X-Force Red is not the name of the newest superhero cartoon. It’s the name of IBM’s new security team. On August 6 at the Black Hat Conference, IBM announced its X-Force Red Labs.
“IBM (NYSE: IBM) Security today announced X-Force Red Labs, a network of four secure facilities dedicated to testing the security of devices and systems including consumer and industrial IoT technologies, automotive equipment, and Automated Teller Machines (ATMs). “
Of interest to financial institutions is IBM’s new dedicated ATM testing practice:
“With more than 300 million ATMs in the world, financial institutions need to protect these targeted machines from attackers.”
IBM points out that its testing services include a global team of experienced penetration testers that can identify and help remediate physical hardware and software vulnerabilities of banks’ ATMs. The X-Force Red ATM testing services include the following:
-
“Comprehensive ATM Evaluation: Evaluation of physical, network, application and computer system security, searching for vulnerabilities that a criminal hacker may exploit.
-
Attacker-Minded Testing: Hacking into ATMs using the same tools and methods a criminal would use, to identify exploitable vulnerabilities.
-
Vulnerability Remediation Recommendations: Hardening of ATM systems and defenses via comprehensive recommendation reports.
-
Compliance: Review of ATM logs to help financial organizations stay in compliance with industry standards such as the Payment Card Industry Data Security Standard (PCI DSS).”
This initiative will no doubt be a success as IBM is able to pull from its vast base of knowledge and expertise on a global scale.
Overview by Ryan McEndarfer Editor-in-chief at PaymentsJournal.com