Menu
09/11/2001
Researchers expose weaknesses in financial security
Concerns have been raised over potential security flaws in the system used by banks to protect PIN numbers from attack by fraudsters.
Researchers from Cambridge University have warned that the computer systems used to pass along information from cash machine to personal accounts are more easily intercepted than previously thought.
The weakness in the process lies in the cryptoprocessors – the ‘black boxes’ that scramble the details given to the cash machine by the user. These machines then also scramble the program used by the bank’s computers to check the validity of the PIN number entered. It is generally thought that such defence mechanisms afford a high degree of security – with the devices even designed to self-destruct if physically tampered with.
However, security experts have found that there are weaknesses in the system at the points where the different programs exchange information. Exploiting such weaknesses, researchers Michael Bond and Richard Clayton have been able to hack into machines previously thought inaccessible to outside attack.
Mr Bond explained: “Cryptoprocessors are the mainstay of the banking world. A lot of cryptoprocessors are built around the same design and they will have the same kind of faults.” He went on to detail how insiders within banking organisations could utilise the weaknesses to find out a wide range of financial security information.
Mr Clayton added: “A crooked bank manager could duplicate our work on a Monday and be off to Bermuda by Wednesday afternoon.” (CL)
Researchers from Cambridge University have warned that the computer systems used to pass along information from cash machine to personal accounts are more easily intercepted than previously thought.
The weakness in the process lies in the cryptoprocessors – the ‘black boxes’ that scramble the details given to the cash machine by the user. These machines then also scramble the program used by the bank’s computers to check the validity of the PIN number entered. It is generally thought that such defence mechanisms afford a high degree of security – with the devices even designed to self-destruct if physically tampered with.
However, security experts have found that there are weaknesses in the system at the points where the different programs exchange information. Exploiting such weaknesses, researchers Michael Bond and Richard Clayton have been able to hack into machines previously thought inaccessible to outside attack.
Mr Bond explained: “Cryptoprocessors are the mainstay of the banking world. A lot of cryptoprocessors are built around the same design and they will have the same kind of faults.” He went on to detail how insiders within banking organisations could utilise the weaknesses to find out a wide range of financial security information.
Mr Clayton added: “A crooked bank manager could duplicate our work on a Monday and be off to Bermuda by Wednesday afternoon.” (CL)
Related Northern Ireland Business News Stories
Click here for the latest headlines.
04 October 2002
Irish IT group secure email distribution contract
Irish IT company, e-blana enterprise group, has been appointed distributor of the Tovaris Email Security Solution (TESS) in the EMEA (Europe Middle East Africa) region.
Irish IT group secure email distribution contract
Irish IT company, e-blana enterprise group, has been appointed distributor of the Tovaris Email Security Solution (TESS) in the EMEA (Europe Middle East Africa) region.
02 August 2016
Cyber Security Briefing To Advise Businesses On How To Stay Safe Online
A free cyber security event is to be held in Belfast to advise businesses how to make themselves more secure. While advances in information technology fuel growth and transform how businesses operate, these advances "come at a cost", with cyber criminals actively using technology to commit crimes including fraud and extortion.
Cyber Security Briefing To Advise Businesses On How To Stay Safe Online
A free cyber security event is to be held in Belfast to advise businesses how to make themselves more secure. While advances in information technology fuel growth and transform how businesses operate, these advances "come at a cost", with cyber criminals actively using technology to commit crimes including fraud and extortion.
27 November 2014
CM Precision Components Creates New Jobs To Support Export Growth
Downpatrick company, CM Precision Components Ltd, is creating five jobs in an investment that will support the firm's export growth. The advanced engineering company produces precision machined components for the automotive, materials handling and aerospace sectors.
CM Precision Components Creates New Jobs To Support Export Growth
Downpatrick company, CM Precision Components Ltd, is creating five jobs in an investment that will support the firm's export growth. The advanced engineering company produces precision machined components for the automotive, materials handling and aerospace sectors.
10 November 2004
Industry urges NI to ‘play safe’ with cash cards
Cash machine users were today advised to keep playing safe when making cash withdrawals, despite fraudulent cash withdrawals in Northern Ireland falling by 8% to £368,000 over the past year. However, despite a fall in Northern Ireland figures the rest of the UK saw an average rise of 85% in fraudulent cash withdrawals over the same period.
Industry urges NI to ‘play safe’ with cash cards
Cash machine users were today advised to keep playing safe when making cash withdrawals, despite fraudulent cash withdrawals in Northern Ireland falling by 8% to £368,000 over the past year. However, despite a fall in Northern Ireland figures the rest of the UK saw an average rise of 85% in fraudulent cash withdrawals over the same period.
17 May 2019
Cyber Security Scholarships Launched At QUB
As Northern Ireland's cyber security industry gains in investment attraction, Queen's University Belfast is offering 40 full scholarships worth over half a million pounds for a specialist programme.
Cyber Security Scholarships Launched At QUB
As Northern Ireland's cyber security industry gains in investment attraction, Queen's University Belfast is offering 40 full scholarships worth over half a million pounds for a specialist programme.
-
Northern Ireland WeatherThis Evening and Tonight:Bright spells with a few showers continuing through this evening. Some drier, clearer periods in the early hours, before cloud builds and showers turn more persistent towards dawn. Minimum temperature 4 °C.
