The IDG News Service is reporting that a Bank of America (BofA) computer specialist who designed and maintained computer systems -- including those used in ATMs -- will plead guilty to charges that he hacked the bank's automated tellers to dispense cash without recording the activity.
[Rodney Reed] Caverly was charged last week with one count of computer fraud for allegedly writing a malicious program that ran on Bank of America's computers and ATMs, according to court filings. The documents say Caverly made more than the statutory minimum of US$5,000 from the scam, but they do not spell out the bank's total losses. That number could come out when his plea is entered next week.
He faces a maximum sentence of five years in prison.
This kind of "insider threat" is often overlooked and underscores the real risk associated with skilled insiders who have a major financial motivation to go rogue. Ever since the ATM skimmer threat exploded in recent years, I make it a point to carefully examine any ATM that I use (I have this habit of physically yanking at the card slot) but I'm always mindful that there is always a risk.
I sometimes see maintenance folks (bank employees, I presume) opening up ATMs at banks, presumably to fix something and wonder if that's indeed a legitimate serviceman tinkering with such a sensitive device.