funsec mailing list archives

Re: Windows-based cash machines 'easily hacked'

From: "Dennis Henderson" <hendomatic () gmail com>
Date: Tue, 18 Mar 2008 09:59:58 -0500

On Tue, Mar 18, 2008 at 6:58 AM, Kitsune <kitsune () sbcglobal net> wrote:

----- Original Message -----
From: "Dennis Henderson" <hendomatic () gmail com>
To: <Valdis.Kletnieks () vt edu>; "der Mouse" <mouse () rodents montreal qc ca>;
<funsec () linuxbox org>
Sent: Tuesday, March 18, 2008 4:28 AM
Subject: Re: [funsec] Windows-based cash machines 'easily hacked'

and lives on an isolated network,


"All of your slightly informed ranting on ATMs is very amusing."

Which isolated netwok are you speaking of? They are part of the branch's
network, connected to the same switch, router and cloud as all of the
other
branch IT infrastructure.


Perhaps your ATM's are on your WAN. Not all banks share your strategy. Some
banks have far more ATMs deployed at gas stations and malls than branches.
Makes the isolated network strategy very easy to pull off.

There are a several ways to deploy ATM technology. There are also other
vendors than NCR that have different priorities about ATM security.

Since the ATM is a potential external entrance point into a network, it
should be treated as untrusted or semi trusted and deployed in a manner
consistent with the networking trust model. If you're not doing that, then
you should be. Securing the money is not the only priority here.

If you're simply letting your vendor make all the decisions about your ATM's
then you're not really doing everything you can to make them as secure as
they can be.

Vendors can and will partner with you on security strategy and it is
possible to reasonably secure these devices. Not pefectly, but commercially
reasonably. You can push the threat vectors and the threat probabilities
down into levels that are manageable.


Many of those desktops can reach the internet with ease. can you say
'vector'? I knew you could.



Read above.


The days of multi-drop SDLC and bisync isolated ATM networks are long
gone.


That is true, nevertheless, read above.

Dennis

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Re: Windows-based cash machines 'easily hacked', (continued)
- Re: Windows-based cash machines 'easily hacked' Larry Seltzer (Mar 17)
  - Re: Windows-based cash machines 'easily hacked' Dennis Henderson (Mar 17)
    - Re: Windows-based cash machines 'easily hacked' Andy Sutton (Mar 17)
    - Re: Windows-based cash machines 'easily hacked' Dennis Henderson (Mar 17)
  - Re: Windows-based cash machines 'easily hacked' Nick FitzGerald (Mar 17)
  - Re: Windows-based cash machines 'easily hacked' Chris Buechler (Mar 17)
    - Re: Windows-based cash machines 'easily hacked' der Mouse (Mar 17)
    - Re: Windows-based cash machines 'easily hacked' Valdis . Kletnieks (Mar 17)
    - Re: Windows-based cash machines 'easily hacked' Dennis Henderson (Mar 18)
    - Re: Windows-based cash machines 'easily hacked' Kitsune (Mar 18)
    - Re: Windows-based cash machines 'easily hacked' Dennis Henderson (Mar 18)
    - Re: Windows-based cash machines 'easily hacked' Kitsune (Mar 18)
    - Re: Windows-based cash machines 'easily hacked' der Mouse (Mar 18)
    - Re: Windows-based cash machines 'easily hacked' Dennis Henderson (Mar 18)
    - Re: Windows-based cash machines 'easily hacked' Rich Kulawiec (Mar 18)
    - Re: Windows-based cash machines 'easily hacked' Dennis Henderson (Mar 18)
    - Re: Windows-based cash machines 'easily hacked' Valdis . Kletnieks (Mar 18)
    - Re: Windows-based cash machines 'easily hacked' Kitsune (Mar 17)
- Re: Windows-based cash machines 'easily hacked' Kitsune (Mar 18)
  - Re: Windows-based cash machines 'easily hacked' Dennis Henderson (Mar 18)
    - Re: Windows-based cash machines 'easily hacked' Kitsune (Mar 18)

(Thread continues...)