A
cybercrime expert said all you need is a RM100 chip, some technical knowledge
and free malware obtained over the Internet to hack Automated Teller Machines
(ATMs).Speaking exclusively to FMT in regard to the recent hacking of 17 ATMs,
he said, “What you need is a mastermind, a RM100 computer chip and possibly a
bank ‘insider’ to execute the attacks.”
Explaining
the intricacies of the hacking, he said, “He (the hacker) will know where the
locks and connections are, the model of the machine, the level of security and
the version of the operating system.”He added that the mastermind would then
employ someone else to do the work.He pointed out, “The guys caught on the CCTV
are not the actual criminals.
ATMs
at three more bank branches have been hacked and almost RM450,000 (S$175,000)
stolen as police launched a nationwide hunt for the Latin American suspects
responsible for the thefts.The spate of ATM hacks continued with the United
Overseas Bank (UOB) branch in Jalan Imbi yesterday reporting a RM92,900 theft
by one of the hackers.
Statistics
from industry bodies provided by Lau’s firm revealed that Malaysia had an
average of 17.66 phishing sites per 1,000 host computers, three times higher
than the global average of five per 1,000 host computers.Lau said banks in
Malaysia had a “basic layer” of protection for their online and mobile banking
platforms, but added banks needed to respond accordingly as threats are
becoming more sophisticated.
While
acknowledging that the lack of technology upgrades could be a contributing
factor to the security systems breach, the expert also believed the
lackadaisical attitude of banks was the underlying reason for the spate of ATMs
hackings.The expert also highlighted several other weaknesses that surfaced.
Among them were the use of outdated ATM operating systems like Windows
XP. Banks have been taking things for granted because nothing like this
has ever happened before.