The Cash-Machine Capers

Banks that once sent ATM communications over expensive closed networks have begun to use the public Internet to cut costs, relying on encryption to protect data. A South African man who has worked with ATM hackers on unrelated projects, and who spoke on condition of anonymity to avoid legal problems, says some of the most skilled hackers are shifting attention to mastering two highly sophisticated illicit encryption-cracking software programs, called Ettercap and Kismet, in a bid to extract money from Internet-based ATM networks. John Abraham, president of Redspin, a Cupertino, California-based computer-security firm specializing in ATM networks, says some of these crooks have been successful.

The increase in electronic ATM thievery is sounding a wake-up call, Abraham says. In Europe last year there were almost 5,000 ATM attacks reported to the European ATM Security Team, the organization with the most comprehensive statistics. That works out to 14.65 attacks per 1,000 ATMs, and a single attack can last for days and reap data from many cards. "This is going to be the next way to rob the bank,'' says Fabrice Marie, a principal at Singapore-based FMA-RMS, a security firm. Electronic ATM robbery is neither easy nor safe, but many, it appears, prefer it to wielding a blowtorch or driving straight into a block of steel.

© 2008