Teacher
Professional
- Messages
- 2,669
- Reaction score
- 829
- Points
- 113
According to Gazeta Kommersant, referring to a study by the international company Positive Technologies specializing in information security, "Logical Attack Scenarios on ATMs", vulnerabilities were identified in 26 ATM models manufactured by NCR, Diebold Nixdorf and GRGBanking. In all, certain problems were identified. So, if you have access to the service area (that is, to the computer) of the ATM, attackers in 100% of cases can receive the data of customer cards that have passed through the card reader within 15 minutes.
Hackers can copy data from a magnetic stripe on cards, and not using a special skimming device (banks are protected from such attacks), but by intercepting information during data transfer between an ATM and a processing center or between an ATM operating system and a card reader.
About 85% of devices are vulnerable to attacks aimed directly at stealing funds. For example, hackers can hack an ATM using blackbox technology in 10 minutes. In this case, the attacker drills a hole in the ATM, connects his computer to the dispenser cable, and gives a command to dispense bills.
Positive Technologies analysts in the course of security analysis found that in most ATMs you can freely connect third-party devices, and in most cases ATMs did not prohibit the use of some common key combinations to gain access to operating system functions, and local security policies were configured incorrectly or were completely absent.
Hackers can copy data from a magnetic stripe on cards, and not using a special skimming device (banks are protected from such attacks), but by intercepting information during data transfer between an ATM and a processing center or between an ATM operating system and a card reader.
About 85% of devices are vulnerable to attacks aimed directly at stealing funds. For example, hackers can hack an ATM using blackbox technology in 10 minutes. In this case, the attacker drills a hole in the ATM, connects his computer to the dispenser cable, and gives a command to dispense bills.
Positive Technologies analysts in the course of security analysis found that in most ATMs you can freely connect third-party devices, and in most cases ATMs did not prohibit the use of some common key combinations to gain access to operating system functions, and local security policies were configured incorrectly or were completely absent.
