HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 10 MINUTES AGO.
You are here: Home / Network Security / $45 Million ATM Theft Sophisticated
Build Apps 5x Faster
For Half the Cost Enterprise Cloud Computing
On Force.com
Sophisticated Bank Hack Leads to $45 Million ATM Theft
Sophisticated Bank Hack Leads to $45 Million ATM Theft
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
MAY
10
2013


It only took a few hours for thieves to rob $45 million from ATM machines -- and it seems like it wasn't all that hard to pull off. Law enforcement agencies from more than a dozen nations organized to catch the thieves. That effort led to the arrest of seven people in the U.S., accused of operating the New York group of what prosecutors say was a criminal network spanning 27 countries.

According to the Associated Press, hackers got into bank databases, eliminating withdrawal limits on prepaid debit cards and creating access codes. Others, the AP reported, loaded that data onto any plastic card with a magnetic stripe -- an old hotel key card or an expired credit card worked fine as long as it carried the account data and correct access codes.

Time to Switch Readers?

Ken Pickering, development manager for security intelligence at CORE Security, told us the actual methodology is not yet known. He said the cyber theft was straightforward, but sophisticated.

"This is not some waiter who cloned your card at a restaurant and bought beer with it. This group was organized enough to steal $45 million in $20 dollar bills from ATMs in a coordinated way, in a very short amount of time. It's not opportunistic theft, but a sophisticated and coordinated theft that was planned over a long period of time," Pickering said.

"The attack reveals some significant flaws in ATMs. The fact that ATMs have a single point of failure -- the authorization system -- that allowed these guys to seize so much cash is evident. It's also clear that card technology is behind, because magnetic stripe cards can be easily cloned without any precaution."

Who is going to be caught? There were people who withdrew cash from the ATMs, and the ATMs took photos of them, but they're just money mules, Pickering said -- the real brains behind the attack is protected by layers, and is free to repeat this attack again.

"As much as it pains me to admit this, we're woefully behind in card security," he said. "Unfortunately, I think most people treat fraud as a 'necessary evil' in issuing magnetic-stripe credit cards, but the real problem is: How do we replace all the credit scanners in the U.S.?

"No company wants to issue a mandatory requirement to switch all readers and potentially lose out on transactions. So, we end up with this situation."

Pickering said that often, in analyzing the security of a system, it comes down to the weakest link.

"The real weakest link in this scenario was how easily these cards were modified and duped on a massive scale," he said.

Real-Time Monitoring Needed

Tom Cross, director of security research at Lancope, told us several attacks of this nature have occurred in the past few years. What makes this type of attack unique is not just the technical skill required to pull it off, he said, but the level of logistical coordination needed to perform nearly simultaneous withdrawals from large numbers of ATM machines.

"The fact that debit card processing infrastructure was compromised is a significant problem," Cross said. "There are a variety of different attacks that may have been possible given the access that these criminals had to the back-end infrastructure. The vulnerabilities that led to that compromise need to be identified and closed."

Unfortunately, Cross said, while breaches like this are often reported to the public, we rarely hear the specific technical vulnerabilities that the attackers were able to exploit in order to pull off the attack. It would be helpful, he added, if more organizations publicly disclosed the technical vulnerabilities associated with network security breaches, because this information helps their peers prioritize the steps they should take to lock down their own networks.

"This type of attack might be preventable if ATM networks were able to monitor transactions in real time for unusually large numbers of transactions involving individual cards or cards from the same issuing institution," Cross said. "Unfortunately, that type of infrastructure doesn't exist today, but perhaps it's time to consider creating and implementing it now -- especially after this latest attack."

Tell Us What You Think
Comment:

Name:

Curt Rostenbach:
Posted: 2013-05-20 @ 6:33am PT
"How do we replace all the credit scanners in the U.S.?"
I dunno, will it cost more than $45 million?

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
Barium Ferrite Is The Future Of Tape: Barium Ferrite (BaFe) offers greater capacity, superior performance, and longer archival life compared to legacy metal particle (MP) tape. Click here to learn more.
MORE IN NETWORK SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business

NETWORK SECURITY SPOTLIGHT
The federal government has issued an advisory warning that large swaths of critical industrial-control infrastructure could be vulnerable to hacks that take advantage of the Network Time Protocol.

ENTERPRISE HARDWARE SPOTLIGHT
Remember the classic BlackBerry that took the cell phone market by storm in its heyday? Well, it’s retro time at the Canadian handset maker as it rolls out the aptly-named BlackBerry Classic.

© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.