JACKPOT: ATM Flaw Can Cause ATMs to Dispense All Their Cash!

August 24, 2010

At last month’s Black Hat Security Conference, a security researcher demonstrated his ability to make ATMs spit out all their cash. He also demonstrated an attack technique that resulted in the ATM revealing all of the magnetic track data from cards used at the ATM. Yikes!

How can financial institutions make sure they are not vulnerable to this risk?

Many TrustCC clients are unaware that TrustCC is certified to evaluate the security of ATM networks. We are one of only a handful of firms in the country that have a CTGA on staff. CTGA is the official certification for reviewing PIN and encryption key management practices for financial institutions on the STAR, NYVE and Pulse networks.

If your financial institution has ATMs you probably ought to have a review performed to evaluate your ATM security practices. This review also helps mitigate card skimming risks.

Software updates were released this week to remediate the particular vulnerabilities that led to the cash jackpot at the Black Hat Conference. If your organization uses either Hantle or Triton ATMs be sure to get the updates applied. For those of you running other brands of ATMs, you will want to make sure your vendor is regularly releasing updates and that they are applied.



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: