So they just plugged it directly into the same network switch the ATM is on? That sounds incredibly dumb. The only ATMs I’ve seen the inside of had the network switch locked inside with the vault.
Also our bank had some kind of port security so if it wasn’t a recognized MAC address, the port just switched off.
Also our bank had some kind of port security so if it wasn’t a recognized MAC address, the port just switched off.
And serious company will have this as basic security. It’s a fundamental function even available on your consumer grade router at home. While it’s overkill for that use, it’s basic security for a company.
That’s why it’s not surprising at all that a bank didn’t bother to do that. Banks have some of the most egregious security issues.
… Which financial company do you work for?
That’s why it’s not surprising at all that a bank didn’t bother to do that. Banks have some of the most egregious security issues.
Remember when John Stewart only had SOME grey hair?
Hey, no judgement. 2020 had my hair looking like santa claus.
Same as anywhere else. Complacency, lax auditing, temporary fixes which are in place for years, non-technical people making technical decisions (choosing convenience over security, generally).
Any of the major banks consider breaches as cost of doing business at their scale compared to smaller banks. My bank prides itself on never having a breach, and it is insufferable to develop code for, but I guess it’s the price of security
That’s why it’s not surprising at all that a bank didn’t bother to do that. Banks have some of the most egregious security issues.
And really shitty auditors apparently. A good one would have at least spot checked for unsecured ports.
Yup, this is the way. Pretty crazy a bank doesn’t have proper security lol
This is quite an awesome attack if you think about it.
Its like Ocean 11
