ATMs, new targets of virus attacks

Some days ago, an ATM in HCM City was reportedly attacked by viruses which made transactions come to a standstill. Internet security experts have warned that ATMs have become the new targets for virus attack in Vietnam.

Thai Nguyen Hoang Nha, Director of the Computing Centre of Dong A Bank, told Thoi bao Vi Tinh Saigon newspaper that an ATM of the bank was once attacked by W32/Conficker.worm virus. The ATM safeguard security system discovered the virus and neutralized it.

However, due to the system error, it was impossible to delete all the marks after isolating the virus. Therefore, the ATM stopped transactions and reported error. He said that the system that operates in ATMs is a version of Microsoft Windows, therefore, ATMs are likely to be infected. In order to deal with the risk, banks have to install with security systems which allow to isolate and kill the viruses when discovering them.

Vu Ngoc Son, Director of Virus Division of BKIS (Bach Khoa Internetwork Security), said that Conficker is a type of virus which communicates through MS08-067 vulnerability of Windows operating system. If ATMs are infected with the virus and the security system cannot control them well, this will cause big damages, because the information about clients’ accounts will be stolen.

However, Nha from Dong A Bank believes that though the virus can attack ATMs, it will not be able to interfere with the finance transactions of the bank. Transactions with ATMs have to go through a lot of doors, including the security, encoding and confirmation steps. Without confirmation keys (PIN codes and ATM cards), in order to interfere with finance transactions, it is necessary to penetrate the central system of the banks. Meanwhile, the method of exchanging confirmation keys is run on a mechanism independent from Windows. Therefore, even when virus attacks ATMs, it will not be able to change transactions.

The only damage to be caused is that transactions with ATMs can be interrupted, according to Nha.

Fixing security vulnerability – the only solution

Expert Vu Ngoc Son said that in case viruses are found in the ATM network, administrators should check and scan all the computers in the network. Conficker is a type of virus which has been spreading and dispersing all over the world since last April. It is estimated that one million computers worldwide have been infected with the virus.

Currently, all anti-virus software have updated the database to identify the virus. However, in order to be able to absolutely stop the attack of the virus, after detecting viruses, administrators need to update the MS08-067 error patching version for all the computers in the system.

According to security experts, commercial banks and finance companies in Vietnam have made large investment to develop information technology infrastructure and network security solutions. However, a survey conducted by BKIS some time ago showed that many banks in Vietnam are still vulnerable.

After hearing the news that an ATM was attacked, banks said they have examined their ATM networks and strengthened their security solutions in order to ensure transactions’ safety.-Thoi bao Kinh te Saigon

Tags: Vietnam ATM system