Physical security in the digital realm

Share this article:
Case study: Network clarity
Case study: Network clarity

Security experts spend a lot of time thinking about how to beef up defenses to deter attackers. That means implementing advanced firewalls to prevent and protect against SQL injection attacks, or upgrading cryptography to maintain safer communications.

IT pros, however, tend not to spend as much time pondering whether physical access to a computer system is locked down. And that is a bit of a shame, considering the experts, more than anyone, should know how easy it is for a crafty hacker to compromise a device once they have their hands on it.

“Whenever an attacker has physical access to a computer, safeguarding that system is much more difficult,” Ryan Linn, managing consultant at Trustwave, said. He pointed out that this is particularly true of money machines, such as ATMs and point-of-sale (POS) devices.

Last year was rife with these types of physical compromises. In October, attackers in Mexico were causing ATMs to spit out cash after they picked locks protecting CD-ROM drives and uploaded financial malware via compact disc. 

In December, researchers exposed an operation in Europe in which criminals bored through ATM casings to reveal USB ports. They then concealed the holes after compromising the machines with financial malware uploaded via thumb drives.

Also in December, Brazilian authorities in São Paulo removed the front of a sham ATM and uncovered a real one behind it. The fake was rigged with a working monitor so it looked authentic, but the shell actually contained skimmers and other recording devices. 

“Criminals tend to follow the money and ATMs are full of cash,” Linn said. But physical compromise of digital technologies is not limited to ATMs. 

In October, a group of men in Florida entered a Nordstrom store, distracted the staff and proceeded to plant skimming devices and keyloggers on registers. And just days after ringing in the New Year, a crook posing as a worker at a Chinese buffet stole customer card information using a skimming device.

“The criminals are getting more sophisticated and these types of attacks highlight the change in approach,” Linn said.

Core digital defenses continue to be a prime focus because of how many effective attacks are carried out remotely, but serious crooks will always seek to exploit weaknesses – and physical security is one such weakness.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in 2 Minutes On

Sign up to our newsletters

More in 2 Minutes On

Best practices for removing admin rights: A step-by-step approach

Careful control of administrator rights in the very foundation of IT Security. Allowing admin rights exposes a dangerous security risk, creating an easy entry point for advanced persistent threats, zero-day attacks and sophisticated malware.

Mobile-derived credentials

It's more than a trend. Mobile devices are becoming the new enterprise desktop. But mobile devices require the same security considerations to access corporate intranets or securely sending and receiving email.

Catching up to the insider

Catching up to the insider

Have effective changes been instituted to protect organizations from other Snowdens or negligent employees?