December 18, 2016 – Steve Weisman’s latest column for USA Today

Looking ahead to the new year and the challenges it will present in regard to cybersecurity, here is my latest column from USA Today in which I present my predictions for the world of cybersecurity for 2017.  Although it may seem a bit daunting, there are steps we can all take to protect ourselves and I will describe those in my next column.

Scam of the day – August 31, 2016 – Massive ATM heist

ATM robbery is increasing dramatically.  According to FICO Card Alert Service, a company that monitors ATM activity for banks, ATM skimming attacks increased by 546% from 2014 to 2015 and this trend shows no indication of slowing down in 2016.  Skimmers are small devices that can be attached to ATMs either on the outside or inside of the machine that capture the data from your card when you insert it into the ATM.  This problem is exacerbated by the fact that ATMs still are using the old-fashioned magnetic strip cards rather than being updated to take the newer EMV chip cards that create a new code for every transaction that would render the skimmer useless.   The trade regulations requiring the switch over to chip cards for ATMs  go into effect for ATM transactions using MasterCard debit cards  October 1, 2016, but Visa’s deadline is not until October 1, 2017.  The regulations themselves are not laws, but rather rules of the banks and credit card processors that shift liability for fraudulent card use to companies not switching over to the EMV card readers before the deadlines.  It has been estimated by the National ATM Council that less than half of ATMs will be EMV card ready by October 2016.

However, things aren’t as bad as you think.  They are far worse.

Enterprising criminals recently managed to hack 21 ATMs of the Government Savings Bank in Thailand stealing approximately $350,000.  What was significant about this particular hacking was that in this case, skimmers weren’t used in the attack on the ATMs and money was not stolen from individual account holders as in the recent 13 million dollar heist from Japanese ATMs located at convenience stores over a three hour period.  In this case, the hackers inserted a malware infected card into the ATMs that reprogrammed the ATMs to allow them to withdraw money from the ATMs directly without being allocated to any particular account.  Inserting malware through portable USB external hard drives into ATMs and reprogramming them to release cash to hackers is exposing vulnerabilities in the security of many ATMs.


The banking industry has got to keep pace with the attacks by sophisticated criminals upon ATMs.  Switching to EMV chip cards will help significantly from the less sophisticated hackers using skimmers, but it won’t help against the more sophisticated hackers attacking ATMs by changing the machine’s programming.  Better security needs to be implemented to combat this threat immediately.

Meanwhile as for us as customers, the best you can do is to generally refrain from using private ATMs and ATMs  that are not embedded in walls.  The stand-alone ATMs are more vulnerable to a number of different types of hacking.  You should also feel around to see if anything is loose where you insert your card and for any evidence of tampering and use another machine if you find any indication that the ATM has been altered in anyway.  Also cover the keypad when you insert your PIN.  Finally, monitor the bank account to which your ATM card is attached regularly to recognize any fraudulent use as soon as possible to avoid personal liability if you delay in reporting fraudulent use of your card.

Scam of the day – October 25, 2014 – Sergei Tsurikov sentenced to 11 years for credit card hacking

Sergei Tsurikov, an Estonian hacker was sentenced to eleven years in federal prison following his conviction for the sophisticated hacking of RBS WorldPay, a credit card processing company.  The scheme involved hacking into the computers of RBS WorldPay, breaking the encryption software used by RBS WorldPay and accessing the customer data on payroll debit cards used by a number of RBS WorldPay’s customers to pay their employees.  Payroll debit cards are used as a way of allowing employees to conveniently withdraw their wages through ATMs.  Through his hacking, Tsurikov was able to raise the account limits on the hacked accounts and then provided a network of his accomplices around the world with 44 counterfeit cards that were used to withdraw more than 9 million dollars from more than 2,100 ATMS in more than 200 cities in the United States, Russia, Ukraine, Estonia, Japan and Canada and other countries.  The entire robbery was accomplished in less than twelve hours.


Sophisticated hackers are rarely caught and prosecuted, which is one reason that this type of crime is such a growth industry.  In particular, one of the problems has been getting the cooperation of foreign law enforcement agencies necessary to take effective action against this type of crime.  However in this instance, there was significant international cooperation throughout the investigation and later prosecution by law enforcement agencies in the United States, Estonia, the Netherlands and Hong Kong.  Ultimately, it was Estonian law enforcement that apprehended Tsurikov who was then extradited by Estonia to the United States where he was put on trial and convicted.  This is a very positive step forward in fighting international cybercrime.

Scam of the day – March 27, 2014 – ATM hacking danger exposed

As I first reported to you on March 21st’s Scam of the day, on April 8th Microsoft will stop supporting the Windows XP operating system with security updates and patches.  This is very significant because upwards to 95% of ATMs use the Windows XP operating system as do thousands of government websites with which we all do business.  Hackers and identity thieves are constantly working to locate and exploit vulnerabilities in computer software toward their criminal ends.  Unless the banks using  the Windows XP operating system act quickly to upgrade their operating systems to other programs, they will be increasingly vulnerable to hackers and identity thieves.  In fact, as Microsoft issues, as they do each month, new security alerts describing the patches we need to install in order to maintain the security of our systems, what Microsoft will also be doing is informing hackers and identity thieves about similar vulnerabilities that exist in the Windows XP program for which there will be not patches or updates.

A new way to breach the security of ATMs was also disclosed this week by the computer security company Symantec.  Symantec described a new tactic by which ATMs can be hacked into by a hacker who connects a targeted ATM to his or her smartphone through a USB thereby setting up a connection that can be exploited by sending a command via the phone to the ATM to disperse the cash to the hacker.  This problem will only be made worse as security patches cease to be provided in the future for Windows XP.


Whenever you use an ATM always carefully observe the machine for any evidence of tampering and do not use a machine that does look like it has been tampered with by a skimmer or any other visible alteration.  Also, regularly check your bank account balances for any evidence of fraud so that you can report the matter as soon as possible to your bank in order to protect yourself from losses.  Finally, in regard to the specific issue as to Windows XP and ATMs, ask your bank what operating system they are using and if it is Windows XP, you may wish to find out what ATMs near you do not use this system.