Online: | |
Visits: | |
Stories: |
Story Views | |
Now: | |
Last Hour: | |
Last 24 Hours: | |
Total: |
A recent report from security firm Trend Micro and the European Cybercrime Center (EC3) highlights the risks posed to ATMs from cyberattacks.
For many years ATMs were unattractive targets for cyberattackers because ATMs often used proprietary software developed by each ATM manufacturer. ATMs were also difficult to hack because many were not easily accessible online, so an attack would require someone to physically access the computer in the ATM to load malware.
Two changes have made ATMs much more attractive targets. The first change was standardization of ATM operating systems. A majority of the 3 million ATMs in operation worldwide still run a version of Windows XP or Windows XP Embedded. Some ATMs run on even older Windows operating systems. Standardized operating systems mean that malware developed to exploit a security flaw can take advantage of many more ATMs.
The problem for banks is that many of these operating systems are now outdated. Microsoft discontinued support for Windows XP on April 8, 2014, and for Windows XP Embedded on January 12, 2016. This blog has previously explained the importance of regularly updating software. Microsoft’s decision to discontinue support for ATM operating systems means that those systems will no longer receive updates in response to security holes that cyberattackers identify. Any security flaw that existed in an ATM operating system as of the date that service was discontinued will exist as long as that ATM still relies on that operating system.
The second change that made ATMs more attractive to cyberattackers was the rise of third-party services that give banks the ability to manage ATMs remotely. This so-called “middleware” gives cyberattackers a new vector that they can exploit to access ATMs remotely.
Consequently, according to Trend Micro and EC3, attacks on ATMs increased 15% from 2014 to 2015 in Europe. Statistics were not available for the United States, but there is no reason to think that there are fewer instances of fraud in the United States than in Europe.
Cyberattackers are currently experimenting with a variety of malware that can compromise ATMs. The most common attacks will either cause an ATM to “jackpot”—dispense all of the currency from its safe—or turn the ATM into a card skimmer that records and transmits to cyberattackers card and pin numbers.
As with any new cyberthreat, there is not one solution that will protect ATMs. However, there are several industry recommendations supported by Trend Micro and EC3:
ATM attacks are likely to increase in the coming years, particularly if there is no concerted effort to update ATM operating systems. Banks should be mindful of the risks and take appropriate steps to mitigate those risks.
The material in this blog is not intended, nor should it be construed or relied upon, as legal advice. Please consult with an attorney if specific legal information is needed.