Barnaby Jack, who formerly worked at Juniper Networks, originally planned his presentation, "Jackpots in Automated Teller Machines", at Black Hat USA 2009. "Due to circumstances beyond my control, the talk was pulled at the last minute," he said in the description of his forthcoming presentation on the Black Hat USA 2010 website. "The upside to this is that there has been an additional year to research ATM attacks, and I'm armed with a whole new bag of tricks."
Jack quit his role as staff security researcher at Juniper in April, after more than three years. He became director of security research at IOActive, and is now cleared to give the presentation, during which he will disclose a new root kit for ATMs.
"Last year, there was one ATM; this year, I'm doubling down and bringing two new model ATMs from two major vendors," Jack said. "I will demonstrate both local and remote attacks, and I will reveal a multi-platform ATM root kit." He also promises to discuss protection mechanisms that ATM manufacturers can implement to safeguard against the attacks.
ATMs haven't been the subject of much security research, but the signs are that criminals are beginning to exploit them. Last June, a new piece of ATM malware was discovered that captured personal identification numbers. That malware was found on 20 machines in Russia and the Ukraine that were running Windows XP. That malware required physical access to the machine. However, credit unions that Infosecurity has spoken to in the US revealed that their own ATMs were compromised by malware introduced via their administrative networks.