electronics, Communications and Information Technology are working on a new project based on the rapidly developing science of body-centric communications.Social benefits could include vast improvements in mobile gaming and remote healthcare, along with new precision monitoring of athletes and real-time tactical training in team sports, an institute release said.The researchers are investigating how small sensors carried by members of the public, in items such as next generation smartphones, could communicate with each other to create potentially vast body-to-body networks.The new sensors would interact to transmit data, providing ‘anytime, anywhere’ mobile network connectivity.Simon Cotton from the i

CONTINUE READING THIS POST..........

Technology Effect

Search This Blog