Newsletters
News & Information for Technology Purchasers NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home Enterprise I.T. Cloud Computing Applications Hardware More Topics...
Neustar, Inc.
Protect your website & network
using real-time information & analysis

www.neustar.biz
Microsoft/Windows
See data differently
Average Rating:
Rate this article:  
Sophisticated Bank Hack Leads to $45 Million ATM Theft
Sophisticated Bank Hack Leads to $45 Million ATM Theft

By Jennifer LeClaire
May 10, 2013 1:34PM

    Bookmark and Share
"As much as it pains me to admit this, we're woefully behind in card security," said security researcher Ken Pickering after a criminal group stole $45 million from ATMs. "Unfortunately, I think most people treat fraud as a 'necessary evil' in issuing magnetic-stripe credit cards, but the real problem is: How do we replace all the credit scanners in the U.S.?"
 



It only took a few hours for thieves to rob $45 million from ATM machines -- and it seems like it wasn't all that hard to pull off. Law enforcement agencies from more than a dozen nations organized to catch the thieves. That effort led to the arrest of seven people in the U.S., accused of operating the New York group of what prosecutors say was a criminal network spanning 27 countries.

According to the Associated Press, hackers got into bank databases, eliminating withdrawal limits on prepaid debit cards and creating access codes. Others, the AP reported, loaded that data onto any plastic card with a magnetic stripe -- an old hotel key card or an expired credit card worked fine as long as it carried the account data and correct access codes.

Time to Switch Readers?

Ken Pickering, development manager for security intelligence at CORE Security, told us the actual methodology is not yet known. He said the cyber theft was straightforward, but sophisticated.

"This is not some waiter who cloned your card at a restaurant and bought beer with it. This group was organized enough to steal $45 million in $20 dollar bills from ATMs in a coordinated way, in a very short amount of time. It's not opportunistic theft, but a sophisticated and coordinated theft that was planned over a long period of time," Pickering said.

"The attack reveals some significant flaws in ATMs. The fact that ATMs have a single point of failure -- the authorization system -- that allowed these guys to seize so much cash is evident. It's also clear that card technology is behind, because magnetic stripe cards can be easily cloned without any precaution."

Who is going to be caught? There were people who withdrew cash from the ATMs, and the ATMs took photos of them, but they're just money mules, Pickering said -- the real brains behind the attack is protected by layers, and is free to repeat this attack again.

"As much as it pains me to admit this, we're woefully behind in card security," he said. "Unfortunately, I think most people treat fraud as a 'necessary evil' in issuing magnetic-stripe credit cards, but the real problem is: How do we replace all the credit scanners in the U.S.?

"No company wants to issue a mandatory requirement to switch all readers and potentially lose out on transactions. So, we end up with this situation." (continued...)

1  |  2  |  Next Page >

 

Tell Us What You Think
Comment:

Name:

Curt Rostenbach:

Posted: 2013-05-20 @ 6:33am PT
"How do we replace all the credit scanners in the U.S.?"
I dunno, will it cost more than $45 million?



APC has an established a reputation for solid products that virtually pay for themselves upon installation. Who has time to spend worrying about system downtime? APC makes it easy for you to focus on business growth instead of business downtime with reliable data center systems and IT solutions. Learn more here.


 Microsoft/Windows
1.   Microsoft Buys InMage Recovery Tech
2.   Reinvent Productivity, Nadella Urges
3.   Microsoft Revamps Office 365 Plans
4.   Windows 7 Ends Mainstream Support
5.   Another IE-Focused Patch Tuesday


advertisement
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Report: Chinese Hackers Hit U.S. Personnel Networks
Hackers from China broke into the computer networks of the U.S. Office of Personnel Management earlier this year with the intention of accessing the files of tens of thousands of federal employees.
 
Charges: Russian Stole Data from U.S. Restaurants, Zoo
A Russian man arrested on bank fraud and other charges hacked into computers at restaurants in Washington, hundreds of other retail businesses, and even the Phoenix Zoo, authorities say.
 
Another Month, Another IE-Focused Patch Tuesday
Microsoft rolled out 59 vulnerabilities for Internet Explorer in June. But the IE-patching party is not over yet. Redmond published six new security bulletins on Tuesday; two, critical; three, important.
 

Navigation
NewsFactor Network
Home/Top News | Enterprise I.T. | Cloud Computing | Applications | Hardware | Mobile Tech | Big Data | Communications
World Wide Web | Network Security | Data Storage | Small Business | Microsoft/Windows | Apple/Mac | Linux/Open Source | Personal Tech
Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.