1 PROTECT YOUR AUTOMATIC TELLER MACHINES AGAINST LOGICAL FRAUD FROM SKIMMING TO THE LOGICAL FRAUD, THE NEW COMING ATM AND KIOSK RISK
2 ABSTRACT 4 WHICH ARE THE RISKS ASSOCIATED TO AN ATM NETWORK 4 ATM EMERGING THREATS 6 TECHNOLOGIES 8 WHY IS MY ATM SO VULNERABLE? SECURITY CONTROLS 9 SECURING YOUR ATM NETWORK, SECURITY POLICIES 12 COMPREHENSIVE PROTECTION 14 BEYOND AUDIT 16 CONCLUSION 17 2 / Copyrights GMV Soluciones Globales Internet, S.AU. All rights reserved.
3 ABSTRACT Do you believe your ATMs or Kiosks are secure? If you do, you should take a look at the recent news related with ATM hacking that have been published during the last year, and then, you should not ask yourself HOW your ATM could be vulnerable but WHY, and then and only then, you will find the appropriate answers. Nowadays, cybercrime is one of the main government s security agencies concerns. Initiatives like CyberStorm or CyberEurope demonstrate that critical infrastructures protection against cybercrime is considered one of the most important security issues. Recent cyber attacks like Stuxnet or Skimer in Russia and the Ukraine to the ATM Financial infrastructure have demonstrated that targeted attacks against valuable assets are becoming more and more sophisticated. Do you think your ATM network is a valuable asset? Are you aware of the new techniques employed to attack ATM networks? New risks are arising and new protection paradigms must be deployed in order to minimize the consequences. This whitepaper will try to show you the new risks on ATMs, the causes, motivations, and which are the necessary elements that an ATM needs in order to minimize the risks of logical fraud. Checker ATM Security product will provide you all those elements, since Checker ATM Security is a product specifically design to solve this problem, being compliant with the most advanced regulations as PCI-DSS. WHICH ARE THE RISKS ASSOCIATED TO AN ATM NETWORK The arrival onto the financial self-service scene of the Microsoft Windows operating system together with the use of IP networks, for communications services, has resulted in a considerable increase in security risks for Automatic Teller Machines (ATMs) as a direct consequence of the vulnerabilities which are common to open systems. At the same time, the world is experiencing a paradigm shift regarding cyber attacks. Worldwide criminal gangs are currently pursuing low risk, sustainable sources of revenue and it is a matter of time before many criminals in modern countries join this emerging criminal value chains and target attractive assets in an organized manner. In this respect, there is no doubt that an ATM network is an attractive asset. Thus attacking ATM networks in a well organized and highly sophisticated way is a clear trend nowadays in Eastern Europe and Latin America, and will become an uncomfortable reality in the most advanced countries very soon. Several options are available on the market to help controlling and mitigating the risks associated with ATM security. After all, an ATM is a hardened Windows-based PC with specific peripherals, and software to secure PCs which has existed for a long time. However, the majority of PC security products have evolved for typical office computer environments, whose particular characteristics (stability, updating frequencies, connectivity and service needs, performance etc.) are quite different to those of the financial self-service environments. Traditionally, a lot of attention has been paid to preventing there are new threats thieves from stealing the most which are far from evident and evident asset in an ATM: cash. are also rapidly evolving Many physical security controls are in place in modern ATMs, and most ATM network managers believe their ATM network s security is reasonably managed, since the ATM controls in place obviously face the evident threats an ATM is subject to (things like breaking the ATMs using trucks or explosives). More recently, the raise in card fraud has resulted in the appearance of an associated credit card data market. Today, criminals can easily sell credit card data over the Internet for a profit, and thus it is only natural that they wonder how they can obtain those data. Of course ATMs are an obvious source of PINs and magnetic stripe data. Due to these facts, ATM security focus is slowly shifting to ensure that proper security controls are also in place to prevent card and PIN data stealing from the self-service network. However, in order to select the proper software security controls, it is necessary to understand the threat. Well known attacks such as card skimming are already being addressed (like for instance through EMV initiative). Still, there are new threats which are far from evident and are also rapidly evolving. ATM EMERGING THREATS ATM networks are currently subject to emerging threats which are usually poorly understood by ATM network managers. Part of the problem probably is that data stealing from an ATM does not immediately result in a loss for the ATM network itself, but for the financial entity behind the data. There is no clear liaison from ATM data compromise and ATM Many security incidents in ATM networks are currently not detected and thus the rate of occurrence of breaches is usually underestimated 3 / Copyrights GMV Soluciones Globales Internet, S.AU. All rights reserved.
4 loss expectation. Furthermore, many security incidents in ATM networks are currently not detected and thus the rate of occurrence of breaches is usually underestimated. It seems contradictory that what appears to be a new promising business for criminals is getting so little attention from ATM network managers. In order to understand how this is possible, let us first discuss what would be the best strategy that a criminal could follow, for instance to obtain some credit card data from an ATM, data that he could later sell on the market. Criminals focus on three basic aspects: --The effort must be worth the risk of being caught. --This risk must not surpass some acceptable level, and --They prefer tactics that would provide sustainable revenue better than actions that would result in punctual profit. And sustainable revenue usually comes from a situation where assets (data or cash) are stolen regularly and without notice. Now, if criminals would come with a truck and steal a single ATM (or, less dramatically, install some hardware device on it, like a dispenser trapper), they would get money and/or data, but this would require a great effort and would provide limited profit. On the other hand, if they could somehow, and without being noticed, get their hands on ATM data on a regular basis, they would sell the data and thus have a source of sustainable revenue at a very low risk. Surely this possibility deserves some attention. News: Many Corrupt Ukrainian Bank Workers Assist Cyber Criminals. Ukraine s national security agency had detected a rise in bank-related cyber in the country. Apparently many of the attacks rely on insiders, as banks are advised to review and strengthen their employee selection processes. to decrease risk (of being caught) and increase the amount of stolen data (or its quality, e.g. knowledge of customer profile associated to the data) and also decrease the effort to obtain it. In this way, as in most technology based businesses, the threat is Once you manage to introduce malware in the ATM, rapidly evolving. For instance, if they just manage to have access to the why not use it to withdraw ATM at one particular time (instead cash? Indeed that is what Skimer malware is able to do that on a regular basis), they can inject some malicious software and later collect the data using the ATM printer or sometimes send it over the network. The well known Skimer malware that expanded in a few countries at the end of 2008 does just that. And, once you manage to introduce malware in the ATM, why not use it to withdraw cash? Indeed that is what Skimer malware is able to do: By means of a particularly built card you can instruct the infected ATM to dispense cash. The cash that disappears does not belong to a particular customer, and tracing the loss is sometimes difficult. Moreover, in the very near future this type of malware is expected to behave as a worm and be able to self-replicate in a network, thus reducing the exposure of the criminals and increasing their revenue expectations. At a first glance it may seem that building this kind of malware is quite a sophisticated task, and it is indeed, even for a well known open system like Windows. However, most criminals do not build their malware, they can buy it from organized criminal gangs just the same as they can later sell the obtained credit card data. These malware kits are available and are quickly becoming inexpensive. This criminal specialization is at the very core of the new threat model that we are facing. TECHNOLOGIES New generation of ATM-focused malware coexists with a crisis in the classic anti-malware solutions (a.k.a. antivirus) that have so far protected Windows-based systems. This crisis has three aspects. One could think of two ways to achieve this goal. If the criminal (or an accomplice) has periodic access to an ATM (say he is in charge of some sort of maintenance task) all that is needed is some knowledge and/or tools in order to get these data (provided of course they know where it is). This has been the main approach for some time. However this possibility is reduced to a limited number of people and therefore the associated risk of being caught is higher. At the same time, the card fraud market is becoming commoditized and the price of the stolen magnetic stripe data is decreasing. This, as in any other business, is demanding from the criminals a higher degree of sophistication, in order --First, new malware is expanding exponentially so as to render eventually unmanageable the number of patterns that a classic antivirus solution needs to cope with. --Second, so called zero-day exploits cannot be effectively dealt with using pattern recognition technology which is the technology widely used by most antivirus manufacturers. --Finally, malware is evolving to use self-compiling technologies that result in customized versions with unique patterns, so that all instances of the malware look different for a classical antivirus which yields pattern based recognition ineffective. 4 / Copyrights GMV Soluciones Globales Internet, S.AU. All rights reserved.
5 WHY IS MY ATM SO VULNERABLE? SECURITY CONTROLS We have seen that new threats related to some form of malware will be gaining importance in the near future. One could wonder how difficult is indeed to secure a Windows-based ATM. As already stated, the fact that Windows is a well known, open operating system plays against us in this arena. No doubt the use of Windows in ATMs has a number of advantages but one could reasonably argue that security is not one of them. So essentially new anti-malware technologies are required to secure Windows-based ATMs. The solution must then include a combination of white listing, application level firewalls, signature based validation, peripheral devices control (ranging from cash dispenser to external USB drives) and keyboard hooking, among others. At the same time, these software security technologies must be as manageable and reliable as required for all ATM software; they must have a minimum footprint to prevent interfering with the ATM application software and must work in unsupported operating systems like Windows NT4. Also, they must evolve following a roadmap suited to the needs of ATM networks which are, and will continue to be in the future, quite different from regular Windows based PCs security needs. For instance they must provide specific traceability features, must adapt to regulatory conditions and must integrate with existing and future fraud management platforms. Traditional PC security vendors are quickly adapting their products to secure ATMs, but usually this adaptation involves a lot of marketing and very little understanding of relevant issues like fraud prevention or regulatory compliance. Their technology has always been focused in securing high performance PCs with novel operating systems, and the PC market is their most important source of revenue. While they are certainly teaming with ATM manufacturers, it is unlikely that their products will bother to extend their newest technology to run in low performance computers (widely deployed in ATMs) with unsupported operating systems, and it is even less likely that they would evolve to cope with new foreseeable demands like secure software control of cash dispensers or integration with secure pin pads. Take care, not all that glitters is gold! Common PC white listing solutions aren t most of the times the right ones for ATMs or Kiosks. In light of the arrival of Windows to self-service networks, it is fair to consider whether the ATM equipped with this operating systems presents new vulnerabilities ; this is to say, if the ATM would be more susceptible to malicious attacks which open up new situations of fraud or theft. Vulnerability is essentially a weak point in the computer, its programs or its concept, which could be used to overcome the security of the ATM. The ATM includes a set of hardware and software products (the devices, drivers, operating system, application programs, etc.) which operate in an ordered manner following a chain of processes. The security of the ATM depends upon the security of the weakest link in the chain. In many cases, the operating system is this weakest link, both due to its design as well as its central control position in the ATM. The nuts and bolts on how vulnerabilities are used by hackers in order to break into a Windows system are technically sophisticated, and a detailed discussion is out of the scope of this whitepaper. But the reader should be aware at this point that the adoption of Windows as the operating system for ATMs, while providing several benefits in other aspects, has certainly brought a security issue. Specifically, it is easier than it seems to take control of an ATM device from a remote user station with access to the ATM s network. It is uncomplicated to introduce malicious processes in the ATM, processes 5 / Copyrights GMV Soluciones Globales Internet, S.AU. All rights reserved.
6 that might be storing sensitive information (for example card numbers and associated transaction data) which can later be retrieved on a regular basis and be used in fraud attempts. It is also easy to download already existing files containing sensitive information to USB storage devices. It is easy to inject code that intercepts peripheral drivers and, for instance, dispenses cash. installing an antivirus in an almost unattended environment such as an ATM? How could their resource consumption affect the ATM? Have you ever experienced degradation of your PC environment and blamed the antivirus? Clearly, Windows-based antiviruses or personal firewalls were not developed to secure ATMs. How does one go about selecting a proper security control for an ATM? As a consequence, there is an urgent need to install suitable security controls in ATMs. Naturally, security controls cannot have the intention of making Windows more secure than it is. But they can, depending on the situation, avoid, counteract or minimize security risks. When ATMs first appeared around Due to classic anti-malware 1968 they quickly became one of solutions crisis, new the most influential technological anti-malware technologies are innovations of the century. Believe required to secure it or not, ATMs were the first Windows-based ATMs large-scale example of commercial use of cryptography, and actually they contributed to establish a number of crypto standards. ATMs security-by-design was a main concern at that time. Time has, however, turned a highly sophisticated, distributed, retail transaction processing technology into a legacy system. Today many ATMs feature unsupported versions of Windows and their RAM memory is almost ridiculous when compared with the standard offer in a PC store. Surely there are new modern machines available every year, but large networks cannot be changed as fast as the evolution of technology would suggest. There are around 2 Millions ATMs in the world today, and changing all of them every three years would be absurd. On the other hand, current ATMs might not be the most modern machines, but certainly they are quite stable systems, much more reliable than your office PC. Software upgrades are well controlled, and some ATMs even feature sophisticated monitoring and failure-prediction systems. Essentially, an ATM is not a machine where one wants to introduce a source of unreliability or a performance problem. It is in this context that ATM network managers are facing the urgent need to install security controls. Since an ATM is essentially a PC, one might argue, they should be equipped with the same security controls that we have in our PCs: Essentially, an ATM is not antiviruses (or something of the a machine where one wants sort). But the threats to ATMs, as to introduce a source of we have seen, are not viruses. unreliability or a performance And even if they were, could you problem imagine the risks associated to Fortunately for us, one of the main features of an ATM, its stability, is here to help us with the answer. An ATM is a very specific environment which has a clear advantage with respect to other Windows environments such as desktop PCs from a security perspective: Its configuration (programs, files and generally required resources) and its behavior (for example, permission for writing, reading or execution) may be precisely defined, and it generally remains stable (or with few alterations) for a longer time than office computer environments. We can thus imagine an ATM specific security product as some sort of software that is installed between the operating system and the resources which it handles in the ATM, in order to ensure that actual use of resources conforms exactly to the expected use in the ATM. Here by resources we are meaning files, peripherals, everything controlled by the operating system. In this way, a large quantity of attacks may be detected as unexpected use and the countermeasures immediately taken in order to avoid damage and to warn managers. It is this concept, that of conformance or compliance in the use of the resources, which leads us to the quite interesting concept of ATM security policy. SECURING YOUR ATM NETWORK, SECURITY POLICIES In a general manner, we could define a Security Policy as a set of rules, principles and practices which determine the manner of implementing and managing security in a particular environment (such as, for example, a financial self-service network). Once a security policy is established, it is possible to design and implement a well-reasoned set of security controls. Controls will be selected so as to ensure compliance with policy, and when this is not the case, detect and inform about noncompliances. The power of security policies is that they allow you to select the security controls that you need. A security policy should also be able to help in the selection of a balanced set of procedural, administrative and technical controls for a particular scenario. Specifying a security policy for our ATM network will enable us to select the proper security controls. This selection is an important task which is often disregarded. In many cases it is relatively common to introduce 6 / Copyrights GMV Soluciones Globales Internet, S.AU. All rights reserved.
7 security controls into the information systems without having previously specified a security policy. Sometimes one could argue some best practices reason, but quite often this is just a sign of the threat being poorly understood. In fact, it is not easy to define policies for complex environments, since they intrinsically involve difficult cost-benefit analyses. In some cases, regulatory compliance poses a time pressure which, possibly combined with the apparent inexistence of security incidents (rather we should say of detected security incidents) could conceivably force managers to install some generic control which later is shown to be inadequate. A final problem arises when, even with a good understanding of the threat, the controls required would be numerous and complicated. And this is indeed the case of ATMs, where one should control execution, file access, peripheral access, communications and a number of other subtleties which would imply the installation of several (four or more) generic security products, which in turn would result in a security management nightmare. So ideally, we would require just one ATM security product that would do three simple things: --Provide for the generation and management of ATM-specific security policies, that could automatically be translated into rules for security controls, --Enforce this rules (being it regarding execution, access, communication or any other security requirement) using one single, low footprint security product in the ATM, and --Provide for centralized monitoring of compliance, including all required audit features. The state-of-the-art of security today allows such a product. We have seen how an ATM is a stable environment where the use of resources is predictable. One could just conceive a security product that would monitor the ATM, generate security policies based on its expected behavior, and then enforce that security policy embedding, for this purpose, all necessary controls. For example, one could think of a security policy expressed as a set of rules that limit the access and usage of ATM resources, which could be structured and centrally stored in a file which is in turn securely sent to the ATM in order to become enforced. A security policy would not be an abstract concept, but a very specific concept which allows bringing security to the ATMs in an understandable and manageable way. The rules admitted should have to be quite diverse; some examples could be no process except for xxx may modify file yyy, only Java class zzz may access the library for access to the dispenser, or no system outside of the ATM may access communications port These rules must be organized so as to cover all required security protections the ATM would need. Once we have conceived an ATM-specific security product, and recalling the threats and vulnerabilities exposed in previous chapters, let us analyze what these protections would be. COMPREHENSIVE PROTECTION The following is a (non exhaustive) list of the type of protections that an ATM Security Policy must be able to specify and automatically translate into ATM enforced controls: --Protection against unauthorized software execution. Since an ATM is (or at least should be) a well understood and controlled environment, this should be achieved by means of white listing technology. This technology is used to permit execution of software only when it is included in a so called white list, as opposed to black listing, which is the current antivirus technology that allows execution of any software except that on the black list. Today criminals can (and do) deploy custom pieces of malware, i.e. malware with different patterns so that every single instance has a new pattern, and often cannot be detected with classical black listing technology. --Protection against unauthorized use of libraries and drivers. This feature is complementary to the previous one. --Protection against unauthorized access to ATM hardware devices. This for instance, controls the use of USB drives to enter or extract software or data to/from the ATM, or the access to the cash dispenser. --Protection against unauthorized access to ATM s files and folders. This prevents both reading of sensitive data and storing programs into the ATM file system. 7 / Copyrights GMV Soluciones Globales Internet, S.AU. All rights reserved.
8 --Protection against unauthorized execution of Java code. The specific mention to Java arises from the fact that all Java applications run using one process, the Java Virtual Machine, and thus process-based white listing technology is insufficient to control which particular classes (or other Java resources) are actually allowed to run on the ATM. --Integrity validation of executable files, libraries and drivers. This is a complement to the protection against unauthorized software execution. It provides for a secure means to identify process with some suitable signature. In this way replacement of authorized software by malware is prevented. --Integrity validation of any sensitive file in the ATM. This is the capability to validate, using signatures, any relevant file in the ATM. --Integrated Firewall to control network communications on a per process basis. A firewall controls both access to the ATM (for instance from an external source that is trying to exploit a vulnerability) or from the ATM to the external world (for instance malware in the ATM that would try to send data outside). This firewall must control communications per process, per destination and per IP. For instance, only process xx with signature yyy is allowed to connect to port aaaaa and listen from such IP. --Configurable keyboard hook. Additionally to execution control, disabling some keys in the keyboard would enormously difficult some attacks. This, which in usual PCs would be inadmissible, makes sense in an ATM that need not enable some particular keys (say Ctrl or Alt) in order to provide service. --Configurable access control based on user. Since we must assume that users that access the ATM need not be necessarily trustworthy, it follows that different users should be provided different access rights and execution permissions (even if running as Administrator), depending on what they need to run specifically to do their jobs. --Prevention of generic users and weak passwords. Last, but not least, user-custom control is useless if an operator is able to mask as another user, due to default or weak passwords in the ATM. A security control must be in place in order to prevent this. Some of the mentioned features might seem redundant in their purpose, for instance why control communications to prevent malware exporting sensitive data, when the malware cannot be executed in the first place? Well, this approach, known as defense in depth, is a common strategy in the security scenario, and essentially consists in deploying several layers of defense just in case the attacker is able somehow to bypass one of them. BEYOND AUDIT The above list of features is quite extensive, and indeed only ATM specific security products could be expected to provide them all in a single product. The main reason for this extensive list is that, an ATM must prevent attacks from people having physical access to the ATM. This is an unusual situation, and indeed some security experts would argue (convincingly) that it is quite impossible to secure a Windowsbased machine from someone that has physical access to it. 8 / Copyrights GMV Soluciones Globales Internet, S.AU. All rights reserved.
9 This argument leads us to a final requirement for an ATM security product: all relevant actions performed on the ATM must be traceable. While this might look like a typical security requirement, there is one interesting feature that we want to propose for our ATM security product. In addition to registering all failed attempts, we would like in some cases to relax security in order to understand what the attacker is doing. For instance suppose that an ATM maintenance operator tries to install some malicious software. We could, in principle, disable all unauthorized software installation. On the other hand, if we let the installation proceed and provide the impression that the malware will work properly, we would get in turn full access to the malware. This course of action is uncommon, but it is intriguing to consider its advantages given the fact that ATMs attackers are in most cases insiders, and that other usual security tactics (such as deploying honeypots ) are not easy to follow in the case of ATM networks. So essentially we propose that an ATM specific security product should under some controlled circumstances allow unauthorized software execution in order to follow the track of the criminal and understand exactly the approach he is following in his attack. We will not elaborate more on this topic, we will just say that a fully controlled, remotely managed surveillance of the ATM when it is under attack (as opposed to just denying all access in the first place) is a powerful tool which can result in deeper understanding of new threats. CONCLUSION In this paper we have discussed the emerging security threats and we have proposed an ATM security concept summarizing the reasons why such a far reaching security product is a real need for self-service networks, and why a typical PC-focused product solution, no matter how advanced, would certainly not provide the required assurance. This concept has been implemented by GMV in its product Checker ATM Security, a product that will help you to protect your ATM network and being compliant with most of the PCI-DSS requirements. For more information on Checker ATM Security: 9 / Copyrights GMV Soluciones Globales Internet, S.AU. All rights reserved.
Target Security Breach Lessons Learned for Retailers and Consumers 2014 Pointe Solutions, Inc. PO Box 41, Exton, PA 19341 USA +1 610 524 1230 Background In the aftermath of the Target breach that affected
Advanced Persistent Threats and Real-Time Threat Management The Essentials Series Beyond the Hype: Advanced Persistent Threats sponsored by Dan Sullivan Introduction to Realtime Publishers by Don Jones,
Dealing with the unsupported Windows XP What Should You Do? A White Paper by: Windows Vulnerabilities XP has substantial and HIPAA design Compliancy vulnerabilities Make that put Upgrading an entire organization
Understanding and Responding to the Five Phases of Web Application Abuse Al Huizenga Director of Product Management Kyle Adams Chief Architect Mykonos Software Mykonos Software Copyright 2012 The Problem
Research Conducted by 2015 VORMETRIC INSIDER THREAT REPORT Trends and Future Directions in Data Security RETAIL EDITION #2015InsiderThreat RESEARCH BRIEF RETAIL CUSTOMERS AT RISK ABOUT THIS RESEARCH BRIEF
NACS/PCATS WeCare Data Security Program Overview March 27, 2012 Abstract This document describes the WeCare Program, discusses common data security threats, outlines an 8-point plan to improve data security,
Commercial Banking Customers Securing Your Business s Bank Account Trusteer Rapport Resource Guide For Business Banking January 2014 Table of Contents 1. Introduction 3 Who is Trusteer? 3 2. What is Trusteer
How-To Guide: Cyber Security Content Provided by Who needs cyber security? Businesses that have, use, or support computers, smartphones, email, websites, social media, or cloudbased services. Businesses
Anti-exploit tools: The next wave of enterprise security Intro From malware and ransomware to increasingly common state-sponsored attacks, organizations across industries are struggling to stay ahead of
Sygate Secure Enterprise and Alcatel Sygate Secure Enterprise eliminates the damage or loss of information, cost of recovery, and regulatory violation due to rogue corporate computers, applications, and
LASTLINE WHITEPAPER In-Depth Analysis of Malware Abstract Malware analysis is the process of determining the purpose and functionality of a given malware sample (such as a virus, worm, or Trojan horse).
Driving Company Security is Challenging. Centralized Management Makes it Simple. Overview - P3 Security Threats, Downtime and High Costs - P3 Threats to Company Security and Profitability - P4 A Revolutionary
PCI PA - DSS Point ipos Implementation Guide VeriFone Vx820 using the Point ipos Payment Core Version 1.01 POINT TRANSACTION SYSTEMS AB Box 92031, 120 06 Stockholm, Tel. +46 8 566 287 00 www.point.se Page
IQware's Approach to Software and IT security Issues The Need for Security Security is essential in business intelligence (BI) systems since they have access to critical and proprietary enterprise information.
Securing Remote Vendor Access with Privileged Account Security Table of Contents Introduction to privileged remote third-party access 3 Do you know who your remote vendors are? 3 The risk: unmanaged credentials
Protecting Your Business from Costly Data Theft: Why Hardware-Based Encryption Is the Answer The Data Breach Epidemic Continues.. 1 Data Encryption Choices for Businesses................... 2 The Hardware
Mobile Application Security Whitepaper 4 Steps to Effective Mobile Application Security Table of Contents Executive Summary 3 Mobile Security Risks in Enterprise Environments 4 The Shortcomings of Traditional
SOLUTION BRIEF:........................................ Host-based Protection for ATM's Who should read this paper ATM manufacturers, system integrators and operators. Content Introduction...........................................................................................................
Policy for Protecting Customer Data Store Name Store Owner/Manager Protecting our customer and employee information is very important to our store image and on-going business. We believe all of our employees
Franchise Data Compromise Trends and Cardholder Security Best Practices December, 2010 Franchise Data Security Agenda Cardholder Data Compromise Overview Breach Commonalities Hacking Techniques Franchisee
Building a Business Case: Cloud-Based Security for Small and Medium-Size Businesses table of contents + Key Business Drivers... 3... 4... 6 A TechTarget White Paper brought to you by Investing in IT security
A MainNerve Whitepaper Overview The data security challenges within the business world have never been as challenging as they are today. Not only must organizations providers comply with stringent State
PCI PA - DSS Point BKX Implementation Guide Atos Xenta, Atos Xenteo and Atos Yomani using the Point BKX Payment Core Version 2.01 POINT TRANSACTION SYSTEMS AB Box 92031, 120 06 Stockholm, Tel. +46 8 566
DETECT MONITORING SERVICES AND DETECT SAFE BROWSING: Empowering Tools to Prevent Account Takeovers SUMMARY The Federal Financial Institutions Examination Council (FFIEC) is planning to update online transaction
Research Topics in the National Cyber Security Research Agenda Trust and Security for our Digital Life About this document: This document summarizes the research topics as identified in the National Cyber
Practical guide for secure Christmas shopping Navid 1 CONTENTS 1. Introduction 3 2. Internet risks: Threats to secure transactions 3 3. What criteria should a secure e-commerce page meet?...4 4. What security
SMALL BUSINESS NETWORK SECURITY GUIDE WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION AUGUST 2004 SMALL BUSINESS NETWORK SECURITY GUIDE: WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION
DATA SECURITY: EVERYTHING YOU NEED TO KNOW! Data Breaches: Where, What and Why! Federal and State Regulations to Protect Data! EMV Chip Technology! PIN or Signature?! Existing and Emerging Security Options!
Automotive Ethernet Security Testing Alon Regev and Abhijit Lahiri 1 Automotive Network Security Cars are evolving Number of ECUs, sensors, and interconnects is growing Moving to Ethernet networks utilizing
Issue No. 2 THREAT LANDSCAPE Technological developments do not only enhance capabilities for legitimate business they are also tools that may be utilized by those with malicious intent. Cyber-criminals
V ISA SECURITY ALERT 13 November 2015 U P DATE - CYBERCRIMINALS TARGE TING POINT OF SALE INTEGRATORS Distribution: Value-Added POS Resellers, Merchant Service Providers, Point of Sale Providers, Acquirers,
WHITE PAPER CHALLENGES Protecting company systems and data from costly hacker intrusions Finding tools and training to affordably and effectively enhance IT security Building More Secure Companies (and
CISP BULLETIN Top Three POS System Vulnerabilities Identified to Promote Data Security Awareness November 21, 2006 To support compliance with the Cardholder Information Security Program (CISP), Visa USA
Over 90% of all compromised merchants are PCI level 4 (small) merchants or merchants with less than 1 million transactions per year Over 80% of compromised systems were card present or in-person transactions
s Why Windows XP End-of-Life Handbook for Upgrade Latecomers s Why Introduction Windows XP end of life is April 8, 2014. Do you have Windows XP systems but can t upgrade to Windows 7 or Windows 8, or can
Research Note Impact of Data Breaches By: Divya Yadav Copyright 2014, ASA Institute for Risk & Innovation Applicable Sectors: IT, Retail Keywords: Hacking, Cyber security, Data breach, Malware Abstract:
Managing Web Security in an Increasingly Challenging Threat Landscape Cybercriminals have increasingly turned their attention to the web, which has become by far the predominant area of attack. Small wonder.
Proactive Credential Monitoring as a Method of Fraud Prevention and Risk Mitigation By Marc Ostryniec, vice president, CSID The increase in volume, severity, publicity and fallout of recent data breaches
Huff 1 ICTN 4040 Section 001 Enterprise Information Security Enterprise Database Security Issues and Solutions Roger Brenton Huff East Carolina University Huff 2 Abstract This paper will review some of
File Integrity Monitoring Challenges and Solutions Introduction (TOC page) A key component to any information security program is awareness of data breaches, and yet every day, hackers are using malware
Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet
SECURITY CONSIDERATIONS FOR LAW FIRMS Enterprise Risk Management Professional consulting firm that specializes in cyber security Founded in 1998 in Miami, Florida Serves more than 150 clients, locally,
Achieving Compliance with the PCI Data Security Standard June 2006 By Alex Woda, MBA, CISA, QDSP, QPASP This article describes the history of the Payment Card Industry (PCI) data security standards (DSS),
61-04-69 Getting a Secure Intranet Stewart S. Miller The Internet and World Wide Web are storehouses of information for many new and legitimate purposes. Unfortunately, they also appeal to people who like
Date: 07/19/2011 The 12 Essentials of PCI Compliance How it Differs from HIPPA Compliance Understand & Implement Effective PCI Data Security Standard Compliance PCI and HIPAA Compliance Defined Understand
IBM Security re-defines enterprise endpoint protection against advanced malware Break the cyber attack chain to stop advanced persistent threats and targeted attacks Highlights IBM Security Trusteer Apex
THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS Read the Marsh Risk Management Research Briefing: Cyber Risks Extend Beyond Data and Privacy Exposures To access the report, visit www.marsh.com.
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
January 2013 Page 1 This paper describes the system philosophy and guidelines for keeping your DeltaV System secure from Cyber attacks. www.deltav.com January 2013 Page 2 Table of Contents Introduction...
LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL for INFORMATION RESOURCES Updated: June 2007 Information Resources Security Manual 1. Purpose of Security Manual 2. Audience 3. Acceptable
FINANCIAL FRAUD: THE IMPACT ON CORPORATE SPEND IT SECURITY RISKS SPECIAL REPORT SERIES Kaspersky Lab 2 Corporate IT Security Risks Survey details: More than 5,500 companies in 26 countries around the world
Achieving Truly Secure Cloud Communications How to navigate evolving security threats Security is quickly becoming the primary concern of many businesses, and protecting VoIP vulnerabilities is critical.
Part 1: Internal & External Data Breach Vulnerabilities Presented on: Thursday, February 12, 2 3 ET Co presented by: Ann Davidson VP of Risk Consulting at Allied Solutions Joe Majka CSO at Verifone 1 Breakdown
Appendix A to 11-02-P1-NJOIT NJ OFFICE OF INFORMATION TECHNOLOGY P.O. Box 212 www.nj.gov/it/ps/ 300 Riverview Plaza Trenton, NJ 08625-0212 NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT The Intent
#1 Management and Security for Windows Server and Hyper-V The Challenges of Securing Hosting Hyper-V Multi-Tenant Environments by Brien M. Posey In the not too distant past, VMware was the hypervisor of
A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,
How to build and use a Honeypot By Ralph Edward Sutton, Jr DTEC 6873 Section 01 Abstract Everybody has gotten hacked one way or another when dealing with computers. When I ran across the idea of a honeypot
Making the Most of Multi-Factor Authentication Introduction The news stories are commonplace: Hackers steal or break passwords and gain access to a company s data, often causing huge financial losses to
ENTERPRISE APPLICATION WHITELISTING SOLUTION Achieving PCI Compliance at the Point of Sale Using Bit9 Parity TM to Protect Cardholder Data PCI: Protecting Cardholder Data As the technology used by merchants
The Next Generation of Security for NG9-1-1 SYSTEMS The Challenge of Securing Public Safety Agencies A white paper from L.R. Kimball JANUARY 2010 866.375.6812 www.lrkimball.com/cybersecurity L.R. Kimball
CYBERSECURITY: Is Your Business Ready? Cybersecurity: Is your business ready? Cyber risk is just like any other corporate risk and it must be managed from the top. An organization will spend time monitoring
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime sponsored by Introduction
Society for Information Management The Projected Top 5 Security Issues of 2010 Steve Erdman CSO and Staff Security Consultant of SecureState Network +, MCP Precursor 2009 has been a difficult year in Information
User Security Education and System Hardening Topic 1: User Security Education You have probably received some form of information security education, either in your workplace, school, or other settings.
TADCASTER GRAMMAR SCHOOL Toulston, Tadcaster, North Yorkshire. LS24 9NB NETWORK AND INTERNET SECURITY POLICY STATEMENT Written by Steve South November 2003 Discussed with ICT Strategy Group January 2004
Topic 1 Lesson 1: Importance of network security 1 Initial list of questions Why is network security so important? Why are today s networks so vulnerable? How does Melissa virus work? How does I love you
Agilent Technologies Electronic Measurements Group Computer Virus Control Program Agilent Technologies Electronic Measurements Group (EMG) recognizes the potential risk of computer virus infection that
Types of cyber-attacks And how to prevent them Introduction Today s cybercriminals employ several complex techniques to avoid detection as they sneak quietly into corporate networks to steal intellectual
Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning Lee Zelyck Network Administrator Regina Public Library Malware, Spyware, Trojans
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
LASTLINE WHITEPAPER Large-Scale Detection of Malicious Web Pages Abstract Malicious web pages that host drive-by-download exploits have become a popular means for compromising hosts on the Internet and,
BUSINESS WHITE PAPER Anatomy of a Healthcare Data Breach Prevention and remediation strategies Anatomy of a Healthcare Data Breach Table of Contents 2 Increased risk 3 Mitigation costs 3 An Industry unprepared
Tahoe Tech Group LLC Cyber Security Briefing Truckee Donner Chamber of Commerce March 6, 2015 Tahoe Tech Group serves as your technology partner with a focus on providing cost effective and long term solutions.
SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and
Blacklist-based Software versus Whitelist-based Software Whitepaper Last modified: September 1st, 2011 Intelligent Solutions for ABSOLUTE Control www.faronics.com 1999 2011 Faronics Corporation. All rights
12 Security Camera System Best Practices - Cyber Safe Dean Drako, President and CEO, Eagle Eye Networks Website version of white paper Dean Drako video introduction for cyber security white paper Introduction
Application Security in the Software Development Lifecycle Issues, Challenges and Solutions www.quotium.com 1/15 Table of Contents EXECUTIVE SUMMARY... 3 INTRODUCTION... 4 IMPACT OF SECURITY BREACHES TO
YOUR DATA UNDER SIEGE: GUARD THE GAPS WITH PATCH MANAGEMENT. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next Your Data Under Siege: Guard the Gaps with Patch Management 1.0
A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose