A few weeks ago, I stumbled over this: It appears that criminals have managed to install a Trojan on Russian ATMs. The Trojan would collect card data and pin numbers over the day and during the night, a “money mule” would collect a receipt with the numbers (which would look inconspicuous since a lot of people ask for a printout of their transaction). But this kind of attack is a new quality.
Home computers are administrated by … well … ignorants. People who want to use a computer, not understand it. For them, this box eats electricity and magically produces fancy graphics on the screen. They know how to email but they have no idea how mail works, they are oblivious to what actually happens when the computer sends an email. So it’s little wonder that most computers out there are infected with various kinds of viruses or Trojans and why “MAKE MONEY FAST” schemes still work so well.
The guys who build ATMs, on the other hand, are no ignorants. They ought to know exactly what they are doing and that someone can tap into the process is a new dimension. This is the difference between mugging innocent night owls and planned bank robbery. Computer crime has become as professional as the non-virtual counterpart. My guess is that we’ll need much more powerful computers in the near future which can store and access petabytes of data. Computers who can tell a legitimate operation from an illegal one and who can protect themselves against abuse. Computers who are powerful enough to watch every operation they are processing. Instead of only being able to crunch numbers, they need to understand what they do and how far reaching the consequences of an operation are.
It’s time for an immune system for computers. If we’re wiped out by Skynet in the not-so distant future, we’ll have to thank the mob.