Three Surefire Ways to Protect Your ATM Network

By Steve Gilde06.12.2017

ATMs have always been alluring to criminals, as these machines can hold as much as $100,000 to $200,000 in cash at any given time. A successful ATM breach can be 10 times more lucrative than a bank robbery, according to the American Bankers Association. Such a temptation can be hard for a thief to resist.

A physical ATM attack is extremely arduous. It takes several individuals to lift the average ATM and intricate planning to work out the logistics of transporting it. If criminals do succeed in moving the machine, they must then determine how to break into it and access the money, which often involves an explosion.

Skimming presents an easier route to breaching ATMs. Criminals don't have to break a sweat to deploy the inconspicuous hardware used to steal consumers' card information. Because of this, skimming has become the ATM attack of choice in the U.S.

According to FICO, the number of compromised cards in the U.S. increased 70 percent in 2016, and the number of compromised ATMs nationwide grew 30 percent. The average cost per incident to ATM network providers has also increased, from $30,000 to $50,000, according to the U.S. Secret Service. 

With the EMV liability shift for MasterCard last October and the looming shift for Visa this October, more ATMs are becoming EMV compliant and, therefore, more secure.

According to MasterCard, about 50 percent of its live ATMs are now EMV enabled; Visa reports that approximately 25 percent of its U.S.-based ATMs are EMV enabled.

As more payment cards and ATMs migrate to EMV, it becomes more difficult for criminals to profit by using skimmed card data on counterfeit cards at ATMs and POS terminals.

It would be logical to assume that because of the newfound security associated with EMV-enabled ATMs, thieves might move on to easier targets. That assumption, however, would be incorrect.

As long as EMV-enabled cards still have a magnetic stripe on the back, skimming is a possibility. This stolen data can still be used at non-EMV terminals, despite their shrinking numbers, not to mention online, where EMV is not a factor.

Besides, ATMs still present other vulnerabilities that can be exploited by a reasonably intelligent and opportunistic thief.

Last month, cybersecurity firm Kaspersky detailed a new type of ATM attack that combines both hardware and software vulnerabilities.

Hackers use a portable drill and a $15 homemade mechanism to penetrate the machine and introduce malware that instructs the ATM's software to dispense all or most of its cash.

This method of attack has been carried out in Russia and countries throughout Europe, and the FBI has warned that ATMs in the U.S. are vulnerable as well.

Ransomware has also been on the rise. This malicious malware locks users out of their computers and software systems until a ransom is paid. Earlier this month, a widespread attack using Wannacry ransomware affected more than 100 counties and 10,000 organizations worldwide, according to Gartner.

ATMs in certain regions — particularly India and China — were reportedly taken offline by operators worried that their systems could be compromised, causing confusion and anxiety among cardholders.

Compromised ATMs are costly in terms of both monetary loss and reputational damage associated with security breaches. ATM network operators must protect themselves and their customers with a multilayered security approach that takes into account every type of attack, implementing measures that include:

1. Onsite monitoring.

Physical ATM attacks are almost impossible to prevent altogether, but steps can be taken to help reduce risk. Absconding with an ATM is not a simple process, and criminals need a significant head start to succeed. Onsite monitoring systems such as cameras and sensors can help to discourage these attacks.

2. Software maintenance and testing.

Safeguarding software is a little more complicated. ATM network operators must be proactive about securing and testing the ATM operating environment. Many organizations still rely on legacy testing methods that are manual and cumbersome.

Because of the expense of this approach, tests are often conducted with less frequency and rigor, leaving too much to chance and making it difficult to effectively defend against criminals.

Failure to update and fully test software can leave ATMs vulnerable, as the Wannacry ransomware attack demonstrated. Windows XP, an outdated system still used to drive an estimated 50 percent of ATMs around the globe, was considered one of the most significant vulnerabilities.

To optimally protect machines, deployers should implement regular upgrades and automated, continuous testing to increase code coverage and minimize the threat from an attack.

3. Consumer education.

Another way to help protect against hackers at the ATM is consumer education. Through signage and open communication about warning signs of ATM compromise and best practices for card protection and personal safety, consumers can play a big role in protecting themselves.

The ATM is celebrating its 50th anniversary this year and, with financial institutions continuously introducing new self-service capabilities for customers, it is unlikely that they're going anywhere anytime soon. 

Unfortunately, neither are the fraudsters. And too often, organizations rely on an "it can't happen to me" mentality when it comes to fraud — that is, until it does happen to them.

With appropriate surveillance tools, system updates, testing solutions and consumer education, ATM network operators can make their machines — and the consumers who use them — just that much safer.

Steve Gilde is director of global product marketing for Paragon Application Systems. Reprinted with permission from ATM Marketplace, a leading provider of news and information regarding the ATM industry.

Comments (0)