Tuesday, 15 September 2015

Hackers always try to be a step ahead, banks warned

Interview by The Star - Nicholas Cheng

KUALA LUMPUR: Banks should never think that they are safe from hacking because criminals are always finding ways to beat the system, says a cyber security expert.

When told of the latest ATM hacking, Cybersecurity Malaysia (CSM) Responsive Services vice-president Dr Aswami Fadillah Mohd Ariffin said: “They have upgraded!” 

He said the suspects must have a programmed credit card, which they used in their hackings, enabling them to override the operating system of the bank’s ATMs and issue commands to release money.

“Maybe the ATM’s operating system is outdated,” said Dr Aswami.

“If they were using Windows XP, that would make the system susceptible to hackings.

“A chip is like a mini version of a computer with its own operating system.

“It can be programmed to exploit the weaknesses in the outdated system and make it issue commands to withdraw certain amounts of money.”

After last year’s ATM hackings, the nation’s cyber security agency said it had issued advisories to banks on the need to upgrade their operating systems and pointed out the risks faced.

“But we don’t know if they actually took our advice. We are just like parents, you know.

“We can advise the children but it’s really up to them.

“But cyber criminals are always upgrading their technique. They are always finding a new way. So, agencies also need to keep up,” Dr Aswami said.

He suggested that finance institutions meet with Bank Negara Malaysia experts and come out with a solution on the latest technology they needed to adopt to prevent further hackings.

Dr Aswami said CSM was ready to help the central bank and the police in the digital forensic investigations into the latest hacking.

More info: