The latest threat to ATMs. A really dangerous kind of cyberattack
A new type of cyber threat
A system developed by researchers at the University of Glasgow in Scotland draws attention to a fresh category of cyberthreat. This attack uses heat. The frequency of these occurrences is anticipated to rise in tandem with the depreciation of thermal imaging cameras and the development of machine learning.
ThermoSecure uses an infrared camera to identify the keys you touch. The device not only identifies the keys used - it also guesses passwords on computer and ATM keyboards. Up to a minute after you enter them.
Thermal attack on ATMs. What is it about?
The likely attack scenario was described by experts. The ATM keyboard can be photographed with the heat signature of the area where the user's fingers touched the buttons by a bystander using an infrared camera. Which keys have been used recently can be seen in the lighter area. The system can identify the letters, numbers, and symbols that make up a password and estimate the order in which they are used by measuring the relative intensity of warmer areas.
1,500 thermal images of recently used QWERTY keyboards were taken from various angles by scientists. A probabilistic model is used by the artificial intelligence model to effectively read images and analyze passwords from heat signature cues.
Backlit keyboard safer
Within 20 seconds of typing a password, up to 86 percent of them were correctly decoded. The system played 82 percent of the 12-symbol sequences. 93 percent of passwords had eight symbols, and six symbols were used consistently.
- The backlit keyboard displays more heat than the usual one, and thus hinders accurate thermal readings - notes Mariusz Politowicz, Bitdefender expert in Poland.