Amabhokisi ensimbi anemali emi emigwaqweni yedolobha awakwazi ukudonsa amehlo abathandi bemali esheshayo. Futhi uma izindlela zangaphambili ezingokomzimba bezisetshenziswa ukuthulula ama-ATM, manje kusetshenziswa amaqhinga ahlobene nekhompiyutha anekhono ngokwengeziwe. Manje okubaluleke kakhulu kubo "ibhokisi elimnyama" eline-microcomputer yebhodi elilodwa ngaphakathi. Sizokhuluma ngokuthi isebenza kanjani kulesi sihloko.
Inhloko ye-International ATM Manufacturers Association (ATMIA) "amabhokisi amnyama" njengosongo oluyingozi kakhulu kuma-ATM.
I-ATM ejwayelekile iyisethi yezingxenye ze-electromechanical esezilungile ezigcinwe endlini eyodwa. Abakhiqizi be-ATM bakha izinto zabo zezingxenyekazi zekhompuyutha ezivela kusikhiphi sezikweletu, isifundi samakhadi nezinye izinto esezivele zakhiwe ngabahlinzeki bezinkampani zangaphandle. Uhlobo lomakhi we-LEGO wabantu abadala. Izingxenye eziqediwe zifakwe emzimbeni we-ATM, ovame ukuhlanganisa izingxenye ezimbili: igumbi eliphezulu ("ikhabhinethi" noma "indawo yesevisi"), kanye nendawo ephansi (ephephile). Zonke izingxenye ze-electromechanical zixhunywe ngezimbobo ze-USB ne-COM kuyunithi yesistimu, kulesi simo esebenza njengomsingathi. Kumamodeli ama-ATM amadala ungathola ukuxhumana ngebhasi le-SDC.
Ukuvela kwekhadi le-ATM
Ama-ATM anemali enkulu ngaphakathi ahlala aheha amakhadi. Ekuqaleni, abanikazi bamakhadi basebenzisa kuphela ukuntula okukhulu ngokomzimba kokuvikelwa kwe-ATM - babesebenzisa abashicileli bezandla nabacwebezelayo ukuze bantshontshe idatha emithende kazibuthe; amaphinikhodi amanga namakhamera okubuka amaphinikhodi; ngisho nama-ATM mbumbulu.
Khona-ke, lapho ama-ATM eqala ukuhlonyiswa ngesofthiwe ebumbene esebenza ngokuvumelana nezindinganiso ezivamile, njenge-XFS (eXtensions for Financial Services), amakhadi aqala ukuhlasela ama-ATM ngamagciwane ekhompyutha.
Phakathi kwazo kukhona iTrojan.Skimmer, Backdoor.Win32.Skimer, Ploutus, ATMii nezinye izinhlelo ezingayilungele ikhompuyutha eziqanjwe ngamagama nezingashiwongo, ezitshalwa ngamakhadi kumasingathi we-ATM noma nge-USB flash drive ebhuthayo noma ngembobo elawulwa kude ye-TCP.
Inqubo yokutheleleka kwe-ATM
Ngemva kokuthwebula i-subsystem ye-XFS, uhlelo olungayilungele ikhompuyutha lungakhipha imiyalo kumnikezeli wemali yemali ngaphandle kokugunyazwa. Noma nikeza isifundi sekhadi imiyalo: funda/bhala umugqa kazibuthe wekhadi lasebhange futhi uthole nomlando wokwenziwe ogcinwe ku-chip yekhadi le-EMV. I-EPP (I-PIN Pad Yokubhala) idinga ukunakwa okukhethekile. Kuyavunywa ukuthi i-PIN khodi efakwe kuyo ayinakuvinjwa. Nokho, i-XFS ikuvumela ukuthi usebenzise iphinikhodi ye-EPP ngezindlela ezimbili: 1) imodi evulekile (yokufaka amapharamitha ezinombolo ahlukahlukene, njengenani okufanele likhishwe); 2) Imodi ephephile (i-EPP ishintshela kuyo uma udinga ukufaka i-PIN khodi noma ukhiye wokubethela). Lesi sici se-XFS sivumela umenzi wekhadi ukuthi enze ukuhlasela kwe-MiTM: abambe umyalo wokwenza kusebenze imodi ephephile othunyelwa usuka kumsingathi uye ku-EPP, bese wazisa iphinikhodi ye-EPP ukuthi kufanele iqhubeke nokusebenza kumodi evulekile. Ukuphendula lo mlayezo, i-EPP ithumela izinkinobho zombhalo ocacile.
Umgomo wokusebenza "webhokisi elimnyama"
Eminyakeni yakamuva, I-Europol, i-malware ye-ATM iguquke kakhulu. Amakhadi akusadingeki ukuba abe nokufinyelela ngokomzimba ku-ATM ukuze ayithelele. Bangakwazi ukuthelela ama-ATM ngokuhlaselwa kwenethiwekhi okukude besebenzisa inethiwekhi yebhizinisi yebhange. Iqembu IB, ngo-2016 emazweni angaphezu kwe-10 aseYurophu, ama-ATM ayengaphansi kokuhlaselwa okukude.
Ukuhlaselwa kwe-ATM ngokufinyelela kude
Ama-antivirus, ukuvimbela ukuvuselelwa kwe-firmware, ukuvimba izimbobo ze-USB kanye nokubethela i-hard drive - ngezinga elithile vikela i-ATM ekuhlaselweni kwegciwane ngamakhadi. Kodwa kuthiwani uma umenzi wekhadi engahlaseli umsingathi, kodwa uxhuma ngqo kumngcele (nge-RS232 noma i-USB) - kumfundi wekhadi, iphinikhodi noma isikhiphi semali?
Okokuqala ukwazana "nebhokisi elimnyama"
Amakhadi anamuhla e-tech-savvy , usebenzisa lokho okubizwa ngokuthi ukweba ukheshi ku-ATM. "Amabhokisi amnyama" ahlelwe ngokuqondile ama-microcomputer ebhodi elilodwa, njenge-Raspberry Pi. "Amabhokisi amnyama" angenalutho ama-ATM ngokuphelele, ngomlingo ngokuphelele (kusuka endaweni yokubuka yababhange). Amakhadi axhuma idivayisi yawo yomlingo ngqo kumshini wokukhipha imali; ukukhipha yonke imali etholakalayo kuyo. Lokhu kuhlasela kudlula yonke isofthiwe yezokuphepha efakwe kumsingathi we-ATM (i-antivirus, ukuqapha ubuqotho, ukubethela okugcwele kwediski, njll.).
"Ibhokisi elimnyama" elisuselwa ku-Raspberry Pi
Abakhiqizi abakhulu be-ATM kanye nezinhlangano zezobunhloli zikahulumeni, zibhekene nokuqaliswa okuningana kwe "black box", ukuthi la makhompyutha ahlakaniphile anxenxela ama-ATM ukuba akhiphe yonke imali etholakalayo; Ama-banknotes angama-40 njalo ngemizuzwana engama-20. Izinsizakalo zokuphepha ziphinde zixwayise ngokuthi ngokuvamile amakhadi avame ukukhomba ama-ATM emakhemisi nasezikhungweni zezitolo; kanye nama-ATM ahlinzeka abashayeli lapho besohambeni.
Ngesikhathi esifanayo, ukuze bangabonakali phambi kwamakhamera, amakhadi aqaphile kakhulu athatha usizo lomlingani ongabalulekile kakhulu, umnyuzi. Futhi ukuze angakwazi ukuzifanelekela “ibhokisi elimnyama”, basebenzisa . Basusa ukusebenza okubalulekile “kubhokisi elimnyama” bese bexhuma i-smartphone kuyo, esetshenziswa njengesiteshi sokudlulisa imiyalo ukude “kubhokisi elimnyama” elihlutshiwe nge-IP protocol.
Ukulungiswa "kwebhokisi elimnyama", ngokuvula ngokufinyelela kude
Lokhu kubukeka kanjani ngokombono wababhange? Ekurekhodweni okuvela kumakhamera wevidiyo, kwenzeka into enjengale: umuntu othile uvula igumbi eliphezulu (indawo yesevisi), uxhuma "ibhokisi lomlingo" ku-ATM, avale igumbi eliphezulu futhi ashiye. Ngemva kwesikhashana, abantu abaningana, amakhasimende abonakala avamile, basondela ku-ATM futhi bakhiphe imali eshisiwe. Umenzi wekhadi ube esebuya futhi alande idivayisi yakhe encane engumlingo ku-ATM. Ngokuvamile, iqiniso lokuhlaselwa kwe-ATM "ngebhokisi elimnyama" litholakala kuphela ngemva kwezinsuku ezimbalwa: lapho isisefo esingenalutho kanye nelogi yokukhipha imali engafani. Ngenxa yalokho, abasebenzi basebhange bangakwazi kuphela .
Ukuhlaziywa kokuxhumana kwe-ATM
Njengoba kuphawuliwe ngenhla, ukusebenzisana phakathi kweyunithi yesistimu namadivayisi ajikelezayo kwenziwa nge-USB, RS232 noma i-SDC. Umenzi wekhadi uxhuma ngqo embobeni yedivayisi yocingo bese ethumela imiyalo kuyo - ukweqa umsingathi. Lokhu kulula kakhulu, ngoba ukuxhumana okujwayelekile akudingi noma yimaphi abashayeli abathile. Futhi amaphrothokholi obunikazi lapho i-peripheral kanye nomsingathi basebenzisana awadingi ukugunyazwa (phela, idivayisi itholakala ngaphakathi kwendawo ethembekile); ngakho-ke lezi zimiso ezingavikelekile, lapho i-peripheral kanye nomsingathi bexhumana, zilaleleka kalula futhi zingenwa kalula ukuhlaselwa kokudlala kabusha.
Lokho. Abanikazi bamakhadi bangasebenzisa isofthiwe noma i-hardware yokuhlaziya ithrafikhi, bayixhume ngokuqondile embobeni yedivayisi ethile yocingo (isibonelo, isifundi sekhadi) ukuze baqoqe idatha edlulisiwe. Ngokusebenzisa umhlaziyi wethrafikhi, umenzi wekhadi ufunda yonke imininingwane yezobuchwepheshe yokusebenza kwe-ATM, okuhlanganisa nemisebenzi engabhaliwe yezingxenye zayo ezizungezile (isibonelo, umsebenzi wokushintsha i-firmware yedivayisi ejikelezayo). Ngenxa yalokho, umenzi wekhadi uthola ukulawula okuphelele ku-ATM. Ngesikhathi esifanayo, kunzima kakhulu ukubona ukuba khona komhlaziyi wethrafikhi.
Ukulawula okuqondile komkhiqizi wemali yemali kusho ukuthi amakhasethi e-ATM angathululwa ngaphandle kokurekhodwa kulogi, ngokuvamile afakwa isofthiwe efakwe kumsingathi. Kulabo abangazi kahle ihadiwe ye-ATM kanye nesakhiwo sesoftware, ingabukeka njengomlingo ngempela.
Avelaphi amabhokisi amnyama?
Abahlinzeki be-ATM nosonkontileka abancane bathuthukisa izinsiza zokulungisa iphutha ukuze bahlole ihadiwe ye-ATM, okuhlanganisa nemishini kagesi enesibopho sokudonsa imali. Phakathi kwalezi zinsiza: , . Isibalo esingezansi sibonisa ezinye izinsiza zokuxilonga ezimbalwa.
Iphaneli yokulawula ye-ATMDesk
Iphaneli yokulawula ye-RapidFire ATM XFS
Izici zokuqhathanisa zezinsiza ezimbalwa zokuxilonga
Ukufinyelela ezinsizeni ezinjalo ngokuvamile kukhawulelwe kumathokheni omuntu siqu; futhi zisebenza kuphela lapho umnyango ophephile we-ATM uvuliwe. Nokho, ngokumane ufake esikhundleni amabhayithi ambalwa kukhodi kanambambili yensiza, amakhadi “hlola” ukukhishwa kwemali - ukweqa amasheke anikezwe umkhiqizi wosizo. Abanikazi bamakhadi bafaka izinsiza ezinjalo ezishintshiwe kukhompuyutha yabo ephathekayo noma i-micro-board-board microcomputer, ezisuke zixhunywe ngqo kusikhiphi semali yemali ukuze kukhishwe imali okungagunyaziwe.
"Imayela lokugcina" kanye nesikhungo sokucubungula inkohliso
Ukusebenzisana okuqondile ne-periphery, ngaphandle kokuxhumana nomsingathi, kungenye yezindlela ezisebenzayo zamakhadi. Amanye amasu ancike ekutheni sinenhlobonhlobo yokuxhumana kwenethiwekhi lapho i-ATM ixhumana nezwe langaphandle. Kusukela ku-X.25 ukuya ku-Ethernet namaselula. Ama-ATM amaningi angabonakala futhi enziwe abendawo kusetshenziswa isevisi ye-Shodan (kuyanikezwa imiyalelo emfushane kakhulu yokusetshenziswa kwayo ), - ngokuhlaselwa okulandelayo okusebenzisa ukucushwa kokuphepha okusengozini, ukuvilapha komlawuli kanye nokuxhumana okusengozini phakathi kweminyango ehlukahlukene yebhange.
"Imayela lokugcina" lokuxhumana phakathi kwe-ATM kanye nesikhungo sokucubungula linothe ezinhlobonhlobo eziningi zobuchwepheshe ezingasebenza njengendawo yokungena yekhadi. Ukusebenzisana kungenziwa ngezintambo (ulayini wefoni noma i-Ethernet) noma ngocingo (i-Wi-Fi, iselula: i-CDMA, i-GSM, i-UMTS, i-LTE) indlela yokuxhumana. Izindlela zokuphepha zingabandakanya: 1) izingxenyekazi zekhompuyutha noma isofthiwe yokusekela i-VPN (kokubili okujwayelekile, okwakhelwe ku-OS, nokusuka kwabanye abantu); 2) I-SSL/TLS (kokubili eqondene nemodeli ethile ye-ATM kanye nakubakhiqizi bezinkampani zangaphandle); 3) ukubethela; 4) ukuqinisekiswa komlayezo.
Nokho, ukuthi kumabhange ubuchwepheshe obufakwe ohlwini bubonakala buyinkimbinkimbi kakhulu, ngakho-ke abazihluphi ngokuvikelwa kwenethiwekhi okukhethekile; noma bayisebenzisa ngamaphutha. Esimeni esihle kakhulu, i-ATM ixhumana neseva ye-VPN, futhi kakade ngaphakathi kwenethiwekhi yangasese ixhuma esikhungweni sokucubungula. Ukwengeza, ngisho noma amabhange ekwazi ukusebenzisa izindlela zokuvikela ezibalwe ngenhla, ikhadi selivele linokuhlasela okuphumelelayo ngokumelene nawo. Lokho. Noma ngabe ukuvikeleka kuhambisana nezinga le-PCI DSS, ama-ATM asesengozini.
Enye yezidingo ezibalulekile ze-PCI DSS ukuthi yonke idatha ebucayi kufanele ibethelwe lapho idluliswa ngenethiwekhi yomphakathi. Futhi empeleni sinamanethiwekhi ayeklanywe ngendlela yokuthi idatha ekuwo ibethelwe ngokuphelele! Ngakho-ke, kuyalinga ukuthi: "Idatha yethu ibethelwe ngoba sisebenzisa i-Wi-Fi ne-GSM." Nokho, amaningi alawa manethiwekhi awanikezi ukuphepha okwanele. Amanethiwekhi omakhalekhukhwini azo zonke izizukulwane sekuyisikhathi eside agqekezwa. Ekugcineni futhi ngokungenakuguquleka. Futhi kukhona nabahlinzeki abahlinzeka ngamadivayisi ukuze abambe idatha edluliswa phezu kwabo.
Ngakho-ke, kungaba ngokuxhumana okungavikelekile noma kunethiwekhi “yangasese”, lapho i-ATM ngayinye izisakaza kwamanye ama-ATM, kungase kuqalwe ukuhlasela kwe-MiTM “isikhungo sokucubungula umgunyathi” - okuzoholela ekubambeni kwekhadi ukulawula ukugeleza kwedatha okudluliselwa phakathi I-ATM kanye nesikhungo sokucubungula.
Izinkulungwane zama-ATM zingase zithinteke. Endleleni eya esikhungweni sokucubungula sangempela, u-cardr ufaka eyakhe, engelona iqiniso. Lesi sikhungo sokucubungula umgunyathi sinikeza imiyalo ku-ATM ukuthi ikhiphe imali engamaphepha. Kulokhu, umenzi wekhadi ulungiselela isikhungo sakhe sokucubungula ngendlela yokuthi imali ikhishwe kungakhathaliseki ukuthi yiliphi ikhadi elifakwe ku-ATM - ngisho noma liphelelwe yisikhathi noma linebhalansi eyiziro. Into eyinhloko ukuthi isikhungo sokucubungula inkohliso "siyasibona". Isikhungo sokucubungula umgunyathi singaba umkhiqizo owenziwe ekhaya noma isifanisi sesikhungo sokucubungula, esakhelwe ekuqaleni ukulungisa amaphutha enethiwekhi (esinye isipho esivela “kumkhiqizi” siya kumakhadi).
Esithombeni esilandelayo ukulahlwa kwemiyalo yokukhishwa kwamaphepha angama-40 ekhasethi lesine - athunyelwa evela esikhungweni sokucubungula okungelona iqiniso futhi agcinwe kumalogi esoftware ye-ATM. Babukeka cishe bangempela.
Ukulahlwa komgunyathi kwesikhungo sokucubungula mbumbulu
Source: www.habr.com