The past two years have seen “jackpotting” and other technological attacks spike for ATMs in the United States and around the world. The reason is the same as it has always been – criminals want easy access to cash.
ATMs create a high level of convenience for bank and credit union account holders. Unfortunately, for criminals they can also be viewed as unattended cash vaults. An enterprising villain looks at the standard ATM and sees a computer with all the potential vulnerabilities of any other computer but with cash rather than data as the prize for breaching it. Those lacking technical knowledge might resort to more physical attacks to get at the cash inside.
Here are three ways financial institutions can help deter a variety of ATM attacks.
1. Dye Packs – Dye packs are widely used in Europe, which have been dealing with increased physical attacks for much longer than U.S. financial institutions. According to Patrice Rullier, Managing Director for Oberthur, at his session on physical ATM attacks at the ATMIA US Conference 2019, dye packs stand out as a tactic that has successfully been used to decrease ATMs attacks in Europe and other parts of the world.
The use of dye packs renders the notes unusable and, often, the dyed money is left behind and found with the tampered machine. Posted warnings of the use of these preventative measures can help deter criminals and dyed cash can assist with the capture of those individuals responsible for the attack on the machine.
2. Lock Down ATM Software – There have been instances of ATM attacks involving both remote and on-site hacking. Remote attacks rely on discoverable network access to the machine. On-site hacks typically involve plugging in an additional device to an exposed USB or other port. No matter the strategy, experts agree locking down the ATM software using these steps will help reduce overall risk to any machine.
Remove software that is not necessary for ATM functionality. In cases where removal is not possible, use security tools to restrict the software.
Create a whitelist for application control. Avoid built-in operating system services and applications which are not essential to ATM operation.
Limit the ability to modify registry values, run arbitrary programs and edit files.
Use a software or hardware VPN client located inside the ATM for network access.
Implement a firewall allowing remote access to only the services needed for ATM operation and only allow remote access from whitelisted administrator addresses.
Keep software up to date with the latest versions and patches.
3. Cameras – Photographic and video cameras on and around the ATM can help deter criminals and provide identifying information in the event an incident occurs. Even clothing used to obscure features can become an identifier if pictures and footage are provided to authorities promptly.
These three strategies, while not a complete list of available security measures, are a good start for any financial institution looking to protect their account holders, their workers and the cash in the ATM.