\u00a0<\/p>\n
The FBI is investigating an ATM scam<\/a> that has occurred within a 30 minute period on November 8th<\/sup>. About 130 different ATM machines have been accessed to withdraw a total of about $9 million dollars. The scam hit 49 cities worldwide, including Moscow, Chicago, New York, Hong Kong and Montreal.<\/p>\n The FBI says that the operation was very well coordinated, and at this time no suspects have been identified.<\/p>\n The description of the attack follows. First, the computer system of the payment processing company called RBS WorldPay was hacked.<\/p>\n \u201cOne service of the company is the ability for employers to pay their employees with the money going directly to a card, called payroll cards, a lot like a debit card that can be used in any ATM.\u201d \u00a0<\/span>The hacker was able to access the system and steal all the information needed to create the duplicates of the ATM cards.<\/p>\n Then, a group of people all over the world took the fake cards and visited locations with ATM machines to withdraw money. These individuals are referred to as \u201ccashers,\u201d and believed to be \u201clow-level players, in a scheme devised from some mastermind \u2013 a dangerous computer hacker or hacking ring.\u201d<\/p>\n The most interesting part is that the hacker was able to achieve retrieval of $9 million with just about 100 cloned cards. Normally, the cards would have a limit for maximum amount to withdraw a day. \u00a0<\/span>This is done for protection against card theft, so that even if both \u2013 the card and the pin are compromised, it is still not possible for the thief to withdraw a large amount of money. However, the hackers were able to trick the system, and allow multiple withdrawals possible, as if no limitation existed.<\/p>\n The RBS WorldPay says that none of the card holders will be accountable for any illegal transactions. However, it is possible that personal records and sensitive information, of potentially 1.5 million customers stored in the system, has been compromised.<\/p>\n It is still not clear what security hole the attacker has found in the system, since the FBI did not reveal all the information, and the case continues to be under investigation. However, it is clear that the system has had a serious security hole, which allowed the attacker to break in the system, and obtain the information to be encoded on the ATM cards.<\/p>\n Also, it is not obvious how the attacker was able to increase the maximum amount of money that can be withdrawn. We are guessing that the hacker was able to change information stored in the RBS system, which allowed skipping or altering limitation check of money withdrawals.<\/p>\n It is possible that the attacker was able to obtain the information he needed for card duplication, because the customer data has not been encrypted with appropriate security level. This could have been prevented if it was not easy to decode the account information.<\/p>\n In addition, a possible prevention of the attack could have been the increase of security within the card itself. For example, a feature that would prevent cards from easily being physically cloned could have been introduced.<\/p>\n Of course, the amount of money that has been stolen might not even be the biggest issue. Even though it has not been confirmed yet whether the identity theft has occurred, since the attacker was able to access all the required information to create card duplicates, it would be safe to assume that he has also stored personal sensitive information to conduct identity theft attacks in the future.<\/p>\n As the response to the attack, the RBS WorldPay hired a security company that is conducting the investigation to reveal the problems with the current system and to suggest the ways of prevention of such attacks from happening again. Also, the card holders have been notified, and the credit protection has been granted to the victims of the attack for the following year.<\/p>\n There is no such thing as 100% secure system. Sometimes the security holes can be identified soon enough to prevent an attack. However, often we learn about the vulnerabilities the hard way. It is possible that other companies have similar security threats in the system, and it is now a good time for them to make sure that their customers are protected from such attacks.<\/p>\n \u00a0<\/p>\n","protected":false},"excerpt":{"rendered":" \u00a0 The FBI is investigating an ATM scam that has occurred within a 30 minute period on November 8th. About 130 different ATM machines have been accessed to withdraw a total of about $9 million dollars. The scam hit 49 … Continue reading