Tuesday, 10 June 2014
Kids with operators manual alert bank officials: “We hacked your ATM”
Two 14-year old Canadians hacked a bank of Montreal ATM after getting an operators manual online. The manual showed how to gain administrative control of the device, according to a media report published over the weekend.
When Matthew Hewlett and Caleb Turon tested the instructions against an ATM at a near by super market, the ninth grader didn't expect them to work. To their surprise, the machine quickly prompted them for a password. Even more surprising, their first guess-a six-character password that's common among default settings, let them in. The boys then reported their launch-hour to the bank employees, who at first thought the duo had merely acquired the PINs of an ATM customer.
Graciously, the bank officials typed a letter on bank letterhead asking the boys' school to excuse their tardiness. The note was remarkable. Under US laws, and most likely under Canadian law as well, the unauthorized access of an ATM is a violation of a variety of statutes, regardless of the intentions or ages of those who do it.
Whitehat hackers who discover vulnerabilities are advised to never break into a computer or network they don't legally own unless getting permission in writing first. In the most extreme cases, a single conviction under the Computer Fraud and Abuse Act and statutes protecting banks and ATMs can result in a prison sentence of 20 years and stiff fines.
When Matthew Hewlett and Caleb Turon tested the instructions against an ATM at a near by super market, the ninth grader didn't expect them to work. To their surprise, the machine quickly prompted them for a password. Even more surprising, their first guess-a six-character password that's common among default settings, let them in. The boys then reported their launch-hour to the bank employees, who at first thought the duo had merely acquired the PINs of an ATM customer.
Graciously, the bank officials typed a letter on bank letterhead asking the boys' school to excuse their tardiness. The note was remarkable. Under US laws, and most likely under Canadian law as well, the unauthorized access of an ATM is a violation of a variety of statutes, regardless of the intentions or ages of those who do it.
Whitehat hackers who discover vulnerabilities are advised to never break into a computer or network they don't legally own unless getting permission in writing first. In the most extreme cases, a single conviction under the Computer Fraud and Abuse Act and statutes protecting banks and ATMs can result in a prison sentence of 20 years and stiff fines.
Subscribe to:
Post Comments
(
Atom
)
No comments :
Post a Comment