Friday, October 16, 2015

The subterfuge in ATMs is constantly increasing

In the last years we assist to an increase of the attacks against these large metal containers which are the cash machines. Despite of their physic robustness, is demonstrated that they are vulnerable via software having slots to plug in things that should be not plugged in. We'll comment statistics about this topic, as well as a study which alerts about the careless of our privacy by the councils. And we'll finish travelling to USA where the greats of technology have disclosed against the CISA law and some researchers who have discovered the hole exploited by the NSA to spy us when we're browsing. 

The European ATM Security Team just presented a report where is demonstrated the rise of fraud in ATMs, with an increase of 18% in loss money (156 millions of euros) in the first half of the year, comparing it with the same period of the last year. Most of this fraud, 131 millions of euros, are attributed to “skimmers”: cameras and devices which copy our data when we introduce the credit card. USA and the Asian-Pacific region, specially Indonesia, are the most affected.

Councils don’t protect our data

We continue with another study, this time made in Spain by the company Securízame, which concludes that more of 90% of the 77 principal councils in the country use vulnerable or directly obsolete encryption protocols, in operations which precisely should preserve the identity of the users. In this way, it would be easy for an attacker to steal personal data like name, surname, address, phone number, email and even tax data.

All against the CISA law

Talking about privacy, this has been the excuse of the big tech companies, like Google, Facebook, Amazon or Microsoft, to refuse and publicy protest against the law which is being processed right now in the American Congress, Cybersecurity Information Sharing Act (CISA). According to these companies, CISA prescribes mechanisms for the private sector to share information of their users with the government, but it doesn’t protect properly their privacy, because a citizen will never know if his browsing or his email are being spied, not putting limits to the quantity of information to share.

How the NSA spies the web

Everybody is talking about CISA but we would like to remind that it's the second part of another law proposal, CISPA, which in 2013 ended in the garbage after a frenzied protest against it. We’ll see now how it ends. On our part we finish with news we advanced yesterday in our Twitter and what today we can offer a better interpretation about than the simple report of the researchers: they have discovered the trick which allows NSA to decode our communications via HTTPS, SSH and VPN. Reading about cryptography is always hard, but the topic is very interesting, a worldwide big problem.

By the way, our Sunday interview also talks about cryptography, with a young person who made it very pleasant: Alfonso Muñoz. See you on Sunday, have a good weekend.


Post a Comment