It’s funny how we make assumptions without the slightest bit of evidence to back them up. Maybe those preconceptions were placed in our minds through mass culture that dominates the world today, or it’s just an inherent part of human psychology. Perhaps there’s no definite answer and it’s unlikely that there will ever be one. However, we continue doing so, like assuming that the most competent military leaders must command an advance in order to minimize the loss of human life. However, as military history shows, this is rarely the case, since any armed force is composed of people that build complex relations that may involve personal preferences, trickery as well as corruption. People are bound to die due to the utter and complete incompetence of their commanders who themselves will escape any sort of retribution.
At this point, one can safely state that such assumptions don’t work in the world of IT security either, unless you believe that basic incompetence and ignorance are often the reason behind security breaches that cost millions of dollars. Wouldn’t it be just as logical to assume that the rich and powerful would put at least some form of protection in the way of criminals trying to steal their money? It seems so, but in reality it simply isn’t.
It’s amazing how cash dispensers remain the most vulnerable devices for hackers, with a regular computer possessing anti-virus protection installed being a sort of impregnable fortress in comparison with these cash-stuffed dispensers. Behind closed doors, this matter has been discussed for decades by all sorts of IT security experts, however, nothing has been done to address this situation. You see, any IT security department resembles a small army that is only concerned with one matter – getting more funding than they did last year. Now, if you have a 100% secure cash dispensers, how would you ever persuade your boss to pay you more? All this leads us to a situation where most cash dispensers being used today are operated using Windows XP, a terribly outdated system even for regular PCs, let alone a device that must withstand all sorts of hacker attacks. Even banks that are fully aware of this immense vulnerability are often unable to replace them due to a number of reasons, including tough competition in this sphere.
So, one can’t help but get the impression that there’s many computer experts in every country, knocking over one cash dispenser after another with relative ease, while IT security experts appear unable to explain how this is continuously done. For instance, just recently an article from ZeroHedge stated:
Russian daily Kommersant reports that the Bank of Russia detected malware that hides inside ATM’s operating memory which “forces” them to dispense cash to anyone who enters certain code on its keyboard. The paper cites the deputy head of information security Artem Sychev, and adds that cash machines made by NCR were among the ATMs mostly attacked.
Kommersant also writes that according to sources who received the Bank of Russia FinCert newsletter with a description of the virus, the virus in question is the so-called “Disembodied” or Bespalova virus that “lives” in ATM RAM. According to FinCert, the ATM virus was first noticed in Russia for the first time. Since the virus does not have a file body, it can not be removed by anti-virus programs and can live in infected ATM indefinitely, according to sources.
Even though it’s a far cry to call this recent virus “untrackable,” like any other form of defense in human history, anti-virus protection is only capable of tracking those viruses that have already been used before. Additionally, cyber criminals are capable of dissecting an algorithm used to track certain malicious programs, thus obtaining the knowledge necessary to bypass these algorithms. However, cash dispenser hacks can lead to considerable financial losses suffered even by the most powerful states.
For instance, last year it was announced that hackers stole 12.29 million baht (around 300 thousand dollars) from cash dispensers from all across Thailand. As it was reported by Thai PBS, this theft resulted in the costly suspension of about 4,000 potentially compromised ATMs.
With such reports appearing virtually every month, it’s funny that anti-virus software is being presented as the only viable option for defending cash dispensers. However, small companies have been developing a different option for protecting all sorts of devices and they have been fairly successful. This option is usually described as a domed principle, creating a fingerprint of a system, with every file and process being documented and set in a virtually unchangeable environment. No matter what sort of clever trick cyber criminals decide to use, there’s no way for them to inject their code under the dome. The problem with this technology is that modern computers are making changes in the way their OS works on an almost daily basis, so a PC protected by a domed system would find itself falling behind others that receive const ant updates, however, this technology makes even the most outdated cash dispenser a major challenge for cyber criminals. The only question is why are only a small fraction of all cash dispensers in the world being protected by this system?