Thanks to all participants for making EAST FCS 2015 a success!

There was a full turnout at the EAST Financial Crime & Security (FCS) Forum 2015, held at the Grand Hotel Amrâth Kurhaus, Scheveningen in the Hague and feedback thus far has been enormously positive.

EAST FCS 2015 - 3 (1)The EAST team would like to thank all who attended EAST FCS 2015 and who helped to make the conference such a huge success! The event was overbooked several weeks in advance but the venue was happy to provide more space for the extra seating to squeeze in the extra participants.

Here is what a couple of delegates had to say about the event:

EAST FCS 2015 - 4 (1)“It was remarkable! The most important thing for any event – atmosphere – was great! It allowed everybody to contact and to get actual information. Balance between presentation time and live networking was perfect.” – Ukraine.

“It was a very interesting program, and the facilities were just great. I would not mind getting back there in two years.” – Norway.

If you did not have a chance to attend this year’s conference the next one is scheduled to take place in June 2017. In the meantime, keep an eye on the EAST website, Facebook page, on LinkedIn or follow us on Twitter to keep abreast of all EAST activities and news on the next open event.

EAST FCS 2015 - 2 (1)In her closing address, conference Chairman Úna Dillon, Development Director of EAST, summarised the two-day conference by noting the importance for industry to collaborate with law-enforcement. A number of case studies were provided during the event showing proof of the benefits both police and financial institutions gain from working together to fight crime.

One of EAST’s missions is to build strong relationships between police forces including, and especially, Europol (with which EAST signed an MOU during the week of the conference) and the financial services industry which is continuously under attack by every level of criminal; from on-the-street payment card theft to organised cybercrime.

This EAST FCS Forum, the second thus far, has proven to be a successful platform in bringing together the perfect mix of banking representatives, security experts, police, payments associations, government agencies and many other stakeholders in the ATM crime prevention sector  –  the dialogue and learning from right across Europe, the U.S. and South America will no doubt help all participants to better detect and prevent ATM Crime going forward.

EAST would like to thank our partners again without whom this conference would not have been possible at all. Our deepest appreciation to Liquid Nexxus, co-organisers of EAST FCS 2015 and to our sponsors BVK, Cyttek Group, CSPtec, Damage Control, Fortconsult, GMV, TMD Security and the ATM Security Association.

We appreciated very much the speakers who provided such meaningful content. Speakers came from 12 different countries, some traveling more than 5,000 miles to share their knowledge and enthusiasm for ATM crime prevention.

EAST is currently processing the feedback received from this event in an effort to ensure the next forum suits everyone’s needs, on every level. We hope to see you all at the next EAST FCS Forum – EAST FCS 2017!

EAST FCS 2015 - 5 (1)

ATM Compromise with and without Whitelisting

system penetrationATM compromise through the use of malicious software is on the increase across the world.  At EAST FCS 2015 a demonstration will show how a Windows ATM platform can be compromised through malware infection – this will be done using advanced techniques that evade anti-virus and whitelisting protection.  A virtual ATM machine running on Windows XP and Windows 7, with an XFS layer both with and without application whitelisting, will be infected using known ATM malware.

The demo will be carried out by Alexandru (Alex) Mihai Gherman, Principal Security Consultant, FortConsult. In a follow up demo, he will then show how to compromise a Windows ATM platform that is protected by a well known whitelisting solution used by many banks, highlighting the various security features. The ATM will be infected with malware used for a jackpotting attack. The infection will use process and library memory injection techniques and will attempt to exploit vulnerabilities in the binaries that are supposedly protected by the whitelisting solution, leading to deactivation and system compromise.

About Alexandru Mihai Gherman

Mihai_Alexandru_Petrea_FortconsultAlex is a computer security specialist with over 14 years experience.  As Principal Security Consultant at FortConsult he specialises in Research & Development, Security Incident Response, Forensic and Malware Analysis, Application Security, and Mobile Security.

He has a strong focus in reverse engineering malware, incident response and forensics, reverse engineering software (including ARM and MIPS embedded systems), vulnerability research and analysis, and in smartphone hardware, software and malware analysis (Android and Apple iOS).

His professional experience includes attack techniques such as Shell Coding, ELF and dynamic-linking, stack overflows, Ret2libc, Return-Oriented Programming (ROP), heap spraying, application-level heap attacks, stack flapping and defeating ASLR and DEP.  He is well versed in Python, Java, C/C+ and has specialised in internal and external penetration testing applications, networks, applications and wireless networks, testing Web Application Programming Interfaces (REST-based, JSON, SOAP) against OWASP vulnerabilities.

He is currently involved in researching reverse engineering software running on Atmel microcontrollers, ARM and MIPS embedded devices and car hacking.