This is the Shared Security Weekly Blaze for February 5, 2018 sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions. This episode was hosted by Tom Eston.
Show Transcript
This is your Shared Security Weekly Blaze for February 5th 2018…with your host…Tom Eston
In this week’s episode: ICE license plate tracking database, the first Jackpotting attacks on US ATMs and the Strava global heatmap controversy.
Hi everyone, I’m Tom Eston, Co-host of the Shared Security podcast. Welcome to the Shared Security Weekly Blaze where we update you on the top 3 security and privacy topics from the week. These weekly podcasts are published every Monday and are 15 minutes or less quickly giving you “news that you can use”.
Our number three story of the week is about ICE, the Immigration and Customs Enforcement Agency and how they now have the ability to track billions of license plate records across the US using ALPR (Automated License Plate Recognition) technology. A company called Vigilant Systems has been putting together a database of license plate records submitted by repo agencies, local law enforcement, traffic cameras as well as data from roving ALPR vehicles (similar to the Google street view cars you may have seen roaming around your neighborhood). Vigilant Systems is partnering with ICE so that they can use this data in deportation and immigration control cases. Several civil liberty groups, such as the ACLU, have stated concerns that this database could be used locate and track anyone in real-time for more than just immigration issues. Even if you’re not connected to a criminal investigation, your license record and driving habits could be in this database. The other controversy is that Vigilant systems entered into a private contract with ICE which is a government agency, therefore, there was no congressional oversight and no accountability with a massive surveillance system like this in government hands.
What can you do if you’re concerned about ALPR technology and being tracked? From an legal perspective, several weeks ago the state of California introduced bill S.B 712 which would allow drivers to cover their license plate while parked legally in order to avoid roving ALPR scans, but the bill was rejected by the California senate just this week. No other states to my knowledge are proposing similar legislation. From a product perspective, there are ALPR “blockers” in the form of IR filters and special reflective coatings that can be applied to license plates in an attempt to block ALPR scans. There are many different types of products out there that are just a Google search away. Friendly disclaimer: you should research the legality of using such ALPR anti-tracking devices in your state and/or country before purchasing or using any of these products.
Our number two story this week is about the “jackpotting” attacks that are targeting ATMs in the United States. Jackpotting allows malware installed on ATM machines to shoot out money just like a Las Vegas slot machine. For some strange reason I’m reminded of the movie “Vegas Vacation” in the scene where Clark Griswold jackpot’s his family bank account at the ATM. This attack, on the other hand, is no laughing matter.
In order to perform the attack someone needs to physically access the ATM machine and install the malware via a USB port or through another interface, such as the cash dispensing or front loading slot, and eventually get the malware to infect the underlying operating system of the ATM. Brian Krebs from Published on 7 years, 10 months ago
If you like Podbriefly.com, please consider donating to support the ongoing development.
Donate