Archive Site news Career Contacts
Go To The Main Page
Lit Rus

09/18/2018  The battle for ATMs. How criminals break into self-service devices today

Hacking ATMs with malicious software or traditional physical attacks is becoming one of the most worrisome trends in the banking sector in 2018. The wave of "jackpotting" attacks, which swept across the countries in Asia, North and South America at the beginning of the year, continues as series of similar crimes occur in European countries, including the post-Soviet space. 

The main problem for financial institutions is that they have to protect their self-service infrastructure from completely different types of attacks, and there is no cure-all solution to all possible problems. 

It is important to understand that financial institutions are protecting not only their physical assets (the terminals themselves) and stored money, but also their intellectual property and business-crucial data about their activities and customers, as well as their reputation as reliable providers of banking services. 

However all the threats we will be examining can be divided into three main types. Each group of vulnerabilities has its own specifics and requires the consolidation of multiple departments of the bank (technical department, security department, customer service departments) and an experienced technology partner.

1. Physical attacks on ATMs

According to recent statistics, the most popular attacks on self-service devices are performed with rather primitive means: trying to saw or break open the ATM, which in most cases takes a lot of time and attracts the attention of the police. In 8 out of 10 cases of such physical attacks, it is quite easy to track criminals, and they do not even have time to access the stored money. 

Cybercriminals using special means, in particular, explosives possess a higher threat to banks. For example, an ATM can be filled with gas and blown up, which will attract the attention of the security service only at the very last moment. In recent years, up to 30 such cases have been recorded in the world, and annual damage ranges from 170 to 200 million euros. 

Preventing such attacks is the prerogative of the security service. Reliable installation of self-service devices, effective use of video surveillance systems and quick notifications from the sensors installed on the terminals - help minimize the risk of the criminals disappearing without a trace along with the cash and the self-service device itself.

2. Intrusion attacks through ATMs

An even greater threat comes from attackers being able to access and reprogram the hardware of the self-service device using malicious software installed directly on the terminal itself. To do this hackers drill a small hole to access the ATM computer on which they install special software via the USB port, for example, the Green Dispenser Trojan or the software part of the Cutlet Maker kit, which is freely available to hackers of such devices around the world. 

The malicious software on the compromised devices is not easy to detect for the security staff of the bank, so criminals manage to carry out the preparatory stage without much risk. They seal the video cameras and drill a small hole in the terminals shell (which only takes a few minutes). After that, because ATM computers are usually protected by standard antivirus software or not protected at all, all that is left is to insert a USB stick or gain control of the ATM computer through the USB port. 

The malicious program instructs the dispenser to issue all the banknotes stored in the cassettes of the ATM before the security service has time to respond adequately. The speed and the ease of compromise is why logical attacks are the most effective way of stealing money.

The best way to protect devices from hackers is to use specialized solutions that restrict access to the device from outside processes and other various manipulations. Creating a "sandbox" environment for the hardware and software of the ATM allows you to automatically detect any suspicious activity on the terminal and instantly inform the responsible personnel while simultaneously running one of the protective scenarios.

3. Global malware attacks on the IT infrastructure of the bank

However, often the point of penetration for criminals who want to empty ATMs or payment kiosks is not the terminal itself, but other parts of the bank's IT infrastructure. Unoptimized work processes, high staff rotation with access to important internal information and low technological level of financial organizations makes the attack surface even greater, and the job of the security service becomes greatly complicated. 

For this reason, practically no ATMs are connected to the internal bank network, access to which from the outside is practically impossible. The use of VPNs, TLS protocols, special "firewalls" together with decisions on strict (ultimatum) delineation of access rights allows concentrating protective resources around the most vulnerable part of the banking infrastructure. 

Thus, even in the case of hacking banking databases (for example, Internet banking), ATMs and payment kiosks are relatively safe. Their defense system should be detached and generally independent of what is happening outside of it. Nevertheless, only companies with a large practical experience in this field can check the correctness of the configuration of all self-service device protection systems. 

BS/2 offers comprehensive security audit services for the fleet of banks' self-service devices and protects the most vulnerable part of the infrastructure from attacks of any type. BS/2 offers the ATMeye.iQ solution, which protects more than 80,000 devices worldwide and Diebold Nixdorf’s Vynamic Security solution – a world-leading firm in the field of banking technology. Contact BS/2 representatives for detailed information on the audit procedure, the functionality of the software solutions and the stages of its implementation.

Did you like our material? Subscribe to our regular newsletter to receive the most interesting topics and exclusive offers from BS/2.

  09/13/2018  Five Myths about the Multi-Armed IT Guru to the Programmer's Day
  09/07/2018  Holiday thanks to ... the bug
  09/06/2018  The Internet Provider Penki Supports the Football Team Viltis
  09/04/2018  Penkiu Kontinentu Komunikaciju Centras Will Update the Computer Networks of Kauno Vandenys
  08/23/2018  Payments.iQ - For the Payment Terminals Network in Azerbaijan
  08/14/2018  Modern Cash Management. 5 challenges for Cash Monitoring and Forecasting software solutions
  08/08/2018  ASHBURN International Started to Provide a Service of Dynamic Currency Conversion
  08/07/2018  Liberty Bank Representatives Are Interested in Innovative Banking Solutions
  07/25/2018  The Cryptomate Network Maintenance in Georgia is entrusted to BS/2
  07/20/2018  ASHBURN International - 20 years
  07/19/2018  All-seeing eye. Why video surveillance of ATMs is necessary not only for the bank's security service
  07/13/2018  Insurance Brokers Offer Customers a More Convenient Way to Pay for Service
  07/12/2018  Deeper Synergy of .iQ and Vynamic products
  07/10/2018  ASHBURN International Completed VISA PIN Certification
  06/21/2018  How to make your ATMs earn
  06/20/2018  BS/2 maintains 13,000 POS-terminals in Georgia
  06/15/2018  How to choose the best Automated Teller Safe? Top-5 Teller Cash Recyclers
  06/11/2018  The Focus of the Diebold Nixdorf Partner Summit Is an Individual Approach to the Client
  06/07/2018  BS/2 Was Awarded for Successful Projects Implementation in Azerbaijan
  06/05/2018  PENKI Offers a New Services Package - Mobile Internet
  05/29/2018  Why Vynamic™ Security Suit is more effective than traditional antiviruses
  05/24/2018  ASHBURN International is the First in the Baltic States to Offer New Ingenico Products
  05/17/2018  5 tips how to organize professional service of banking equipment using specialized software
  05/11/2018  BS/2 Is Recognized As the Best Export Company of the Year
  05/10/2018  TransLink.iQ Presentation to Pro?redit Group
  05/09/2018  Self-service Cash Collection: How to use Automated Deposit Machines in banking and retail
  04/24/2018  BankExpo 2018: A Breakthrough in the FinTech Development in Uzbekistan
  04/20/2018  Investing in your own peace of mind: how video surveillance solutions help ensure banks security
  04/18/2018  Cash Management.iQ: estimating the price of CIT operations
  04/16/2018  Innovative Banking Technologies and Equipment at BankExpo 2018
  04/12/2018  The present-day future. 3 myths about video banking
  04/10/2018  Representatives of ASHBURN International visited the largest single national processing center in Uzbekistan
  04/05/2018  ASHBURN International Invested Over €1m in Its POS Terminal Network Upgrade
  04/05/2018  EcoVadis Silver Rating Granted to BS/2
  04/04/2018  TransLink.iQ Introduced in the UK
  03/15/2018  The BS/2 installed first ATMs in Latvia supporting contactless cards
  03/15/2018  The World's Largest Software Developers Laid Foundation for Common SSL Certification Standards
  03/12/2018  Ingenico Introduces Innovative Payment Solution for Small and Medium-Sized Businesses
  03/09/2018  Over €2m Invested in Penki Network
  03/08/2018  In search of the perfect POS-solution. Penki Kontinentai Group visited EuroCIS 2018
  03/06/2018  How to protect ATM from jackpotting: Vynamic Terminal Security
  03/01/2018  4 upgrades that made ATMeye.iQ the best solution for ATM video security in 2017
  02/27/2018  ATMeye.iQ Installed in Vietnamese Major Bank’s ATMs
  02/22/2018  BS/2 among the Strongest Lithuanian Companies
  02/21/2018  "Internet today it’s an ecosystem that stimulates your constant improvement", says Idrakas Dadašovas
  02/19/2018  Lithuania Participates in Digital Signatures and E-Business Security System Development
  02/15/2018  Penki Kontinentai Ties with Azerbaijan: Business and Beyond
  02/15/2018  Penki Kontinentai: €3.5 Million in Profit in 2017
  02/12/2018  Skynet Fiber Optic Internet Provider Becomes Penki
© Penki Kontinentai 1996-2018. All rights reserved