Recent ATM jackpotting attacks, otherwise known as logical attacks, are a crippling threat to financial institutions and independent ATM deployers. While these attacks do not jeopardize consumer information or funds in any way, ATM deployers can lose a great deal of money in a single attack depending on the dispenser and denomination of notes loaded.
Financial institutions and independent deployers alike should perform a risk assessment on their terminals, especially those in isolated locations. Ensuring hardware and software are not outdated is the first step in avoiding a logical attack. ATM owners can avoid becoming a victim of ATM jackpotting by exploring and instituting these protective measures:
Operating System and Firmware Updates
According to a new white paper from MVP Financial Equipment, Increasing Security at the ATM: Counteracting ATM Jackpotting, many of the terminals compromised in jackpotting attacks were still operating on the Windows XP platform. In 2014, Microsoft announced end-of-life for Windows XP leaving ATMs still using that operating system especially vulnerable without security patches and vital updates. Running unsupported software is not advisable, and many experts suggest upgrading to a Windows 7 or a Windows 10 operating system.
Windows 7 is more secure than XP, however Windows 7 will meet end-of-life in January 2020 leaving many ATM operators in the same situation they now face. Windows 10 is considered the most advanced upgrade on the market with built-in security against cyber threats.
Firmware updates, the software programs that run peripherals, such as the card reader or cash dispenser, is vital to security of the ATM operating system, and should be updated as well as directed by the manufacturer.
Management and Monitoring Solutions
Complete protection goes beyond software, firmware and hardware updates. Standard behavior monitoring is built in to the newest operating systems like Windows 10. When used with video or other security sensors, these monitoring features help the terminal sense “non-standard” actions and shut the terminal down to avoid fraudulent activity.
Some companies offer a more comprehensive management solution that includes controlled access management, fraud detection and alerts, profile management to detects changes in hardware or software on an ATM, and real-time, instant status monitoring for any terminal in the network. For large fleets, complete ATM management software is an ideal solution that allows the master user to control service technician access and generate management reports for each terminal in addition to the included security features.
Limit Top Box Access
Logical attacks require some degree of system access. Blocking potential access ports and controlling who has access to sensitive components on a terminal, such as the main board and cash dispenser, are strong preventative measure against ATM jackpotting. This can be accomplished by maintaining a database of who has access to top box keys and installing an access management module that allows access for service technicians and other vital personnel via a one-time code (OTC). Alarm sensors can also be installed to alert location personnel of ATM access.
A solid prevention strategy can greatly reduce the risk to ATM terminals. To learn more on preventative measures and ATM jackpotting, download the white paper Increasing Security at the ATM: Counteracting ATM Jackpotting.