Two Types of ATM Security Attacks on the Rise


Recent attacks on ATMs have come in the form of Logical Attacks (Black Box and Malware type attacks designed to ‘jackpot’ the cash inside an ATM) and Transaction Reversal Fraud (method of obtaining cash without the account used to initiate the transaction being debited). The US Secret Service issued a press release warning North American ATM Deployers and Financial Institutions to protect against these attacks.

Logical Attacks can be installed onto the ATM when it is both offline and online. The capability of attacking the ATM when it is both online and offline enables criminals to act when financial institutions least expect it. Some of the ways in which it can be installed when the ATM’s hard disk drive is online are:

  • If a USB device is inserted with auto-run enabled
  • By accessing the administrator log in
  • By compromising the locked down account

Some of the methods in which it can be installed offline are:

  • By removing the ATM hard disk drive and mounting it separately to a laptop
  • Inserting removable media and rebooting the software with it

Transaction Reversal Fraud is where criminals typically use anonymous accounts to avoid detection by using stolen, skimmed or prepaid cards. Though Transaction Reversal Fraud has recently seen a rise in the United Kingdom, Ukraine and Canada, North American businesses should stay wary of the practice and best prepare their ATM fleet for protection against this type of attack.

All ATM deployers and Financial Institutions should treat these types of attacks as a call-to-action to take appropriate steps in protecting their ATMs against these forms of attacks and mitigating any potential consequences. Below are a few basic steps you can take to safeguard your ATM fleet are:

  • Scheduling and performing random physical checks of ATMs by branch staff and technicians
  • Using the most up-to-date software and operating systems
  • Ensuring your networks are secure

More advanced preventative measures will be needed because as the complexity of criminals and their attacks grows, so should the security features put in place to prevent them. One of these newer, more complex safety features is the Contactless Card Reader. ATMs not using this feature are at risk in a few ways:

  • The risk remains as long as a magnetic strip remains on cards
  • Chip enabled cards do not solve the problem
  • Card skimming still occurs in EMV markets because data can be used in non-EMV markets

Contactless Readers eliminate the risk of skimming by avoiding the DIP or swipe of the strip altogether. Using the cryptographic capabilities of EMV further increases the benefits available to your ATM fleet.

For more information on Contactless Readers and other advanced safeguards, speak to your security service provider to see what options are available and how you can create a custom security solution fit for your ATM fleet. If you would like further information on how to better protect your financial institution, click the link below to register for an upcoming webinar.

WEBINAR: ATM Security Update
Sept.13 at 9 a.m. PDT

Click here!

Article provided by FTSI.