Interview by The Star - Nicholas Cheng
When told of the latest ATM hacking, Cybersecurity Malaysia (CSM) Responsive Services vice-president Dr Aswami Fadillah Mohd Ariffin said: “They have upgraded!”
He said the suspects must have a programmed credit card, which they used in their hackings, enabling them to override the operating system of the bank’s ATMs and issue commands to release money.
“Maybe the ATM’s operating system is outdated,” said Dr Aswami.
“A chip is like a mini version of a computer with its own operating system.
“It can be programmed to exploit the weaknesses in the outdated system and make it issue commands to withdraw certain amounts of money.”
After last year’s ATM hackings, the nation’s cyber security agency said it had issued advisories to banks on the need to upgrade their operating systems and pointed out the risks faced.
“But we don’t know if they actually took our advice. We are just like parents, you know.
“We can advise the children but it’s really up to them.
“But cyber criminals are always upgrading their technique. They are always finding a new way. So, agencies also need to keep up,” Dr Aswami said.
He suggested that finance institutions meet with Bank Negara Malaysia experts and come out with a solution on the latest technology they needed to adopt to prevent further hackings.
Dr Aswami said CSM was ready to help the central bank and the police in the digital forensic investigations into the latest hacking.