| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to ATM attacks involving malware being installed on the machines has happened before at Diebold Inc. In early last year, Diebold Inc issued a security update for its Windows-based ATMs after criminals attacked a number of them in Russia and installed malware designed to steal sensitive data [1481].
(b) The software failure incident related to ATM attacks involving malware has also occurred at other organizations. Criminals have targeted the backend of ATMs, where the ATM interfaces with other networks at financial institutions, in cases such as the RBS WorldPay heist [1481]. |
| Phase (Design/Operation) |
design, operation |
(a) The article mentions incidents where criminals have attacked ATMs by opening them up and installing malware on the machines, such as in the case of Diebold Inc issuing a security update for its Windows-based ATMs after attacks in Russia [1481]. These incidents highlight failures related to the design phase, where vulnerabilities in the system's software are exploited by attackers during the development or system update processes.
(b) The article also discusses instances where criminals target the backend of ATMs to steal sensitive data by manipulating ATM software or sending out bogus text messages to consumers [1481]. These actions represent failures related to the operation phase, where contributing factors introduced by the operation or misuse of the system lead to security breaches and fraud incidents. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) within_system: The articles mention instances where ATM attacks involved criminals opening up ATMs and installing malware on the machines, such as in the case of Diebold Inc issuing a security update for its Windows-based ATMs after attacks in Russia [1481]. This indicates that the failure incidents were due to contributing factors originating from within the system itself.
(b) outside_system: The articles also discuss how thieves are gaining access to customers' PINs by manipulating ATM software and sending out bogus text messages to consumers requesting personal information [1481]. This highlights that failure incidents can also be influenced by contributing factors originating from outside the system. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident occurring due to non-human actions:
- The article mentions incidents where criminals have attacked ATMs and installed malware on the machines, such as in the case of Diebold Inc issuing a security update for its Windows-based ATMs after attacks in Russia [1481].
- There have been instances of ATM attacks where maintenance crews opened up ATMs and installed malware on the machines [1481].
(b) The software failure incident occurring due to human actions:
- Criminals have targeted the backend of ATMs, where the ATM interfaces with other networks at financial institutions, to carry out heists like the RBS WorldPay incident [1481].
- Thieves have gained access to customers' PINs by manipulating ATM software and sending out bogus text messages to consumers requesting their personal information [1481]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident occurring due to hardware:
- The article mentions incidents where criminals opened up ATMs and installed malware on the machines, indicating a hardware-related attack [1481].
- Criminals attacked Windows-based ATMs in Russia and installed malware designed to steal sensitive data, highlighting a hardware-related vulnerability [1481].
(b) The software failure incident occurring due to software:
- The article discusses incidents where criminals manipulated ATM software and sent out bogus text messages to consumers to gain access to customers' PINs, indicating software-related vulnerabilities [1481].
- Diebold Inc issued a security update for its Windows-based ATMs after criminals attacked them in Russia and installed malware, emphasizing a software-related security issue [1481]. |
| Objective (Malicious/Non-malicious) |
malicious, non-malicious |
(a) The articles mention instances of malicious software failure incidents related to ATM security. Criminals have been reported to have attacked ATMs by installing malware on the machines, manipulating ATM software, and sending out bogus text messages to consumers to gain access to their PINs [1481]. These actions were carried out with the intent to harm the system and steal sensitive data.
(b) The articles also discuss non-malicious software failure incidents related to ATM security. For example, there have been cases where criminals targeted the backend of ATMs to steal data by interfacing with other networks at financial institutions [1481]. Additionally, the articles highlight that securing an ATM is like securing a house, implying that non-malicious factors such as vulnerabilities in the system architecture and lack of robust security measures can also contribute to failures [1481]. |
| Intent (Poor/Accidental Decisions) |
poor_decisions, accidental_decisions |
(a) The intent of the software failure incident related to poor decisions can be inferred from the article. The article mentions that some ATMs were attacked by criminals who installed malware on the machines after apparent maintenance crews opened them up [1481]. This indicates that the decision to allow unauthorized access to the ATMs for maintenance without proper security measures in place was a poor decision that led to the software failure incident. Additionally, the article highlights that criminals targeted the backend of ATMs where they could install malware to steal sensitive data, indicating a lack of robust security measures in place [1481].
(b) The intent of the software failure incident related to accidental decisions can also be seen in the article. It mentions that in some cases, criminals targeted the backend of ATMs to install malware, such as in the RBS WorldPay heist [1481]. This suggests that the decision to not have sufficient security measures in place to prevent unauthorized access to the backend of the ATMs was an accidental decision that contributed to the software failure incident. Additionally, the article discusses how thieves are gaining access to customers' PINs by manipulating ATM software, indicating unintentional vulnerabilities in the software that were exploited [1481]. |
| Capability (Incompetence/Accidental) |
accidental |
(a) The articles do not provide information about a software failure incident related to development incompetence.
(b) The articles mention incidents where criminals have attacked ATMs and installed malware on the machines, such as in the case of Diebold Inc issuing a security update for its Windows-based ATMs after criminals attacked them in Russia and installed malware designed to steal sensitive data [1481]. These incidents can be categorized as software failure incidents occurring due to accidental factors introduced by malicious actors. |
| Duration |
unknown |
The articles do not provide specific information about a software failure incident being either permanent or temporary. |
| Behaviour |
omission, timing, value, other |
(a) crash: The article mentions a scenario where criminals attacked Windows-based ATMs in Russia and installed malware designed to steal sensitive data, leading to a security update by Diebold Inc [1481].
(b) omission: The article discusses ATM attacks where maintenance crews opened up ATMs and installed malware on the machines, indicating a failure of the system to perform its intended functions due to the malicious installation of malware [1481].
(c) timing: The article mentions instances where thieves gained access to customers' PINs by manipulating ATM software and sending out bogus text messages to consumers, indicating that the system performed its intended functions but at the wrong time, leading to security breaches [1481].
(d) value: The article highlights cases where criminals targeted the backend of ATMs to steal sensitive data, indicating a failure of the system to perform its intended functions correctly, resulting in data theft [1481].
(e) byzantine: The article does not specifically mention any instances of the system behaving erroneously with inconsistent responses and interactions.
(f) other: The article discusses various risks to ATM security, including physical attacks, card skimming, social engineering, hacking, and the use of skimmers, which could be categorized as "other" behavior in terms of security threats faced by the system [1481]. |