Although digital banking is popular, people still use ATMs every day, inputting codes and unintentionally subjecting themselves to skimmers. However, card number theft isn’t the only concern. The potential for ATMs to be used as a gateway for other types of broader data breaches is often underestimated.
Cybersecurity experts must fight outdated systems throughout bank networks. From security operation centers to endpoint security, ATMs must be a top priority for IT professionals.
Cybersecurity Threats Facing ATMs
ATMs are attractive targets because they dispense cash instantly. Many machines work on an older infrastructure and can run Windows XP or Windows 7. At the same time, they connect to the backend via TCP/IP, opening them to skilled hackers.
Savvy cybercriminals know they can access cash, skim data, control accounts and occasionally get into the entire financial institution’s systems. Here are the ways they get into the system and how to secure an ATM against these attacks.
1. Skimmers
Local criminals connect an external device — also called a black box — to the physical ATM. When the user punches in their code and other details, the skimmer collects the data. The hacker can either collect the skimmer later and download the data or pull up the system on a mobile device connected to the skimmer and instantly access accounts.
The United States Secret Service works closely with financial institutions to solve crimes and reports annual losses of hundreds of millions of dollars for consumers. For those working in fintech, awareness is the first step to stopping black boxes on ATM machines. Educating customers on what to look for so they can alert bank management may be one of the most powerful ways to stop skimmers.
2. Malware
Ploutus.D and Cutlet Maker are two malware programs that let thieves grab cash or steal debit card data. Cybersecurity professionals can run simulations with sample ATM machines to see where the weaknesses are and how to circumvent them to stop hackers in their tracks.
Malware may be injected into the system via backdoors in the network or a USB device. Cybersecurity professionals should be wary of any third parties accessing bank accounts.
3. Easy Logins
Humans are creatures of habit. They tend to use the same password across accounts, even when warned not to. Even worse, the password may be easy to guess, like a child’s birthday or the user’s name.
Cybersecurity professionals must require customers to choose a complex password or phrase. Adding features like multifactor authentication can reduce the number of breaches at a financial institution.
4. Network Intrusions
One of the most significant threats to ATMs is network intrusions. Hackers can access communication channels between the ATM and backend servers. Since many banks use remote servers, this opens the system up to attacks.
Once they are in the system, cybercriminals can manipulate figures, inject malware, create open doors to access the system later and push through transactions. IT should lock down remote access via Telnet, SSH and RDP.
Cybersecurity is more crucial than convenience. Access can be temporarily unlocked if staff needs to access the system. Access can also be restricted by IP and require multifactor authentication — one of the most crucial steps to implement. The future may see more biometric authentication measures with facial recognition or fingerprint usage.
5. Vendor Access
Banks deal with numerous third parties accessing their system. The complex ecosystem of contracts, remote monitoring, software updates and cash logistics providers like armored transport all mesh together into a complex computer organism. Every business or person dealing with the bank on some level has network access to the ATM.
Unfortunately, outside companies may not have the regulations of a financial institution or robust security measures in place. Hackers can get in through their credentials and upload malware or breach data.
Cybersecurity professionals can implement data-protecting controls by creating a policy on who can enter the system, what controls they have and when they can access the databases. IT must segment the network to separate different entities and access. Real-time monitoring is crucial as is an immediate response to hacking attempts.
The Future of ATM Cybersecurity
As technology advances, so do the capabilities of cyberthieves. AI takes on the role of protector, but criminals can also use AI to test for ATM vulnerabilities. In the future, ATM security will triangulate between human oversight, AI monitoring for anomalies and segmented networks.
Many banks are already implementing more stringent procedures. Experts must learn how to embrace each new advancement in technology and rise above the challenges for a secure banking system.
As the Features Editor at ReHack, Zac Amos writes about cybersecurity, artificial intelligence, and other tech topics. He is a frequent contributor to Brilliance Security Magazine.
.
.
Follow Brilliance Security Magazine on Twitter and LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information. BSM is cited as one of Feedspot’s top 10 cybersecurity magazines.