7 sins of ATM protection against logical attacks presented at rootcon 2017

by Timur Yunusov,

Summary : Everyone is perfectly familiar with logical and black-box attacks on ATMs. But hardly any countermeasures have been taken so far: banks are sure that their devices are perfectly protected, until hackers prove them wrong. The most frequent reason why this happens is developers, engineers, and security staff' lack of expertise: they have a vague idea on attacks sources and vectors and what they should monitor and improve. In this presentation, we'll discuss in detail how exactly hackers break into ATMs and bypass security measures to make machines spit out all the money.