Be Wary of ATM Security Breaches

As the world turns into cyberspace, bankrobbers turn into ATM criminals. The crime is not as "sexy" as the stuff Hollywood makes movies about, but it pays large.

Bankrobbers of the Future

The article about women and the increase in crime during a recession, triggered a story I recently came across that pointed at the financial crimes committed through hacking into ATM machines. In a strange twist of fate ATM’s will soon render “old fashioned” bank robberies a hing of the past. No more Dalton Brother stories or Jesse James references. Bonny and Clyde stories will turn into folklore for future generations as these generations will not have our physical reference anymore to the institution of a bank building.
In many developed countries of the world, a actual trip to the bank is already a thing of the past as banking is done entirely electronically. In Western Europe the job of bank teller is at best sporadic, which also ended the idea of robbing a bank at gunpoint. Even though the US is late to this development, it is inevitable that the job of bank tellers will soon be phased out.

Parallel to this, there is a global Underground Economy concept developing that will soon make bank robberies part of history as well. We all experience daily the many different ways people try to defraud and steal from us and even though some of us are sophisticated enough to delete all the unbelievable offers that come into our laptop’s inbox, there is also a world of inexperienced users out there, who are unknowingly used as money laundering mules.

Today the ATM machine is the money accepting and dispensing machine of our society and its technology is deeply flawed. To gave an example how flawed: in the Eurozone countries alone there was more than 500,000,000 Euro (US $625 million) stolen (skimmed) through ATM’s in 2008.
The computer hacking world eagerly points at all he backdoors and open ended security breaches, but ATM vendors don’t seem to care or perhaps consider this “the cost of doing business.”
An MS Windows Cage is not enough to prevent stealing from ATM’s, according to cyber security specialists, and adding gadgets and functions to router security will only increase the chance of mistakes, bugs and open attack vectors such as coin dispensers, new routings towards telcos, charity contribution gateways etc.

As it is, ATM’s are already an open invitation for any amateur hacker to skim substantial funds and transform old fashion hacking for information into a crime for money. Skimming is only the beginning of the process that will lead to devastation of financial structures, according to cybercrime security specialists.

The attraction of the internet financial fraud approach is that it is much less dangerous in terms of being caught. It’s a global ‘opportunity’ as intellectually the crime moves from physical to mental. No guns are needed, no police shootouts or altercations with security guards, the crime is perpetrated from the privacy of home,  even though it requires a substantial investment on the criminal’s side in learning how to abuse inter connectivity in this world for the sake of the crime.
Modern day bank robbers need to learn how to create the malware and build the botnet. Once that is done they can start stealing personal and financial credentials, leading to e-banking attacks and e-commerce frauds. The real issue of getting away with these crimes is setting up money laundering networks. That is where the test of the system comes in.

Financial Cybercrimes do happen on many levels, but mostly in areas where we, the ordinary internet users, have no knowledge of the technology. It’s all too new and enticing. But fraud and embezzlement tricks that have been going around the world for centuries are now being sanitized and updated for internet use. Criminal organizations like the RBN (Russian Business Network) are recruiting cyber talent in large numbers without proper counter measures other than what is currently initiated by UNICRI, the United Nations Interregional Crime and Justice Research Institute.

The Cybercrime and Underground Economy problem is not a “tech people issue”, but a problem for ALL OF US, as the impact can (and will) devastate total financial systems if we’re not going to treat the threat seriously, much more seriously than we did the 2008 financial meltdown, which all our so called leaders didn’t foresee.

1 Comment

  1. publisher_sa

    Update In the news: “At least two divisions at HSBC Bank apparently failed card issuing 101 and are mailing out debit cards pre-activated. Because they are debit cards, fraudulent transactions come directly out of a victim's checking account. A similar report from 2004 suggests this issue is longstanding and widespread. When confronted with the evidence, HSBC would not commit to fixing this issue, preferring instead to offer vague statements like, 'Through our systems and analytics, we focus on the greatest and most active threats in an effort to avoid negatively impacting customer experience.” Sleep well dear customer.

Leave a Comment