For this week's blog i decided to respond to what we talked about in class, regarding analyzing and creating risk maps for various things. The idea of creating risk maps is a helpful tool and should be used in the creation of basically anything, as it allows us to understand what could potentially go wrong and helps us to plan ahead to avoid various problems. I have chosen ATM machines as my subject because it is high risk and yet a vital machine that a lot of people depend on, on a dialy basis. ATM machines are almost necessary even in an age where most people are using cards for most transactions, but sometimes cash is necessary, and even though I am charged a fee by both my bank and the atm, I find myself still using them due to the fact that they are conveniently place in most banks/restaurants/gas stations. For atm machines, security is the name of the game, there are a lot of potential dangers for an atm machine. First and foremost you must find a secure location that also has high traffic volumes. The location needs to be easily and conveniently accessible by the public, but also profitable for the company. If the atm is outside then you must worry about things like weather, graffiti, and potential risk to people who are using it while exposed to an open area. Inside or outside the atm is vulnerable to general abuse from the public and that must be taking into consideration when designing the machine itself, it should be durable and able to handle the volumes of people using it. I also wanted to blog on this so that i could include the technical risks involved, including hackers who can setup skimmers, and take personal information from someone who has used that machine. The atm can be considered a risk to all parties involved and can harm the people who own it, who store it at there location, and to the people who use it. The atm is prone to a lot of different risks, but has some pretty basic defenses that can keep it safe and intact. Most atms have a camera built into it and if it is in a place of business then it can easily be watched, but if it's in a crowded place then it is still vulnerable. I don't have any risk maps drawn out but i wanted to name off a few and where they fit in. 1. Graffiti: medium likelihood (based on location and if its outside), low risk. 2. Weather: Again depends on location but for the most part low likelihood, low risk. 3. People abusing the atm: low likelihood, high risk. 4. Hackers: low likelihood, very high risk. 5. Getting mugged: low-medium likelihood (depends on area), high risk.
For this post I have decided to write about something that hits pretty close to what I do for work. I do technical support for a VoIP service which often has me remotely connecting into customer’s networks to change settings, so that our product will not interfere or be interfered with by their firewall. Customers often bring up concerns about my ability to do that, in which i ensure them it is in a controlled environment and they will know at all times what I am doing and when I am disconnected. There are of course other ways to connect into somebody’s router without using a controlled service to facilitate the exchange, one of which I was recently told about that I find particularly interesting.
Universal Plug and Play is something that has been around for about ten years, a feature that allows us to connect a device and have it instantly communicate within the network without being bothered by any sort of NAT or firewall. A very interesting article entitled “Universal Plug and Play: Dead simple or simply deadly?” was written about it in 2006 by Armijn Hemel, and although i don’t want to just quote directly from the article (but would suggest reading it) I wanted to point out some of the more interesting points in it. It basically just states that by connecting a device into a router, there is a message that is sent back and forth between the devices that allows for the newly connected device to automatically connect without being harassed by any sort of security. By sending that same message via UPnP packets with the right information to a router, a hacker can automatically get full control through the WAN side of anyones router. That would give them full control to reconfigure a router in any manner that they want to, which could potentially cause serious damage and frustration to a user. They would also have access into the LAN side of your network. The really interesting part of this is my opinion is not only has this problem been known about for at least 5 years now, but routers still come shipped with UPnP enabled by default. I deal with routers everyday which are open to that sort of attack due to the port constantly being open.
The easiest and obvious fix for this situation would to go into the router and disable it, and it is highly suggested that instead of relying on UPnP to easily connect devices, you instead go into your router and open up ports going to whatever device is plugged in. Easy for most of us, but obviously non-technical people who don’t really understand the workings of a router or their network are not going to be able to do this, or even know what they are looking for as far as opening ports.
The article itself is pretty interesting and if anyone is interested in reading it they can find it here: