software
"By limiting access it becomes
harder to hack into the network,
the device, or the user accounts"
not sophisticated, limiting access to
information, networks, and devices
through lockdown technologies should
be the first step to reducing cybercriminal
activity. Simply put, technology should be
utilised to make it harder to gain access.
This has been done successfully in
recent years. Payment fraud, for instance,
has been largely reduced through the use
of Chip and Pin/EMV technologies. Adding
chip and pin to both unattended and
attended devices has significantly eroded
payment fraud, and moved it elsewhere in
vast numbers. Similarly, restricting access
to networks, data, and device operating
42 KIOSK solutions
systems, through lockdown self-service
technologies such as kiosk system
software, will make it harder to gain
access to data provided by previous users
and make it impossible to add keylogging
or capturing software to the device.
Securing the OS
Preventing access to the OS also limits
the ability to use the device to connect
to other information living on the same
network as the kiosk/device. By limiting
access, it becomes harder to hack into
the network, the device, or the user
accounts in order to obtain information
that would be worth money on the
black market. Kiosk security software
also restricts the user’s ability to add
ransomware to the device – a costly
cybercriminal activity which can have
immediate cost implications whether
paid out or not.
Even something as dependent on
human error as social engineering
(also known as phishing attacks) can
be prevented with the right security.
Antivirus software, when used in
conjunction with kiosk system software,
and kiosk device management tools can
create a strong and impenetrable barrier
– protecting the information being
transmitted by public access devices,
and protecting the device itself from
becoming a security leak.
How do these solutions actually
work to protect smart city technologies
from cybercriminals? In the case of
kiosk system software, it’s through a
thorough feature-by-feature restrictive
lockdown system. For example, in a
social engineering attack, a user’s email
carries an infected or malware laden file
or link, when users are accessing that file
(via email) kiosk system software would
first block the user from going to the
unauthorised website, and then would
block the file from downloading.
By using kiosk system software
on smart city provided devices for
informational or transactional purposes,
cybercriminal activities can be minimized;
particularly those which target acquiring
data for criminal usage, preventing
access to unauthorised Darknet activities,
becoming infected with ransomware,
card present fraud & card not present
fraud, social engineering, and more. Given
Europol’s cybercrime findings, this is a
growing problem that will continue to
plague technology users and smart city
deployers well into the future.
To learn more about the Europol
2016 Internet Organised Crime
Threat Assessment visit: www.europol.
europa.eu/content/relentless-growthcybercrime n