ATM Attacks Exploit Lax Security

[InfoSec News <alerts () infosecnews org>]

http://www.bankinfosecurity.com/atm-attacks-exploit-lax-security-a-4689

By Tracy Kitten
Bank Info Security
April 19, 2012

Lax security makes non-banking sites prime targets for skimming attacks, 
like the ones that hit eight hospitals in Toronto.

Earlier this week, Toronto police announced that eight area hospitals 
had been recent targets for ATM skimming attacks. Over the past six 
months, authorities believe fraudsters targeted these hospitals because 
of traffic and the high-volume cash dispensers in these locations. But 
security experts say the ATMs were more likely hit because they're easy 
targets.

"ATM placement in establishments like hospitals and 'cash only' 
enterprises seems to be an afterthought to security, with the 
installation of ATMs in really remote areas of the building, where 
fraudsters can easily tinker with skimming-device placement and 
retrieval without the threat of immediate capture," says John Buzzard, 
who monitors card fraud for FICO's Card Alert Service.

Beyond placing ATMs in remote locations, hospital staffers are not 
typically trained in what to look for when it comes to ATM tampering. So 
skimming devices could go undetected for months, depending on how often 
their cash is replenished by a cash carrier.

[...]


_______________________________________________
LayerOne Security Conference
May 26-27, Clarion Hotel, Anaheim, CA
http://www.layerone.org