Barnaby Jack(Director of Research at IOActive Labs)

Jackpotting Automated Teller Machines

I've always liked the scene in Terminator 2 where John Connor walks up to an ATM, interfaces his Atari to the card reader and retrieves cash from the machine. I think I've got that kid beat. The most prevalent attacks on Automated Teller Machines typically involve the use of card skimmers, or the physical theft of the machines themselves. Rarely do we see any targeted attacks on the underlying software. Last year, there was one ATM; this year, I'm doubling down and bringing two new model ATMs from two major vendors. I will demonstrate both local and remote attacks, and I will reveal a multi-platform ATM rootkit. Finally, I will discuss protection mechanisms that ATM manufacturers can implement to safeguard against these attacks.

Sobre Barnaby Jack

Barnaby Jack is the Director of Research at IOActive Labs, where he focuses on exploring new and emerging threats, and recommending areas in which to concentrate IOActive's research efforts. Jack has over 10 years experience in the security research space and previously held research positions at Juniper Networks, eEye digital Security, and FoundStone. Over the course of his career, Jack has targeted everything from low-level Windows drivers to the exploitation of Automated Teller Machines. He has subsequently been credited with the discovery of numerous vulnerabilities, and has published multiple papers on new exploitation methods and techniques.

« volver a Speakers

NOVEDADES