Wednesday, June 18, 2014

OpSec: Cherchez-le!

ATM security threat: 14-year-olds?
The Bank of Montreal got a surprise security breach earlier this week in the form of two 14-year-old kids.

The Canadian ninth graders found an old ATM manual online and decided to use their lunch break at school to see if they could hack into an ATM, according to a story in the Winnipeg Sun.

Short answer: yes.
They guessed the password. On their lunch break. And then apparently had enough time to reprogram the security message to say "Go away. This ATM has been hacked." That's pretty freakin' ballsy right there. I do hope the young industrious high schoolers don't face any significant penalties for this.

Just something to think about the next time you're tempted to hit that ATM. Apparently the security at these machines should more accurately called "security," because it's barely a thin veneer meant to confuse the simple. If a couple 14-year olds can break into the machine, it's a damn cinch that actual criminals can as well.

Be careful out there, and only trust the security you provide yourself.

That is all.


Anonymous said...

thats a problem now that the ATM's with Windows XP now have no support.

Anonymous said...

My banking security depends on Windows XP? Now I'm truly scared.

They must be immigrant teens. Canadian teens would have made the message read "Sorry, this ATM has been hacked, please try elsewhere."