Juniper nixes ATM security talk

The researcher had found serious flaws in ATM software

Router maker Juniper Networks has barred one of the company's security researchers from discussing security flaws in Automated Teller Machines after an ATM maker threatened legal action.

Staff Security Researcher Barnaby Jack had been set to deliver a July 30 talk entitled "Jackpotting Automated Teller Machines" at the Black Hat security conference in Las Vegas. But Jack abruptly asked conference organizers to pull the talk on Monday, according to Black Hat Director Jeff Moss. The talk has also been pulled from Black Hat's sister conference, Defcon, he added.

News of the cancellation was first reported by security news site Risky.Biz.

In a statement, Juniper said Tuesday that it made Jack withdraw the talk after an ATM vendor expressed concern that Jack's research could be misused. "Considering the scope and possible exposure of this issue on other vendors, Juniper decided to postpone Jack's presentation until all affected vendors have sufficiently addressed the issues found in his research," Juniper said.

Neither Juniper nor Moss would name the ATM maker that Jack had been studying, but Juniper says it is reaching out to other vendors as well to share information.

According to Jack's description of the talk on the Defcon site, he had found a vulnerability in the underlying software used to run "a line of popular new model ATMs."

"I've always liked the scene in Terminator 2 where John Connor walks up to an ATM, interfaces his Atari to the card reader and retrieves cash from the machine," the Juniper researcher wrote. "I think I've got that kid beat."

The presentation was supposed to "explore both local and remote attack vectors, and finish with a live demonstration of an attack on an unmodified, stock ATM."

According to a source familiar with the situation, Jack had been working with the vendor for the past nine months, but the ATM maker grew concerned that Jack's talk would lead to some bad publicity.

Black Hat talks have been pulled in the past because of legal threats. In 2005 researcher Michael Lynn was told by his employer, Internet Security Systems, to pull a Black Hat talk on router vulnerabilities after Cisco Systems threatened to sue him. Lynn quit and gave the talk anyway.

Within months, he was hired by Juniper.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags juniperblack hatautomatic teller machine

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service
Show Comments



Victorinox Werks Professional Executive 17 Laptop Case

Learn more >



Back To Business Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?