Before You Test An ATM VULNERABILITY OR BUG UNDERSTAND HOW IT WORKS ?
1) An ATM is composed of electronic subsystems with industrial controllers. However, behind the terminals there is a totally conventional computer that controls the system, in many cases with an outdated operating system.
2) If the cashier works with Windows XP, it will no longer receive technical support from Microsoft, so any vulnerability it suffers will remain unpatched , leaving it unprotected against hacker attacks.
3) ATM systems have vulnerable software , from non-updated Flash players, and with more than 9,000 known bugs, to remote management tools.
4) The manufacturers of these terminals usually think that ATMs always operate in normal conditions and that they have no operating errors. Therefore, in many cases, ATMs do not have antivirus , or authentication of the application that is responsible for sending commands to the cash dispenser.
5) If a part of the cashier does not contain money, why worry about its security?
> this is what most ATM manufacturers think. Thus, accessing the deposit and ticket dispenser is a complicated task since they are usually shielded and blocked.
6) access to the cashier's computer is quite simple . Security measures are not enough to stop cybercriminals, since the computer is protected only by a plastic case or a thin metal.
7) ATM modules are usually connected to standard interfaces, usually through USB and COM ports (serial port). However, many times the interface can be accessed remotely .
8) Since the Internet is the most economical form of communication today, banks use the Network to connect ATMs to their processing centers. However, many banks do not know that their terminals appear in the Shodan search engine .
> This site allows anyone to find a wide variety of systems connected only with the word " admin " as username and " 1234 " as password, thus demonstrating the poor security of these devices .
Follow us for more...
No comments:
Post a Comment