Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Banks prepare for ATM cyber crime
Kevin Poulsen, SecurityFocus 2004-11-10

An international group of law enforcement and financial industry associations hopes to prevent a new type of bank robbery before it gets off the ground: cyber attacks against automated teller machines.

Comments Mode:
Banks prepare for ATM cyber crime 2004-11-11
Ryan Rester (3 replies)
I hope they at least disable the services that are not exclusively required by the ATM and firewall every port that's not needed. I understand that there are things that are going to make it in no matter what, but is it really a good idea to use an OS that's so common and has so many non-essential s...

[ more ]  [ reply ]
Banks prepare for ATM cyber crime 2004-11-11
Anonymous
I've seen several OS/2 ATMs replaced with Windows and have questioned the vendors myself. The general answer seems to be that getting hardware to work with OS/2 is the problem. Data comm, receipt printers, and crypto keypads all require support that seems to be vanishing.

I've wondered why they...

[ more ]  [ reply ]
Banks prepare for ATM cyber crime 2004-11-12
John McGuire
Actually lanmanager in NT was originally OS2. Many of the vulnerabilities in the win32 environment related to file sharing/netbios are in code brought in from OS/2. The OS/2 boxes are probably more insecure in this area than XP embedded machines.

Certainly, netbios and other nonutilized services ...

[ more ]  [ reply ]
Banks prepare for ATM cyber crime 2004-11-12
Brian K.
Ryan,

I am an IT person in the banking industry, so I have a little insight into this. There were many forces at work in making that decision. For one, IBM will be ending support for OS/2 in the near future. I read somewhere that they were pushing for Diebold to use Linux as a replacement OS. F...

[ more ]  [ reply ]
Banks prepare for ATM cyber crime 2004-11-11
Anonymous
I remember seeing a couple of ATM's in the UK with a Windows error message showing. I thought Why would anybody in their right mind base an ATM on Windows?! So stupid.

Surely they could have chosen another embedded OS that isn't so bug ridden? Don't get me wrong I'm not an MS basher, I've been exto...

[ more ]  [ reply ]
Banks prepare for ATM cyber crime 2004-11-11
Anonymous (2 replies)


"Experts see new dangers as legacy ATMs running OS/2 give way to modern terminals built on Microsoft Windows"

Why aren't they running Unix on them?

it just makes sense security wise not

to mention Nix kicks Windows ass in

it's stabuility and uptime.

...

[ more ]  [ reply ]
Banks prepare for ATM cyber crime 2004-11-15
Anonymous (1 replies)
Blame the administrator not the default install.

My windows uptime would own your "l33t hax0r *nix"...

[ more ]  [ reply ]
Banks prepare for ATM cyber crime 2004-11-16
Anonymous
Yeah Right! Good attempt at humor!

I don't know any Windows machine that is more secure than my netbsd locked down box.

How can I make this claim?

I was on the CSC review of NT for C2 certification.....'After reviewing the amount of vulnerabilities of the system, we decided to give Windo...

[ more ]  [ reply ]
Banks prepare for ATM cyber crime 2004-11-15
beau
a gentleman said in another thread: its got to do with support costs. I'm sure that diebold is responsible for supporting these machines, so they choose the product that offers the most hardware support, as well as cheapest software support and/or programability. Its the same reason that anyone el...

[ more ]  [ reply ]
Banks prepare for ATM cyber crime 2004-11-15
iago
What scares me is that the company making them (Diebold) is the same company that was recently sued in several states for using non-licensed software on voting machines (getting software approved, then installing different software). They also do many other completely unsecure practices, like stori...

[ more ]  [ reply ]




 

Privacy Statement
Copyright 2009, SecurityFocus